Laptop freezing and anti virus programs freezing at the end of scans.

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Fri 11 Nov 2011, 2:16 pm

Here is the OTL Log, my laptop keeps freezing and my dekstop is losing icons. Also my anti-virus programs, Kaspersky and Microsoft won't finish scanning, they freeze up at the end. I have run Mal warebytes and it hasn't caught anything but my Microsoft Security did detect two threats yesterday and removed it but the laptop is still acting screwy, even worse today, I'll post that down after the OTL and Extra Logs. Here is OTL

OTL logfile created on: 11/10/2011 6:30:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Imy\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 52.02% Memory free
6.14 Gb Paging File | 4.62 Gb Available in Paging File | 75.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 451.07 Gb Total Space | 320.64 Gb Free Space | 71.08% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 13.73 Gb Free Space | 93.70% Space Free | Partition Type: NTFS
Drive F: | 5.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: IMY-PC | User Name: Imy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/10 17:44:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Imy\Downloads\OTL.com
PRC - [2011/09/08 07:49:35 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/12/29 02:44:10 | 000,591,248 | ---- | M] (Oberon Media ) -- C:\Program Files\GamesBar\SearchEngineProtection.exe
PRC - [2010/12/14 09:02:39 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010/07/01 21:34:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe
PRC - [2009/05/28 13:28:18 | 001,320,288 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2009/05/11 11:21:52 | 000,483,428 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/05/11 11:21:10 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
PRC - [2009/04/23 14:14:38 | 002,915,408 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2009/04/10 22:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/09 13:29:00 | 001,762,032 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/02/04 18:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/12/18 11:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/12/11 08:31:00 | 000,722,256 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/07 14:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 14:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/03/17 08:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/02/14 15:23:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcccoms.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/14 04:39:04 | 015,882,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\b438fae7231dfbdb7e8b126b0e05cf0d\MenuSkinning.ni.dll
MOD - [2011/10/14 04:38:50 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\4bcdb78436b238b92d3bfc16d2da53e0\VistaBridgeLibrary.ni.dll
MOD - [2011/10/14 04:38:48 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011/10/14 04:38:47 | 002,574,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\3066752682e1f12d66985ab33b768391\DellDock.ni.exe
MOD - [2011/10/14 04:38:45 | 000,286,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\ec83141261c770f0d8adea4c1674fd9a\MyDock.Util.ni.dll
MOD - [2011/10/14 04:38:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/14 04:38:26 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b88a2bf58d8529fc33f8f3437a7ff06\System.Web.Services.ni.dll
MOD - [2011/10/14 04:38:23 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2011/10/14 04:15:54 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/14 04:15:38 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/14 04:15:30 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/14 04:14:22 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/14 04:13:11 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/08/22 00:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/04/09 13:29:00 | 001,762,032 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/04/09 13:29:00 | 000,263,920 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll
MOD - [2009/04/09 13:29:00 | 000,132,336 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/04/09 13:29:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll
MOD - [2009/04/09 13:29:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009/04/09 13:29:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/12/14 09:02:39 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/08/05 14:32:54 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/05/12 05:20:06 | 000,282,624 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\ykx32mpcoinst.dll -- (yksvc)
SRV - [2009/05/11 11:21:10 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe -- (AESTFilters)
SRV - [2008/12/18 11:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/05/14 07:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/05/14 07:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/05/14 07:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/05/07 14:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/20 18:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/14 15:23:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcccoms.exe -- (dlcc_device)


========== Driver Services (SafeList) ==========

DRV - [2011/11/10 18:24:25 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A3CFDC5-AAB4-46CD-8609-E481970782B2}\MpKsl7ede0420.sys -- (MpKsl7ede0420)
DRV - [2011/11/10 17:29:49 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A3CFDC5-AAB4-46CD-8609-E481970782B2}\MpKsl4db67f08.sys -- (MpKsl4db67f08)
DRV - [2011/11/10 15:34:51 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A3CFDC5-AAB4-46CD-8609-E481970782B2}\MpKsl137571b0.sys -- (MpKsl137571b0)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/12/14 09:02:39 | 000,488,024 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/05/11 11:21:58 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/02/22 04:56:52 | 000,921,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/01/20 18:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/01 23:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {98572e47-b5fe-43de-9aea-492a1d3064cd} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
IE - HKCU\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://start.pogo.iplay.com/?o=shp"
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.12
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:11.0.1.400
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:11.0.1.400
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.1.0.81
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Imy\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/29 19:36:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/10 18:08:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010/12/14 08:18:51 | 000,000,000 | ---D | M]

