Laptop freezing and anti virus programs freezing at the end of scans.

Here is the OTL Log, my laptop keeps freezing and my dekstop is losing icons. Also my anti-virus programs, Kaspersky and Microsoft won't finish scanning, they freeze up at the end. I have run Mal warebytes and it hasn't caught anything but my Microsoft Security did detect two threats yesterday and removed it but the laptop is still acting screwy, even worse today, I'll post that down after the OTL and Extra Logs. Here is OTL

OTL logfile created on: 11/10/2011 6:30:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Imy\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 52.02% Memory free
6.14 Gb Paging File | 4.62 Gb Available in Paging File | 75.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 451.07 Gb Total Space | 320.64 Gb Free Space | 71.08% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 13.73 Gb Free Space | 93.70% Space Free | Partition Type: NTFS
Drive F: | 5.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: IMY-PC | User Name: Imy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/10 17:44:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Imy\Downloads\OTL.com
PRC - [2011/09/08 07:49:35 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/12/29 02:44:10 | 000,591,248 | ---- | M] (Oberon Media ) -- C:\Program Files\GamesBar\SearchEngineProtection.exe
PRC - [2010/12/14 09:02:39 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010/07/01 21:34:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe
PRC - [2009/05/28 13:28:18 | 001,320,288 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2009/05/11 11:21:52 | 000,483,428 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/05/11 11:21:10 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
PRC - [2009/04/23 14:14:38 | 002,915,408 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2009/04/10 22:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/09 13:29:00 | 001,762,032 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/02/04 18:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/12/18 11:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/12/11 08:31:00 | 000,722,256 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/07 14:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 14:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/03/17 08:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/02/14 15:23:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcccoms.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/14 04:39:04 | 015,882,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\b438fae7231dfbdb7e8b126b0e05cf0d\MenuSkinning.ni.dll
MOD - [2011/10/14 04:38:50 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\4bcdb78436b238b92d3bfc16d2da53e0\VistaBridgeLibrary.ni.dll
MOD - [2011/10/14 04:38:48 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011/10/14 04:38:47 | 002,574,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\3066752682e1f12d66985ab33b768391\DellDock.ni.exe
MOD - [2011/10/14 04:38:45 | 000,286,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\ec83141261c770f0d8adea4c1674fd9a\MyDock.Util.ni.dll
MOD - [2011/10/14 04:38:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/14 04:38:26 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b88a2bf58d8529fc33f8f3437a7ff06\System.Web.Services.ni.dll
MOD - [2011/10/14 04:38:23 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2011/10/14 04:15:54 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/14 04:15:38 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/14 04:15:30 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/14 04:14:22 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/14 04:13:11 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/08/22 00:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/04/09 13:29:00 | 001,762,032 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/04/09 13:29:00 | 000,263,920 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll
MOD - [2009/04/09 13:29:00 | 000,132,336 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/04/09 13:29:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll
MOD - [2009/04/09 13:29:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009/04/09 13:29:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/12/14 09:02:39 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/08/05 14:32:54 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/05/12 05:20:06 | 000,282,624 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\ykx32mpcoinst.dll -- (yksvc)
SRV - [2009/05/11 11:21:10 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe -- (AESTFilters)
SRV - [2008/12/18 11:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/05/14 07:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/05/14 07:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/05/14 07:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/05/07 14:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/20 18:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/14 15:23:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcccoms.exe -- (dlcc_device)


========== Driver Services (SafeList) ==========

DRV - [2011/11/10 18:24:25 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A3CFDC5-AAB4-46CD-8609-E481970782B2}\MpKsl7ede0420.sys -- (MpKsl7ede0420)
DRV - [2011/11/10 17:29:49 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A3CFDC5-AAB4-46CD-8609-E481970782B2}\MpKsl4db67f08.sys -- (MpKsl4db67f08)
DRV - [2011/11/10 15:34:51 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A3CFDC5-AAB4-46CD-8609-E481970782B2}\MpKsl137571b0.sys -- (MpKsl137571b0)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/12/14 09:02:39 | 000,488,024 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/05/11 11:21:58 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/02/22 04:56:52 | 000,921,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/01/20 18:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/01 23:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aol.com/?ncid=customie9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/?ncid=customie9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
IE - HKCU\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://start.pogo.iplay.com/?o=shp"
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.12
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.1.400
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.1.400
FF - prefs.js..extensions.enabledItems: gamesbar@oberon-media.com:1.1.0.81
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Imy\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/29 19:36:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/10 18:08:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010/12/14 08:18:51 | 000,000,000 | ---D | M]

[2010/12/14 12:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Imy\AppData\Roaming\Mozilla\Extensions
[2011/11/03 15:51:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions
[2010/12/29 12:59:42 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/12/29 12:59:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/08 07:50:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/29 12:59:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/28 20:34:49 | 000,000,000 | ---D | M] (Oberon GamesBar) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\gamesbar@oberon-media.com
[2011/11/10 18:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/10 18:08:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/01/31 12:08:22 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010/12/16 03:27:53 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2011/11/10 18:08:00 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/28 20:34:50 | 000,001,600 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober313153240.xml