[2010/12/14 12:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Imy\AppData\Roaming\Mozilla\Extensions
[2011/11/03 15:51:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions
[2010/12/29 12:59:42 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/12/29 12:59:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/08 07:50:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/29 12:59:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/28 20:34:49 | 000,000,000 | ---D | M] (Oberon GamesBar) -- C:\Users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\extensions\gamesbar@oberon-media.com
[2011/11/10 18:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/10 18:08:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/01/31 12:08:22 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010/12/16 03:27:53 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2011/11/10 18:08:00 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/28 20:34:50 | 000,001,600 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober313153240.xml

========== Chrome ==========

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: Verizon Servicepoint (Enabled) = C:\Program Files\Verizon\VSP\nprpspa.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AOL News Toolbar Loader) - {9be4cb12-499d-4886-a444-78dce8571dde} - C:\Program Files\AOL News Toolbar\aolnewstb.dll (AOL LLC.)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.81\oberontb.dll (Oberon Media Ltd.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (AOL Email Toolbar Loader) - {fbea8524-8c72-4208-9d12-7fb73e9926eb} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AOL News Toolbar) - {142b34db-65ac-47e8-8a7f-026e3ec79fca} - C:\Program Files\AOL News Toolbar\aolnewstb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\2.0.1.81\oberontb.dll (Oberon Media Ltd.)
O3 - HKLM\..\Toolbar: (AOL Email Toolbar) - {a3704fa3-dbf6-46b5-b95e-0677dfd39577} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL News Toolbar) - {142B34DB-65AC-47E8-8A7F-026E3EC79FCA} - C:\Program Files\AOL News Toolbar\aolnewstb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Email Toolbar) - {A3704FA3-DBF6-46B5-B95E-0677DFD39577} - C:\Program Files\AOL Email Toolbar\aolmailtb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray File not found
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\GamesBar\SearchEngineProtection.exe (Oberon Media )
O4 - Startup: C:\Users\Imy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O8 - Extra context menu item: &AOL Email Toolbar Search - C:\ProgramData\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm ()
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} [You must be registered and logged in to see this link.] (Verizon Wireless Media Upload)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} [You must be registered and logged in to see this link.] (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} [You must be registered and logged in to see this link.] (CamImage Class)
O16 - DPF: {A021A215-6CDC-44B4-8C16-90491CED9605} [You must be registered and logged in to see this link.] (Clue Control)
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} [You must be registered and logged in to see this link.] (CPlayFirstddfotgControl Object)
O16 - DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} [You must be registered and logged in to see this link.] (YBUICtrl.FloatWnd.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553552000} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} [You must be registered and logged in to see this link.] (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C6AAD93-31EE-48A0-BB5E-7EE43C2EB1C1}: DhcpNameServer = 192.168.1.1 192.168.1.1 192.168.2.1
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) -C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Imy\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Imy\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/09/15 23:07:13 | 000,054,544 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011/09/15 20:58:13 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{2c780010-81e1-11de-9381-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2c780010-81e1-11de-9381-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2011/09/15 23:07:13 | 000,054,544 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{3b1893b2-86be-11de-82fa-0025644a01db}\Shell\AutoRun\command - "" = D:\LinksysConnectPC.exe
O33 - MountPoints2\{3b1893b7-86be-11de-82fa-0025644a01db}\Shell - "" = AutoRun
O33 - MountPoints2\{3b1893b7-86be-11de-82fa-0025644a01db}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 10:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2011/01/28 16:55:34 | 020,367,424 | ---- | M] (The GIMP Team ) -- C:\Users\Imy\gimp-2.6.11-i686-setup-1.exe
[2011/01/31 12:36:41 | 115,652,856 | ---- | M] (Kaspersky Lab) -- C:\Users\Imy\kis11.0.2.556EN-US.exe
[2011/01/14 07:55:43 | 007,866,472 | ---- | M] (Microsoft Corporation) -- C:\Users\Imy\mseinstall.exe
[2010/12/27 15:14:59 | 001,228,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Imy\Photoshop_12_LS1.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/09/29 19:35:52 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/09/29 19:35:56 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/09/29 19:36:01 | 000,246,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/12/27 15:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/12/27 15:24:12 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
[2009/12/08 14:45:32 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Email Toolbar
[2009/10/23 14:39:10 | 000,000,000 | ---D | M] -- C:\Program Files\AOL News Toolbar
[2011/06/22 09:16:45 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Toolbar