========== Chrome ==========

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: Verizon Servicepoint (Enabled) = C:\Program Files\Verizon\VSP\nprpspa.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AOL News Toolbar Loader) - {9be4cb12-499d-4886-a444-78dce8571dde} - C:\Program Files\AOL News Toolbar\aolnewstb.dll (AOL LLC.)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.81\oberontb.dll (Oberon Media Ltd.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (AOL Email Toolbar Loader) - {fbea8524-8c72-4208-9d12-7fb73e9926eb} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AOL News Toolbar) - {142b34db-65ac-47e8-8a7f-026e3ec79fca} - C:\Program Files\AOL News Toolbar\aolnewstb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\2.0.1.81\oberontb.dll (Oberon Media Ltd.)
O3 - HKLM\..\Toolbar: (AOL Email Toolbar) - {a3704fa3-dbf6-46b5-b95e-0677dfd39577} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL News Toolbar) - {142B34DB-65AC-47E8-8A7F-026E3EC79FCA} - C:\Program Files\AOL News Toolbar\aolnewstb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Email Toolbar) - {A3704FA3-DBF6-46B5-B95E-0677DFD39577} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray File not found
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\GamesBar\SearchEngineProtection.exe (Oberon Media )
O4 - Startup: C:\Users\Imy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O8 - Extra context menu item: &AOL Email Toolbar Search - C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm ()
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.dmtc.com/live/AxisCamControl.ocx (CamImage Class)
O16 - DPF: {A021A215-6CDC-44B4-8C16-90491CED9605} http://www.worldwinner.com/games/v68/clue/clue.cab (Clue Control)
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} http://clubgames.pogo.com/online2/pogop/diner_dash_flo_on_the_go/ddfotg.1.0.0.33.cab (CPlayFirstddfotgControl Object)
O16 - DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} http://racing.youbet.com/wr_9_3/controls/YBUICtrl.cab (YBUICtrl.FloatWnd.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553552000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C6AAD93-31EE-48A0-BB5E-7EE43C2EB1C1}: DhcpNameServer = 192.168.1.1 192.168.1.1 192.168.2.1
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) -C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Imy\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Imy\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/09/15 23:07:13 | 000,054,544 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011/09/15 20:58:13 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{2c780010-81e1-11de-9381-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2c780010-81e1-11de-9381-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2011/09/15 23:07:13 | 000,054,544 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{3b1893b2-86be-11de-82fa-0025644a01db}\Shell\AutoRun\command - "" = D:\LinksysConnectPC.exe
O33 - MountPoints2\{3b1893b7-86be-11de-82fa-0025644a01db}\Shell - "" = AutoRun
O33 - MountPoints2\{3b1893b7-86be-11de-82fa-0025644a01db}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 10:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2011/01/28 16:55:34 | 020,367,424 | ---- | M] (The GIMP Team ) -- C:\Users\Imy\gimp-2.6.11-i686-setup-1.exe
[2011/01/31 12:36:41 | 115,652,856 | ---- | M] (Kaspersky Lab) -- C:\Users\Imy\kis11.0.2.556EN-US.exe
[2011/01/14 07:55:43 | 007,866,472 | ---- | M] (Microsoft Corporation) -- C:\Users\Imy\mseinstall.exe
[2010/12/27 15:14:59 | 001,228,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Imy\Photoshop_12_LS1.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/09/29 19:35:52 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/09/29 19:35:56 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/09/29 19:36:01 | 000,246,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/12/27 15:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/12/27 15:24:12 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
[2009/12/08 14:45:32 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Email Toolbar
[2009/10/23 14:39:10 | 000,000,000 | ---D | M] -- C:\Program Files\AOL News Toolbar
[2011/06/22 09:16:45 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Toolbar
[2011/06/25 08:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/02/21 20:35:35 | 000,000,000 | ---D | M] -- C:\Program Files\Barnes & Noble
[2011/09/18 15:40:28 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/12/02 16:10:35 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2009/12/02 15:47:19 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2009/08/05 14:32:54 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2011/11/10 18:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/08/05 14:41:11 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2009/12/16 14:28:58 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2009/08/05 14:35:49 | 000,000,000 | ---D | M] -- C:\Program Files\Dell DataSafe Online
[2009/08/05 14:20:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Inc
[2011/10/18 14:22:38 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2009/09/14 09:38:27 | 000,000,000 | ---D | M] -- C:\Program Files\dl_Cats
[2011/10/18 09:05:17 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2011/03/28 20:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\GamesBar
[2011/01/28 17:10:43 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2010/12/14 06:23:39 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/08/05 09:02:21 | 000,000,000 | ---D | M] -- C:\Program Files\IDT
[2011/10/18 09:05:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/08/05 14:21:19 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/10/14 04:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/09/18 15:45:06 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/09/18 15:45:49 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/08/05 14:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/14 08:18:33 | 000,000,000 | ---D | M] -- C:\Program Files\Kaspersky Lab
[2011/11/10 09:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/04 12:24:44 | 000,000,000 | ---D | M] -- C:\Program Files\MFInstall
[2009/08/05 14:38:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/11/10 16:14:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/11/06 15:17:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2011/10/14 04:09:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/08/05 14:39:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/08/05 14:40:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2010/06/16 19:44:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/08/16 06:23:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft WSE
[2010/06/25 20:00:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/12 04:58:58 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/10/20 13:13:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/08/11 13:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/11/09 12:33:08 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2011/09/25 12:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\Origin
[2011/06/03 12:32:56 | 000,000,000 | ---D | M] -- C:\Program Files\Origin Games
[2011/03/08 13:37:03 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2011/09/18 15:22:11 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/06/15 15:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2009/08/05 14:32:41 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/01/04 09:42:57 | 000,000,000 | ---D | M] -- C:\Program Files\Snap 'n Share
[2009/08/05 16:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2011/07/15 16:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\twinspires
[2006/11/02 04:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/10/07 11:15:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/10/07 11:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/10/07 11:15:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/08/05 14:40:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/08/05 14:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2011/11/10 05:08:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/14 05:49:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/10/07 11:15:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/18 06:57:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/10/07 11:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/09/08 07:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 01:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009/04/10 22:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 22:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 18:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 18:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 01:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/04/11 11:01:42 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

< MD5 for: DISK.SYS >
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/20 18:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/20 18:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 01:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTOR.SYS >
[2008/05/07 14:40:38 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Drivers\storage\R197861\IaStor.sys
[2008/05/07 14:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\drivers\iaStor.sys
[2008/05/07 14:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_8e717be2\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 18:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 01:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-10 17:18:39

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Files - Unicode (All) ==========
[2009/08/11 14:59:05 | 000,000,036 | ---- | M] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/08/11 14:59:05 | 000,000,036 | ---- | C] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:539420FF
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2B99FE60