[2011/06/25 08:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/02/21 20:35:35 | 000,000,000 | ---D | M] -- C:\Program Files\Barnes & Noble
[2011/09/18 15:40:28 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/12/02 16:10:35 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2009/12/02 15:47:19 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2009/08/05 14:32:54 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2011/11/10 18:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/08/05 14:41:11 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2009/12/16 14:28:58 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2009/08/05 14:35:49 | 000,000,000 | ---D | M] -- C:\Program Files\Dell DataSafe Online
[2009/08/05 14:20:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Inc
[2011/10/18 14:22:38 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2009/09/14 09:38:27 | 000,000,000 | ---D | M] -- C:\Program Files\dl_Cats
[2011/10/18 09:05:17 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2011/03/28 20:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\GamesBar
[2011/01/28 17:10:43 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2010/12/14 06:23:39 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/08/05 09:02:21 | 000,000,000 | ---D | M] -- C:\Program Files\IDT
[2011/10/18 09:05:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/08/05 14:21:19 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/10/14 04:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/09/18 15:45:06 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/09/18 15:45:49 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/08/05 14:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/14 08:18:33 | 000,000,000 | ---D | M] -- C:\Program Files\Kaspersky Lab
[2011/11/10 09:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/04 12:24:44 | 000,000,000 | ---D | M] -- C:\Program Files\MFInstall
[2009/08/05 14:38:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/11/10 16:14:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/11/06 15:17:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2011/10/14 04:09:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/08/05 14:39:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/08/05 14:40:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2010/06/16 19:44:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/08/16 06:23:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft WSE
[2010/06/25 20:00:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/12 04:58:58 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/10/20 13:13:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/08/11 13:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/11/09 12:33:08 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2011/09/25 12:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\Origin
[2011/06/03 12:32:56 | 000,000,000 | ---D | M] -- C:\Program Files\Origin Games
[2011/03/08 13:37:03 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2011/09/18 15:22:11 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/06/15 15:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2009/08/05 14:32:41 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/01/04 09:42:57 | 000,000,000 | ---D | M] -- C:\Program Files\Snap 'n Share
[2009/08/05 16:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2011/07/15 16:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\twinspires
[2006/11/02 04:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/10/07 11:15:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/10/07 11:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/10/07 11:15:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/08/05 14:40:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/08/05 14:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2011/11/10 05:08:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/14 05:49:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/10/07 11:15:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/18 06:57:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/10/07 11:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/09/08 07:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 01:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009/04/10 22:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 22:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 18:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 18:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 01:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/04/11 11:01:42 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

< MD5 for: DISK.SYS >
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/20 18:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/20 18:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 01:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTOR.SYS >
[2008/05/07 14:40:38 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Drivers\storage\R197861\IaStor.sys
[2008/05/07 14:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\drivers\iaStor.sys
[2008/05/07 14:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_8e717be2\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 18:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 01:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-10 17:18:39

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Files - Unicode (All) ==========
[2009/08/11 14:59:05 | 000,000,036 | ---- | M] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/08/11 14:59:05 | 000,000,036 | ---- | C] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:539420FF
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2B99FE60