< End of report >

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - AOL Toolbar
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{91196504-58DD-4876-8C4F-D871B685D5AC} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.JDCT - jl_jdct.drv File not found
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/10 18:10:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/11/10 18:10:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/11/10 18:08:51 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/11/10 18:08:51 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/11/10 18:08:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/11/10 18:08:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/10/18 14:22:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/10/13 16:33:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/13 16:33:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/13 16:33:31 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/10/13 16:33:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/13 16:33:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/13 09:14:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/13 09:14:03 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/13 09:14:03 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/13 09:14:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/13 09:14:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/13 09:13:31 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/13 09:13:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/12/13 19:48:55 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.50.0.0.exe
[2010/03/19 10:53:59 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\Imy\AppData\Roaming\DataSafeDotNet.exe
[2007/02/14 15:23:20 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlccih.exe
[2007/02/14 15:23:18 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlcccoms.exe
[2007/02/14 15:23:18 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlcccfg.exe
[2006/12/20 16:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlccpmui.dll
[2006/12/20 16:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlccserv.dll
[2006/12/20 16:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcccomm.dll
[2006/12/20 15:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcclmpm.dll
[2006/12/20 15:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcciesc.dll
[2006/12/20 15:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlccpplc.dll
[2006/12/20 15:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcccomc.dll
[2006/12/20 15:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlccprox.dll
[2006/12/20 15:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlccinpa.dll
[2006/12/20 15:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlccusb1.dll
[2006/12/20 15:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcchbn3.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/10 18:32:04 | 000,606,602 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/10 18:32:04 | 000,105,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 18:24:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/10 18:24:07 | 3179,663,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/10 18:07:58 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/11/10 18:07:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/11/10 18:07:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/11/10 18:07:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/11/10 15:30:03 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/11/10 09:21:01 | 000,000,932 | ---- | M] () -- C:\Users\Imy\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/07 08:43:40 | 000,870,128 | ---- | M] () -- C:\Users\Imy\AppData\Roaming\mcs.rma
[2011/11/07 08:43:40 | 000,000,004 | ---- | M] () -- C:\Users\Imy\AppData\Roaming\2E2788
[2011/11/06 15:17:06 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/11/03 12:17:23 | 000,247,179 | ---- | M] () -- C:\Users\Imy\Documents\Asunder.jpg
[2011/11/03 12:16:24 | 000,272,545 | ---- | M] () -- C:\Users\Imy\Documents\cbyear.jpg
[2011/10/28 17:42:46 | 000,006,656 | ---- | M] () -- C:\Users\Imy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/23 07:24:59 | 000,006,080 | ---- | M] () -- C:\Users\Imy\AppData\Local\d3d9caps.dat
[2011/10/20 06:34:17 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/10/19 10:05:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2011/10/14 04:12:33 | 003,663,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/10 17:29:35 | 3179,663,360 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/06 15:15:44 | 000,001,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/11/03 12:17:20 | 000,247,179 | ---- | C] () -- C:\Users\Imy\Documents\Asunder.jpg
[2011/11/03 12:16:20 | 000,272,545 | ---- | C] () -- C:\Users\Imy\Documents\cbyear.jpg
[2011/10/19 08:35:11 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2011/10/18 14:22:56 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/10/18 14:22:53 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/08/17 18:27:21 | 000,006,656 | ---- | C] () -- C:\Users\Imy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/14 08:19:34 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/12/14 08:19:34 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/10/06 07:01:16 | 000,870,128 | ---- | C] () -- C:\Users\Imy\AppData\Roaming\mcs.rma
[2010/10/06 07:01:16 | 000,000,004 | ---- | C] () -- C:\Users\Imy\AppData\Roaming\2E2788
[2010/01/04 09:42:53 | 000,118,784 | ---- | C] () -- C:\Windows\System32\PTTreeIcons.dll
[2009/11/05 05:16:21 | 000,006,080 | ---- | C] () -- C:\Users\Imy\AppData\Local\d3d9caps.dat
[2009/09/16 13:25:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 13:25:01 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/08/11 15:01:44 | 170,184,480 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/08/05 16:57:13 | 000,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009/08/05 16:57:13 | 000,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/08/05 16:57:13 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/08/05 16:57:13 | 000,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/04/11 11:18:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/04/11 09:26:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/02/07 11:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcccoin.dll
[2007/01/26 06:11:42 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlccinsr.dll
[2007/01/26 06:11:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcccur.dll
[2007/01/26 06:09:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlccjswr.dll
[2007/01/26 05:59:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlccinsb.dll
[2007/01/26 05:58:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcccub.dll
[2007/01/26 05:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcccu.dll
[2007/01/26 05:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlccins.dll
[2007/01/26 05:53:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlccutil.dll
[2007/01/22 01:24:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcccfg.dll
[2006/11/02 04:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 04:44:53 | 003,663,632 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 02:33:01 | 000,606,602 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 02:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 02:33:01 | 000,105,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 02:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 02:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 00:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 10:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2011/01/28 16:55:34 | 020,367,424 | ---- | M] (The GIMP Team ) -- C:\Users\Imy\gimp-2.6.11-i686-setup-1.exe
[2011/01/31 12:36:41 | 115,652,856 | ---- | M] (Kaspersky Lab) -- C:\Users\Imy\kis11.0.2.556EN-US.exe
[2011/01/14 07:55:43 | 007,866,472 | ---- | M] (Microsoft Corporation) -- C:\Users\Imy\mseinstall.exe
[2010/12/27 15:14:59 | 001,228,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Imy\Photoshop_12_LS1.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/09/29 19:35:52 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/09/29 19:35:56 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/09/29 19:36:01 | 000,246,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/12/27 15:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/12/27 15:24:12 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
[2009/12/08 14:45:32 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Email Toolbar
[2009/10/23 14:39:10 | 000,000,000 | ---D | M] -- C:\Program Files\AOL News Toolbar
[2011/06/22 09:16:45 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Toolbar
[2011/06/25 08:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/02/21 20:35:35 | 000,000,000 | ---D | M] -- C:\Program Files\Barnes & Noble
[2011/09/18 15:40:28 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/12/02 16:10:35 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2009/12/02 15:47:19 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2009/08/05 14:32:54 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2011/11/10 18:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/08/05 14:41:11 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2009/12/16 14:28:58 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2009/08/05 14:35:49 | 000,000,000 | ---D | M] -- C:\Program Files\Dell DataSafe Online
[2009/08/05 14:20:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Inc
[2011/10/18 14:22:38 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2009/09/14 09:38:27 | 000,000,000 | ---D | M] -- C:\Program Files\dl_Cats
[2011/10/18 09:05:17 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2011/03/28 20:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\GamesBar
[2011/01/28 17:10:43 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2010/12/14 06:23:39 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/08/05 09:02:21 | 000,000,000 | ---D | M] -- C:\Program Files\IDT
[2011/10/18 09:05:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/08/05 14:21:19 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/10/14 04:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/09/18 15:45:06 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/09/18 15:45:49 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/08/05 14:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/14 08:18:33 | 000,000,000 | ---D | M] -- C:\Program Files\Kaspersky Lab
[2011/11/10 09:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/04 12:24:44 | 000,000,000 | ---D | M] -- C:\Program Files\MFInstall
[2009/08/05 14:38:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/11/10 16:14:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/11/06 15:17:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2011/10/14 04:09:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/08/05 14:39:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/08/05 14:40:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2010/06/16 19:44:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/08/16 06:23:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft WSE
[2010/06/25 20:00:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/12 04:58:58 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/10/20 13:13:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/08/11 13:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/11/09 12:33:08 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2011/09/25 12:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\Origin
[2011/06/03 12:32:56 | 000,000,000 | ---D | M] -- C:\Program Files\Origin Games
[2011/03/08 13:37:03 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2011/09/18 15:22:11 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/06/15 15:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2009/08/05 14:32:41 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/01/04 09:42:57 | 000,000,000 | ---D | M] -- C:\Program Files\Snap 'n Share
[2009/08/05 16:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2011/07/15 16:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\twinspires
[2006/11/02 04:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/10/07 11:15:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/10/07 11:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/10/07 11:15:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/08/05 14:40:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/08/05 14:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2011/11/10 05:08:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/14 05:49:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/10/07 11:15:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/18 06:57:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/10/07 11:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/09/08 07:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 01:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009/04/10 22:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 22:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 18:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 18:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 01:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/04/11 11:01:42 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

< MD5 for: DISK.SYS >
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/20 18:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/20 18:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 01:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTOR.SYS >
[2008/05/07 14:40:38 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Drivers\storage\R197861\IaStor.sys
[2008/05/07 14:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\drivers\iaStor.sys
[2008/05/07 14:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_8e717be2\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 18:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 01:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-10 17:18:39

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Files - Unicode (All) ==========
[2009/08/11 14:59:05 | 000,000,036 | ---- | M] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/08/11 14:59:05 | 000,000,036 | ---- | C] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:539420FF
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2B99FE60

< End of report >

Here is Extras.txt

OTL Extras logfile created on: 11/10/2011 6:30:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Imy\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 52.02% Memory free
6.14 Gb Paging File | 4.62 Gb Available in Paging File | 75.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 451.07 Gb Total Space | 320.64 Gb Free Space | 71.08% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 13.73 Gb Free Space | 93.70% Space Free | Partition Type: NTFS
Drive F: | 5.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: IMY-PC | User Name: Imy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A320108-8C8A-4E77-9AC2-6B954C17D2FC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{82BEA591-8587-4459-8B75-54D4BF228CC3}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{117E8AF3-D35C-4892-92B2-60AF6472D205}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1306A225-4A23-4382-B063-FCFACC198AE7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{19FC5045-F07C-429C-AB2F-218298CC8E7E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{34FCCF66-22A9-441B-A6CB-1E67095CA517}" = protocol=6 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"{431C8BAC-E63A-485D-B04A-97285B77694B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4C62B390-BEB1-4449-BDB3-284D0C70AFE7}" = protocol=6 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{88CA9A68-C5AF-45C1-BE22-9FD12E88E0CE}" = protocol=6 | dir=in | app=c:\program files\barnes & noble\nookstudy\nookstudy.exe |
"{8A623F99-9E70-41B6-9DFB-1E49C6224669}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{916E8009-91EA-4F4C-B218-1A1283DC699C}" = protocol=17 | dir=in | app=c:\program files\barnes & noble\nookstudy\nookstudy.exe |
"{91765E09-EB5B-443F-8F92-1C24946A22E6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9AE77666-F032-4903-8F43-C0D792A544FC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9CC9CC45-E3BF-41F7-B852-1C482741BF78}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{AC77CE78-1A43-4E88-A63E-E5AF1A143EF6}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C6F4EB76-366E-488D-959A-EBE1C11530A9}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{DA1ABDF1-2E90-4CF1-8BBF-CD26634EB250}" = protocol=17 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"{DF46C72C-7324-4B1F-AC06-F21EBA0FF19B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EC814EA0-F175-451A-9AD1-0FE8925C5D98}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{F575B3B8-33B7-4126-8E25-9E150CDDB5A3}" = protocol=17 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{F5C6B6CB-36BD-434F-B343-0F9428EA1540}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{258749E2-3A46-42B1-9A01-BF977AA06FAC}" = RPS CRT
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FB3647F-B6A6-46B4-8613-A09BCFAB80F0}" = Roxio Creator Premier 10
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}" = The Sims™ 3 Create a Pattern Tool
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{469EF13B-4AD0-48D7-AF89-6B92278293E2}" = Roxio Creator Premier
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F7AF444F-92A4-132D-AA3E-4D6AE3532C1E}" = Twinspires Pro
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Email Toolbar" = AOL Email Toolbar
"AOL News Toolbar" = AOL News Toolbar

"AOL Toolbar" = AOL Toolbar
"Canon MX320 series User Registration" = Canon MX320 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.twinspires.tspro.air" = Twinspires Pro
"Dell Support Center" = Dell Support Center
"EA Download Manager" = EA Download Manager
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"GamesBar" = GamesBar 2.0.1.81
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"NOOKstudy" = NOOKstudy
"Origin" = Origin
"Rhapsody" = Rhapsody
"SnapNShare" = Snap 'n Share
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Dell Touchpad
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Toolbar" = AOL Toolbar
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Microsoft Security Essentials isn't letting me copy and paste so I'm going try to type out what it says

Detected Item: Exploit:Java/CVE-2010-0842.AN
Detected Item: TrojanDownloader:Java/OpenConnection.OU

Both of these were detected yesterday on Nov. 9th and it says they had been removed but my laptop is acting all wacky.

Hello.

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
  

I never got an option to copy and paste that stuff but the scan went off and this is the log:



ComboFix 11-11-13.03 - Imy 11/13/2011 18:07:38.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3032.1110 [GMT -8:00]
Running from: c:\users\Imy\Desktop\commy.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\5907\Downloads\16837627-a839-41c5-a88f-3a0335128383.dll
c:\programdata\PCDr\5907\Downloads\76ca5355-2abf-4f06-bd1f-8e9052696db2.dll
c:\windows\system32\system
.
.
((((((((((((((((((((((((( Files Created from 2011-10-14 to 2011-11-14 )))))))))))))))))))))))))))))))
.
.
2011-11-14 02:20 . 2011-11-14 02:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-14 02:20 . 2011-11-14 02:21 -------- d-----w- c:\users\Imy\AppData\Local\temp
2011-11-14 01:30 . 2011-11-14 01:30 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\MpKslbe77ca7b.sys
2011-11-11 16:00 . 2011-11-11 16:00 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\MpKsl0194cf89.sys
2011-11-11 14:37 . 2011-11-11 14:37 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\MpKsl002b9e92.sys
2011-11-11 14:37 . 2011-11-14 01:30 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\offreg.dll
2011-11-11 14:29 . 2011-11-14 01:46 -------- d-----w- c:\programdata\AVAST Software
2011-11-11 14:29 . 2011-11-11 14:29 -------- d-----w- c:\program files\AVAST Software
2011-11-11 13:56 . 2011-11-11 23:54 489048 ------w- c:\windows\system32\drivers\4683457drv.sys
2011-11-11 13:33 . 2011-10-07 04:48 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\mpengine.dll
2011-11-11 05:22 . 2011-11-11 05:23 -------- d-----w- c:\program files\Ask.com
2011-11-11 05:22 . 2011-11-14 01:35 -------- d-----w- c:\users\Imy\AppData\Roaming\Sammsoft
2011-11-11 02:10 . 2011-11-11 02:10 -------- d-----w- c:\program files\Common Files\Java
2011-11-11 02:08 . 2011-11-11 02:08 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-11-11 02:08 . 2011-11-11 02:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-09 15:13 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 15:13 . 2011-09-20 21:02 913280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 15:13 . 2011-09-20 13:44 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-11-09 15:13 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-07 23:51 . 2011-11-07 23:51 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FA353D0C-88E7-4161-9D80-11A97899949C}\gapaengine.dll
2011-11-06 23:15 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 04:48 . 2011-01-16 01:13 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-08 15:49 . 2011-05-26 00:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 13:30 . 2011-10-13 17:14 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 02:35 . 2011-10-14 00:33 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 02:28 . 2011-10-14 00:33 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 02:22 . 2011-10-14 00:33 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 01:00 . 2010-12-14 03:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-25 16:15 . 2011-10-13 17:13 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-08-25 16:14 . 2011-10-13 17:13 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-25 16:14 . 2011-10-13 17:13 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-08-25 13:31 . 2011-10-13 17:13 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-12-14 03:48 . 2010-12-14 03:48 7622112 ----a-w- c:\program files\mbam-setup-1.50.0.0.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-27 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9be4cb12-499d-4886-a444-78dce8571dde}]
2009-02-25 18:50 1283368 ----a-w- c:\program files\AOL News Toolbar\aolnewstb.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-27 02:23 1493160 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{142b34db-65ac-47e8-8a7f-026e3ec79fca}"= "c:\program files\AOL News Toolbar\aolnewstb.dll" [2009-02-25 1283368]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-27 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{142b34db-65ac-47e8-8a7f-026e3ec79fca}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{770db96d-5ed4-43b0-aa6f-3ecc3def19d2}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{142B34DB-65AC-47E8-8A7F-026E3EC79FCA}"= "c:\program files\AOL News Toolbar\aolnewstb.dll" [2009-02-25 1283368]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-27 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{142b34db-65ac-47e8-8a7f-026e3ec79fca}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{770db96d-5ed4-43b0-aa6f-3ecc3def19d2}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-03 3882312]
"SearchEngineProtection"="c:\program files\Gamesbar\SearchEngineProtection.exe" [2010-12-29 591248]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]
"EADM"="c:\program files\Origin\Origin.exe" [2011-09-23 27763336]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-05-08 1516840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-10 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-10 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-05-10 150552]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-04-09 1762032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-05-11 483428]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-12-11 722256]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-12-14 352976]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-06 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-07-27 397992]
.
c:\users\Imy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-5-28 1320288]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-5-28 1320288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-08-05 22:32 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-05-11 81920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLBE77CA7B
*NewlyCreated* - PCDSRVC{E9D79540-57D5953E-06020101}_0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
yksvcs REG_MULTI_SZ yksvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-19 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
2011-10-20 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
2011-11-14 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = ;*.local
IE: &AOL Email Toolbar Search - c:\programdata\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 192.168.2.1
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_9_3/controls/YBUICtrl.cab
FF - ProfilePath - c:\users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://start.pogo.iplay.com/?o=shp
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=X-SD&o=13959&locale=en_US&apn_uid=69cc0e4d-5d7c-4e52-ab65-5dcf0881e275&apn_ptnrs=SV&apn_sauid=C9730B2A-C549-493D-8017-8703D0504A2A&apn_dtid=YYYYYYB9US&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Oberon GamesBar: gamesbar@oberon-media.com - %profile%\extensions\gamesbar@oberon-media.com
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Support.com Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKLM-Run-dellsupportcenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
HKLM-Run-NapsterShell - c:\program files\Napster\napster.exe
AddRemove-EA Download Manager - c:\program files\Electronic Arts\EADM\EADMUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-13 18:21
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,74,42,35,a7,2c,89,e6,49,a4,3c,7a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,74,42,35,a7,2c,89,e6,49,a4,3c,7a,\
.
Completion time: 2011-11-13 18:30:53
ComboFix-quarantined-files.txt 2011-11-14 02:30
.
Pre-Run: 343,714,476,032 bytes free
Post-Run: 344,087,343,104 bytes free
.
- - End Of File - - C71F5FA738C23D883FCAA4EB134BD9F1