< End of report >

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Fri 11 Nov 2011, 2:17 pm

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - AOL Toolbar
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{91196504-58DD-4876-8C4F-D871B685D5AC} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.JDCT - jl_jdct.drv File not found
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/10 18:10:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/11/10 18:10:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/11/10 18:08:51 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/11/10 18:08:51 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/11/10 18:08:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/11/10 18:08:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/10/18 14:22:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/10/13 16:33:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/13 16:33:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/13 16:33:31 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/10/13 16:33:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/13 16:33:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/13 09:14:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/13 09:14:03 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/13 09:14:03 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/13 09:14:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/13 09:14:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/13 09:13:31 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/13 09:13:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/12/13 19:48:55 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.50.0.0.exe
[2010/03/19 10:53:59 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\Imy\AppData\Roaming\DataSafeDotNet.exe
[2007/02/14 15:23:20 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlccih.exe
[2007/02/14 15:23:18 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlcccoms.exe
[2007/02/14 15:23:18 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlcccfg.exe
[2006/12/20 16:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlccpmui.dll
[2006/12/20 16:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlccserv.dll
[2006/12/20 16:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcccomm.dll
[2006/12/20 15:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcclmpm.dll
[2006/12/20 15:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcciesc.dll
[2006/12/20 15:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlccpplc.dll
[2006/12/20 15:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcccomc.dll
[2006/12/20 15:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlccprox.dll
[2006/12/20 15:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlccinpa.dll
[2006/12/20 15:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlccusb1.dll
[2006/12/20 15:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcchbn3.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/10 18:32:04 | 000,606,602 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/10 18:32:04 | 000,105,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 18:24:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/10 18:24:07 | 3179,663,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/10 18:07:58 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/11/10 18:07:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/11/10 18:07:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/11/10 18:07:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/11/10 15:30:03 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/11/10 09:21:01 | 000,000,932 | ---- | M] () -- C:\Users\Imy\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/07 08:43:40 | 000,870,128 | ---- | M] () -- C:\Users\Imy\AppData\Roaming\mcs.rma
[2011/11/07 08:43:40 | 000,000,004 | ---- | M] () -- C:\Users\Imy\AppData\Roaming\2E2788
[2011/11/06 15:17:06 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/11/03 12:17:23 | 000,247,179 | ---- | M] () -- C:\Users\Imy\Documents\Asunder.jpg
[2011/11/03 12:16:24 | 000,272,545 | ---- | M] () -- C:\Users\Imy\Documents\cbyear.jpg
[2011/10/28 17:42:46 | 000,006,656 | ---- | M] () -- C:\Users\Imy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/23 07:24:59 | 000,006,080 | ---- | M] () -- C:\Users\Imy\AppData\Local\d3d9caps.dat
[2011/10/20 06:34:17 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/10/19 10:05:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2011/10/14 04:12:33 | 003,663,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/10 17:29:35 | 3179,663,360 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/06 15:15:44 | 000,001,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/11/03 12:17:20 | 000,247,179 | ---- | C] () -- C:\Users\Imy\Documents\Asunder.jpg
[2011/11/03 12:16:20 | 000,272,545 | ---- | C] () -- C:\Users\Imy\Documents\cbyear.jpg
[2011/10/19 08:35:11 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2011/10/18 14:22:56 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/10/18 14:22:53 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/08/17 18:27:21 | 000,006,656 | ---- | C] () -- C:\Users\Imy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/14 08:19:34 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/12/14 08:19:34 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/10/06 07:01:16 | 000,870,128 | ---- | C] () -- C:\Users\Imy\AppData\Roaming\mcs.rma
[2010/10/06 07:01:16 | 000,000,004 | ---- | C] () -- C:\Users\Imy\AppData\Roaming\2E2788
[2010/01/04 09:42:53 | 000,118,784 | ---- | C] () -- C:\Windows\System32\PTTreeIcons.dll
[2009/11/05 05:16:21 | 000,006,080 | ---- | C] () -- C:\Users\Imy\AppData\Local\d3d9caps.dat
[2009/09/16 13:25:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 13:25:01 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/08/11 15:01:44 | 170,184,480 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/08/05 16:57:13 | 000,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009/08/05 16:57:13 | 000,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/08/05 16:57:13 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/08/05 16:57:13 | 000,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/04/11 11:18:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/04/11 09:26:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/02/07 11:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcccoin.dll
[2007/01/26 06:11:42 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlccinsr.dll
[2007/01/26 06:11:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcccur.dll
[2007/01/26 06:09:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlccjswr.dll
[2007/01/26 05:59:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlccinsb.dll
[2007/01/26 05:58:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcccub.dll
[2007/01/26 05:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcccu.dll
[2007/01/26 05:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlccins.dll
[2007/01/26 05:53:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlccutil.dll
[2007/01/22 01:24:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcccfg.dll
[2006/11/02 04:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 04:44:53 | 003,663,632 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 02:33:01 | 000,606,602 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 02:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 02:33:01 | 000,105,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 02:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 02:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 00:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Fri 11 Nov 2011, 2:19 pm