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

My laptop froze two hours and thirty nine mintues into the scan so the scan never finished. This is a problem I keep having with any anti virus program I use, it freezes towards the end of the scan.

Okay lets get rid of some more stuff with Combofix.

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   Code:

   
Folder::
c:\program files\Ask.com

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

DDS::
uStart Page = about:blank
mStart Page = about:blank

Firefox::
FF - ProfilePath - c:\users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://start.pogo.iplay.com/?o=shp
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=X-SD&o=13959&locale=en_US&apn_uid=69cc0e4d-5d7c-4e52-ab65-5dcf0881e275&apn_ptnrs=SV&apn_sauid=C9730B2A-C549-493D-8017-8703D0504A2A&apn_dtid=YYYYYYB9US&q=
FF - Ext: Support.com Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com


   
   
4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.
   

I ran what I was told too and the Combo thing did show up as something infected but I didn't catch what it was since I had to leave the room at the moment, when I had come back my computer had restarted itself and there is no log. I keep typing in C:\Combofix.txt in the search but it can't find any and I can't find it either. I ran the Mal-ware Bytes again to see what it would do and it frooze again. It freezes on this:

C:\\Windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6002.18005_none_30e75e2643dc18b4\System.Windows.Forms.dll

It'll show that under "Currently Scanning" and it freezes. Should I try the steps over again with the CFScript and just make sure I do when I can be by the whole time to catch whatever it does?

bump

Hello.
Sorry for the delay, been busy.

How is the machine running now?

It hasn't changed, still freezing on the anti virus programs and going slow and freezing

Bump

Sorry for the delay, busy week. Lets see if we can help the slowness.

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.
  

All I get at the end when it should show me the notepad log is a window poping up saying "Cannot Find the C:\Program Files\TrendMicro\HijackThis\hijackthis.log file" Then it ask me if I want to create a new file,one time I pressed yes and nothing happen, second time I pressed no and nothing happened.

Hello.
Okay, right click Hijack This, run it as administrator and it should run correctly then.

It doesn't give me that option when I right click it

Okay, Download Startup Lite from here: http://www.malwarebytes.org/products/startuplite

Open the program and press continue, follow any prompts and reboot normally (if it doesn't do it itself)

How is the machine now, any better? startup should be faster.

No, anti virus still freezes and the comp still runs slow and freezes. When I tried that I got "Error on value:SunJavaUpateSched. There was an error creating a MsConfig Key" and got the error on these as well: Quick Time Task, IgfxTray, Persistence, HotkeysCmds and MsnMsgr.

I have now done a system restore which brought back my icons but the same problem I'm running into with the anti virus program freezing when it scans:
"C:\\Windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6002.18005_none_30e75e2643dc18b4\System.Windows.Forms.dll"

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

I have maleware bytes and it freezes as well. On the same thing the other one does.

Okay try Combofix again, see if that freezes too.

ComboFix 11-12-21.02 - Imy 12/21/2011 18:27:48.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3032.1647 [GMT -8:00]
Running from: c:\users\Imy\Desktop\commy.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\system
.
.
((((((((((((((((((((((((( Files Created from 2011-11-22 to 2011-12-22 )))))))))))))))))))))))))))))))
.
.
2011-12-22 02:07 . 2011-12-22 02:08 -------- d-----w- C:\c792c2aa3abf30a253a91c7a9c64c104
2011-12-22 01:59 . 2011-07-13 03:39 6881616 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{83B275A7-CBFD-4EF7-8EB6-AAC2CCE390F2}\mpengine.dll
2011-12-12 23:13 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-12-12 22:27 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5040379D-E944-4883-8EEA-6F4835D61396}\mpengine.dll
2011-12-12 21:49 . 2011-07-13 03:39 6881616 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{050E6237-3C11-4C43-88CC-D8C25BB7DF07}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-14 03:48 . 2010-12-14 03:48 7622112 ----a-w- c:\program files\mbam-setup-1.50.0.0.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9be4cb12-499d-4886-a444-78dce8571dde}]
2009-02-25 18:50 1283368 ----a-w- c:\program files\AOL News Toolbar\aolnewstb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{142b34db-65ac-47e8-8a7f-026e3ec79fca}"= "c:\program files\AOL News Toolbar\aolnewstb.dll" [2009-02-25 1283368]
.
[HKEY_CLASSES_ROOT\clsid\{142b34db-65ac-47e8-8a7f-026e3ec79fca}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{770db96d-5ed4-43b0-aa6f-3ecc3def19d2}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{142B34DB-65AC-47E8-8A7F-026E3EC79FCA}"= "c:\program files\AOL News Toolbar\aolnewstb.dll" [2009-02-25 1283368]
.
[HKEY_CLASSES_ROOT\clsid\{142b34db-65ac-47e8-8a7f-026e3ec79fca}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{770db96d-5ed4-43b0-aa6f-3ecc3def19d2}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [BU]
"SearchEngineProtection"="c:\program files\Gamesbar\SearchEngineProtection.exe" [2010-12-29 591248]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]
"EADM"="c:\program files\Origin\Origin.exe" [2011-09-23 27763336]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-05-08 1516840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-10 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-10 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-05-10 150552]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-04-09 1762032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [BU]
"NapsterShell"="c:\program files\Napster\napster.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-05-11 483428]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-12-11 722256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-12-14 352976]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-06 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]
.
c:\users\Imy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-5-28 1320288]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-5-28 1320288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-08-05 22:32 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 MpKsl5a545050;MpKsl5a545050;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{02B18001-50B5-462E-810F-8E0DCC9959AE}\MpKsl5a545050.sys [x]
R1 MpKsl7ebc60e8;MpKsl7ebc60e8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0E474926-B9B2-4F4E-A86E-061393939953}\MpKsl7ebc60e8.sys [2011-10-06 28752]
R1 MpKsla3139faf;MpKsla3139faf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5FED235C-55F2-4A16-8806-64070889F316}\MpKsla3139faf.sys [x]
R1 MpKsld4f9b60e;MpKsld4f9b60e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{19A08DF3-8303-4F13-AA8B-B5B0B1E87DEC}\MpKsld4f9b60e.sys [x]
R1 MpKslfbe5ef84;MpKslfbe5ef84;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{287DA206-4629-45B9-B921-9A5293213D61}\MpKslfbe5ef84.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-05-14 309744]
R2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-05-14 166384]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-25 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-25 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-05-14 1120752]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-10 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-23 22104]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-05-11 81920]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2008-01-21 21504]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 19984]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
yksvcs REG_MULTI_SZ yksvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-22 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
2011-12-22 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
2011-12-22 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = ;*.local
IE: &AOL Email Toolbar Search - c:\programdata\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 192.168.2.1
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_9_3/controls/YBUICtrl.cab
FF - ProfilePath - c:\users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://start.pogo.iplay.com/?o=shp
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Oberon GamesBar: gamesbar@oberon-media.com - %profile%\extensions\gamesbar@oberon-media.com
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-21 18:39
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,74,42,35,a7,2c,89,e6,49,a4,3c,7a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,74,42,35,a7,2c,89,e6,49,a4,3c,7a,\
.
Completion time: 2011-12-21 18:48:26
ComboFix-quarantined-files.txt 2011-12-22 02:48
ComboFix2.txt 2011-11-14 02:30
.
Pre-Run: 344,245,018,624 bytes free
Post-Run: 344,446,554,112 bytes free
.
- - End Of File - - 858D0E599656415237B5F7AC0445553C

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

• Check (tick) this box: YES, I accept the Terms of Use.
  
• Click on the Start button next to it.
  
• When prompted to run ActiveX. click Yes.
  
• You will be asked to install an ActiveX. Click Install.
  
• Once installed, the scanner will be initialized.
  
• After the scanner is initialized, click Start.
  
• Check (tick) Remove found threats box.
  
• Check (tick) Scan unwanted applications.
  
• Click on Scan.
  
• It will start scanning. Please be patient.
  
• Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.
  

Its freezing as well

Download MBRCheck to your desktop.

• Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
  
• It will show a black screen with some data on it.
  
• A report called MBRcheckxxxx.txt will be on your desktop
  
• Open this report and post its content in your next reply.
  

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Basic Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1750
Logical Drives Mask: 0x00000034

Kernel Drivers (total 135):
0x84806000 \SystemRoot\system32\ntkrnlpa.exe
0x84BC0000 \SystemRoot\system32\hal.dll
0x80409000 \SystemRoot\system32\kdcom.dll
0x80410000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80480000 \SystemRoot\system32\PSHED.dll
0x80491000 \SystemRoot\system32\BOOTVID.dll
0x80499000 \SystemRoot\system32\CLFS.SYS
0x804DA000 \SystemRoot\system32\CI.dll
0x80609000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80685000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80692000 \SystemRoot\system32\drivers\acpi.sys
0x806D8000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806E1000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E9000 \SystemRoot\system32\drivers\pci.sys
0x80710000 \SystemRoot\System32\drivers\partmgr.sys
0x8071F000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80722000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8072C000 \SystemRoot\system32\drivers\volmgr.sys
0x8073B000 \SystemRoot\System32\drivers\volmgrx.sys
0x80785000 \SystemRoot\System32\drivers\mountmgr.sys
0x84E04000 \SystemRoot\system32\drivers\iastor.sys
0x84ED4000 \SystemRoot\system32\drivers\fltmgr.sys
0x84F06000 \SystemRoot\system32\drivers\fileinfo.sys
0x84F16000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x84F20000 \SystemRoot\System32\Drivers\ksecdd.sys
0x85E02000 \SystemRoot\system32\drivers\ndis.sys
0x85F0D000 \SystemRoot\system32\drivers\msrpc.sys
0x85F38000 \SystemRoot\system32\drivers\NETIO.SYS
0x8D00D000 \SystemRoot\System32\drivers\tcpip.sys
0x8D0FA000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8D20D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8D31D000 \SystemRoot\system32\drivers\volsnap.sys
0x8D356000 \SystemRoot\System32\Drivers\spldr.sys
0x8D35E000 \SystemRoot\System32\Drivers\mup.sys
0x8D409000 \SystemRoot\system32\DRIVERS\kl1.sys
0x8D92B000 \SystemRoot\System32\drivers\ecache.sys
0x8D952000 \SystemRoot\system32\drivers\disk.sys
0x8D963000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8D984000 \SystemRoot\system32\drivers\crcdisk.sys
0x8D99A000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8D9A5000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x91408000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x91D06000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x91DA6000 \SystemRoot\System32\drivers\watchdog.sys
0x91DB2000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x91DBD000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8D9AE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8D36D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x9220E000 \SystemRoot\system32\DRIVERS\athr.sys
0x922F5000 \SystemRoot\system32\DRIVERS\yk60x86.sys
0x92345000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x92358000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x9238A000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x9238C000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x92395000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x923A0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x923AB000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x923C3000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x923C9000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x923CD000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x923D6000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8D9BD000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x85F73000 \SystemRoot\system32\DRIVERS\storport.sys
0x923E5000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8D1E5000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x923F0000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x85FB4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8D9EC000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x85FD7000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x85FEB000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x84F91000 \SystemRoot\system32\DRIVERS\termdd.sys
0x923FB000 \SystemRoot\system32\DRIVERS\swenum.sys
0x84FA1000 \SystemRoot\system32\DRIVERS\ks.sys
0x92200000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8D200000 \SystemRoot\system32\DRIVERS\umbus.sys
0x84FCB000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x80795000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x92607000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x9266C000 \SystemRoot\system32\DRIVERS\portcls.sys
0x92699000 \SystemRoot\system32\DRIVERS\drmk.sys
0x926BE000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x926E5000 \SystemRoot\system32\DRIVERS\klif.sys
0x92768000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x92771000 \SystemRoot\System32\Drivers\Null.SYS
0x92778000 \SystemRoot\System32\Drivers\Beep.SYS
0x9277F000 \SystemRoot\System32\drivers\vga.sys
0x9278B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x927AC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x927B4000 \SystemRoot\system32\drivers\rdpencdd.sys
0x927BC000 \SystemRoot\System32\Drivers\Msfs.SYS
0x927C7000 \SystemRoot\System32\Drivers\Npfs.SYS
0x927D5000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x927DE000 \SystemRoot\system32\DRIVERS\tdx.sys
0x927F4000 \SystemRoot\system32\DRIVERS\kl2.sys
0x807A6000 \SystemRoot\system32\DRIVERS\smb.sys
0x807BA000 \SystemRoot\System32\DRIVERS\netbt.sys
0x92C08000 \SystemRoot\system32\drivers\afd.sys
0x92C50000 \SystemRoot\system32\drivers\RTSTOR.SYS
0x92C63000 \SystemRoot\system32\DRIVERS\pacer.sys
0x92C79000 \SystemRoot\system32\DRIVERS\klim6.sys
0x92C81000 \SystemRoot\system32\DRIVERS\netbios.sys
0x92C8F000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x92CA2000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x92CDE000 \SystemRoot\system32\drivers\nsiproxy.sys
0x92CE8000 \SystemRoot\System32\Drivers\dfsc.sys
0x92CFF000 \SystemRoot\system32\DRIVERS\udfs.sys
0x92D3A000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8D115000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x9C860000 \SystemRoot\System32\win32k.sys
0x92D47000 \SystemRoot\System32\drivers\Dxapi.sys
0x92D51000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9CA80000 \SystemRoot\System32\TSDDD.dll
0x9CAA0000 \SystemRoot\System32\cdd.dll
0x92D60000 \SystemRoot\system32\drivers\luafv.sys
0xB060D000 \SystemRoot\system32\drivers\spsys.sys
0xB06BD000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xB06CD000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xB06F7000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB0701000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xB0714000 \SystemRoot\system32\drivers\HTTP.sys
0xB0781000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xB079E000 \SystemRoot\system32\DRIVERS\bowser.sys
0xB07B7000 \SystemRoot\System32\drivers\mpsdrv.sys
0xB07CC000 \SystemRoot\system32\drivers\mrxdav.sys
0x92D7B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x92D9A000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x92DD3000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x805BA000 \SystemRoot\System32\DRIVERS\srv2.sys
0xB1C0E000 \SystemRoot\System32\DRIVERS\srv.sys
0xB1C75000 \SystemRoot\system32\drivers\peauth.sys
0xB1D53000 \SystemRoot\System32\Drivers\fastfat.SYS
0xB1D7B000 \SystemRoot\System32\Drivers\secdrv.SYS
0xB1D85000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9CAB0000 \SystemRoot\System32\ATMFD.DLL
0x77BE0000 \Windows\System32\ntdll.dll

Processes (total 81):
0 System Idle Process
4 System
544 C:\Windows\System32\smss.exe
612 csrss.exe
656 C:\Windows\System32\wininit.exe
664 csrss.exe
704 C:\Windows\System32\winlogon.exe
744 C:\Windows\System32\services.exe
756 C:\Windows\System32\lsass.exe
768 C:\Windows\System32\lsm.exe
908 C:\Windows\System32\svchost.exe
968 C:\Windows\System32\svchost.exe
1176 C:\Windows\System32\svchost.exe
1252 C:\Windows\System32\svchost.exe
1264 C:\Windows\System32\svchost.exe
1324 C:\Windows\System32\audiodg.exe
1352 C:\Windows\System32\svchost.exe
1372 C:\Windows\System32\SLsvc.exe
1504 C:\Windows\servicing\TrustedInstaller.exe
1516 C:\Windows\System32\svchost.exe
1560 C:\Program Files\Dell\DellDock\DockLogin.exe
1652 C:\Windows\System32\svchost.exe
1672 C:\Windows\System32\svchost.exe
1852 C:\Windows\System32\spoolsv.exe
1876 C:\Windows\System32\svchost.exe
224 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
384 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
668

Hello.
Looks okay, how is the machine running now?

Its still acting the same, freezing up on anti virus scans

Can you re-run MBRCheck, the bottom but of the log was cut off.

If needed, zip it and attach it.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Basic Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1750
Logical Drives Mask: 0x00000034

Kernel Drivers (total 135):
0x84A1A000 \SystemRoot\system32\ntkrnlpa.exe
0x84DD4000 \SystemRoot\system32\hal.dll
0x80604000 \SystemRoot\system32\kdcom.dll
0x8060B000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8067B000 \SystemRoot\system32\PSHED.dll
0x8068C000 \SystemRoot\system32\BOOTVID.dll
0x80694000 \SystemRoot\system32\CLFS.SYS
0x806D5000 \SystemRoot\system32\CI.dll
0x85E09000 \SystemRoot\system32\drivers\Wdf01000.sys
0x85E85000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x85E92000 \SystemRoot\system32\drivers\acpi.sys
0x85ED8000 \SystemRoot\system32\drivers\WMILIB.SYS
0x85EE1000 \SystemRoot\system32\drivers\msisadrv.sys
0x85EE9000 \SystemRoot\system32\drivers\pci.sys
0x85F10000 \SystemRoot\System32\drivers\partmgr.sys
0x85F1F000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x85F22000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x85F2C000 \SystemRoot\system32\drivers\volmgr.sys
0x85F3B000 \SystemRoot\System32\drivers\volmgrx.sys
0x85F85000 \SystemRoot\System32\drivers\mountmgr.sys
0x8D00E000 \SystemRoot\system32\drivers\iastor.sys
0x8D0DE000 \SystemRoot\system32\drivers\fltmgr.sys
0x8D110000 \SystemRoot\system32\drivers\fileinfo.sys
0x8D120000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x8D12A000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8D20C000 \SystemRoot\system32\drivers\ndis.sys
0x8D317000 \SystemRoot\system32\drivers\msrpc.sys
0x8D342000 \SystemRoot\system32\drivers\NETIO.SYS
0x8D40B000 \SystemRoot\System32\drivers\tcpip.sys
0x8D4F8000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8D60B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8D71B000 \SystemRoot\system32\drivers\volsnap.sys
0x8D754000 \SystemRoot\System32\Drivers\spldr.sys
0x8D75C000 \SystemRoot\System32\Drivers\mup.sys
0x8D80D000 \SystemRoot\system32\DRIVERS\kl1.sys
0x8DD2F000 \SystemRoot\System32\drivers\ecache.sys
0x8DD56000 \SystemRoot\system32\drivers\disk.sys
0x8DD67000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8DD88000 \SystemRoot\system32\drivers\crcdisk.sys
0x8DD9E000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8DDA9000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x92204000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x92B02000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x92BA2000 \SystemRoot\System32\drivers\watchdog.sys
0x92BAE000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x92BB9000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8DDB2000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8D76B000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x91C01000 \SystemRoot\system32\DRIVERS\athr.sys
0x91CE8000 \SystemRoot\system32\DRIVERS\yk60x86.sys
0x91D38000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x91D4B000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x91D7D000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x91D7F000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x91D88000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x91D93000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x91D9E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x91DB6000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x91DBC000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x91DC0000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x91DC9000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8DDC1000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8D37D000 \SystemRoot\system32\DRIVERS\storport.sys
0x91DD8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x91DE3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8DDF0000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8D3BE000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8D5E3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8D3E1000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8D19B000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8D1B0000 \SystemRoot\system32\DRIVERS\termdd.sys
0x91DFA000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8D1C0000 \SystemRoot\system32\DRIVERS\ks.sys
0x8D800000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8D5F2000 \SystemRoot\system32\DRIVERS\umbus.sys
0x85F95000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8D1EA000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x92E0A000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x92E6F000 \SystemRoot\system32\DRIVERS\portcls.sys
0x92E9C000 \SystemRoot\system32\DRIVERS\drmk.sys
0x92EC1000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x92EE8000 \SystemRoot\system32\DRIVERS\klif.sys
0x92F6B000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x92F74000 \SystemRoot\System32\Drivers\Null.SYS
0x92F7B000 \SystemRoot\System32\Drivers\Beep.SYS
0x92F82000 \SystemRoot\System32\drivers\vga.sys
0x92F8E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x92FAF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x92FB7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x92FBF000 \SystemRoot\System32\Drivers\Msfs.SYS
0x92FCA000 \SystemRoot\System32\Drivers\Npfs.SYS
0x92FD8000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x92FE1000 \SystemRoot\system32\DRIVERS\tdx.sys
0x92FF7000 \SystemRoot\system32\DRIVERS\kl2.sys
0x85FCA000 \SystemRoot\system32\DRIVERS\smb.sys
0x85FDE000 \SystemRoot\system32\drivers\RTSTOR.SYS
0x807B5000 \SystemRoot\System32\DRIVERS\netbt.sys
0x93405000 \SystemRoot\system32\drivers\afd.sys
0x9344D000 \SystemRoot\system32\DRIVERS\pacer.sys
0x93463000 \SystemRoot\system32\DRIVERS\klim6.sys
0x9346B000 \SystemRoot\system32\DRIVERS\netbios.sys
0x93479000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x9348C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x934C8000 \SystemRoot\system32\drivers\nsiproxy.sys
0x934D2000 \SystemRoot\System32\Drivers\dfsc.sys
0x934E9000 \SystemRoot\system32\DRIVERS\udfs.sys
0x93524000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8D513000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x9E240000 \SystemRoot\System32\win32k.sys
0x93531000 \SystemRoot\System32\drivers\Dxapi.sys
0x9353B000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9E460000 \SystemRoot\System32\TSDDD.dll
0x9E480000 \SystemRoot\System32\cdd.dll
0x9E490000 \SystemRoot\System32\ATMFD.DLL
0x9354A000 \SystemRoot\system32\drivers\luafv.sys
0x83A0E000 \SystemRoot\system32\drivers\spsys.sys
0x83ABE000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x83ACE000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x83AF8000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x83B02000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x83B15000 \SystemRoot\system32\drivers\HTTP.sys
0x83B82000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x83B9F000 \SystemRoot\system32\DRIVERS\bowser.sys
0x83BB8000 \SystemRoot\System32\drivers\mpsdrv.sys
0x83BCD000 \SystemRoot\system32\drivers\mrxdav.sys
0x93565000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x93584000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x935BD000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x935D5000 \SystemRoot\System32\DRIVERS\srv2.sys
0xAF60D000 \SystemRoot\System32\DRIVERS\srv.sys
0xAF674000 \SystemRoot\system32\drivers\peauth.sys
0xAF752000 \SystemRoot\System32\Drivers\fastfat.SYS
0xAF77A000 \SystemRoot\System32\Drivers\secdrv.SYS
0xAF784000 \SystemRoot\System32\drivers\tcpipreg.sys
0x77870000 \Windows\System32\ntdll.dll

Processes (total 76):
0 System Idle Process
4 System
544 C:\Windows\System32\smss.exe
612 csrss.exe
656 C:\Windows\System32\wininit.exe
664 csrss.exe
700 C:\Windows\System32\services.exe
712 C:\Windows\System32\lsass.exe
724 C:\Windows\System32\lsm.exe
804 C:\Windows\System32\winlogon.exe
912 C:\Windows\System32\svchost.exe
972 C:\Windows\System32\svchost.exe
1076 C:\Windows\System32\svchost.exe
1140 C:\Windows\System32\svchost.exe
1220 C:\Windows\System32\svchost.exe
1244 C:\Windows\System32\svchost.exe
1320 C:\Windows\System32\audiodg.exe
1348 C:\Windows\System32\svchost.exe
1368 C:\Windows\System32\SLsvc.exe
1412 C:\Windows\System32\svchost.exe
1504 C:\Program Files\Dell\DellDock\DockLogin.exe
1692 C:\Windows\System32\svchost.exe
1716 C:\Windows\System32\svchost.exe
1936 C:\Windows\System32\spoolsv.exe
1960 C:\Windows\System32\svchost.exe
552 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
580 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1536 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
768 C:\Windows\System32\taskeng.exe
696 C:\Program Files\Bonjour\mDNSResponder.exe
2020 C:\Windows\System32\dlcccoms.exe
1304 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2148 C:\Windows\System32\svchost.exe
2396 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2440 C:\Windows\System32\svchost.exe
2664 C:\Windows\System32\svchost.exe
2696 C:\Windows\System32\SearchIndexer.exe
2792 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
3052 C:\Program Files\Dell\DellDock\DellDock.exe
3248 C:\Windows\System32\taskeng.exe
3352 C:\Windows\System32\dwm.exe
3376 C:\Windows\explorer.exe
3488 C:\Windows\System32\igfxsrvc.exe
3640 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3664 C:\Windows\System32\igfxtray.exe
3672 C:\Windows\System32\hkcmd.exe
3696 C:\Windows\System32\igfxpers.exe
3712 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
3732 C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
3780 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
3808 C:\Program Files\IDT\WDM\sttray.exe
3832 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
3840 C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
3848 WmiPrvSE.exe
3860 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
3868 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
3876 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
3928 C:\Program Files\iTunes\iTunesHelper.exe
3936 C:\Program Files\Windows Sidebar\sidebar.exe
3948 C:\Program Files\GamesBar\SearchEngineProtection.exe
2680 C:\Program Files\Windows Media Player\wmpnscfg.exe
3340 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
3364 C:\Windows\System32\taskeng.exe
4312 C:\Program Files\Windows Media Player\wmpnetwk.exe
4320 WmiPrvSE.exe
2836 C:\Program Files\iPod\bin\iPodService.exe
4216 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5136 C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
1876 C:\Windows\System32\svchost.exe
3504 C:\Windows\System32\SearchProtocolHost.exe
5744 C:\Windows\System32\SearchFilterHost.exe
5876 C:\Windows\System32\SearchProtocolHost.exe
5652 C:\Windows\System32\wbem\WMIADAP.exe
3800
2488
4656 C:\Users\Imy\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`ac000000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`02800000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK5055GSX, Rev: FG000D

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Dell Inspiron MBR code detected
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B


Done!

Bump