[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 10:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2011/01/28 16:55:34 | 020,367,424 | ---- | M] (The GIMP Team ) -- C:\Users\Imy\gimp-2.6.11-i686-setup-1.exe
[2011/01/31 12:36:41 | 115,652,856 | ---- | M] (Kaspersky Lab) -- C:\Users\Imy\kis11.0.2.556EN-US.exe
[2011/01/14 07:55:43 | 007,866,472 | ---- | M] (Microsoft Corporation) -- C:\Users\Imy\mseinstall.exe
[2010/12/27 15:14:59 | 001,228,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Imy\Photoshop_12_LS1.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/09/29 19:35:52 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/09/29 19:35:56 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/09/29 19:36:01 | 000,246,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 18:24:19 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/12/27 15:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/12/27 15:24:12 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
[2009/12/08 14:45:32 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Email Toolbar
[2009/10/23 14:39:10 | 000,000,000 | ---D | M] -- C:\Program Files\AOL News Toolbar
[2011/06/22 09:16:45 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Toolbar
[2011/06/25 08:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/02/21 20:35:35 | 000,000,000 | ---D | M] -- C:\Program Files\Barnes & Noble
[2011/09/18 15:40:28 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/12/02 16:10:35 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2009/12/02 15:47:19 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2009/08/05 14:32:54 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2011/11/10 18:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/08/05 14:41:11 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2009/12/16 14:28:58 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2009/08/05 14:35:49 | 000,000,000 | ---D | M] -- C:\Program Files\Dell DataSafe Online
[2009/08/05 14:20:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Inc
[2011/10/18 14:22:38 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2009/09/14 09:38:27 | 000,000,000 | ---D | M] -- C:\Program Files\dl_Cats
[2011/10/18 09:05:17 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2011/03/28 20:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\GamesBar
[2011/01/28 17:10:43 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2010/12/14 06:23:39 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/08/05 09:02:21 | 000,000,000 | ---D | M] -- C:\Program Files\IDT
[2011/10/18 09:05:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/08/05 14:21:19 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/10/14 04:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/09/18 15:45:06 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/09/18 15:45:49 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/08/05 14:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/14 08:18:33 | 000,000,000 | ---D | M] -- C:\Program Files\Kaspersky Lab
[2011/11/10 09:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/04 12:24:44 | 000,000,000 | ---D | M] -- C:\Program Files\MFInstall
[2009/08/05 14:38:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/11/10 16:14:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/11/06 15:17:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2011/10/14 04:09:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/08/05 14:39:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/08/05 14:40:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2010/06/16 19:44:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/08/16 06:23:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft WSE
[2010/06/25 20:00:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/12 04:58:58 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/10/20 13:13:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/08/11 13:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/11/09 12:33:08 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2011/09/25 12:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\Origin
[2011/06/03 12:32:56 | 000,000,000 | ---D | M] -- C:\Program Files\Origin Games
[2011/03/08 13:37:03 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2011/09/18 15:22:11 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/06/15 15:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2009/08/05 14:32:41 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/01/04 09:42:57 | 000,000,000 | ---D | M] -- C:\Program Files\Snap 'n Share
[2009/08/05 16:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2011/07/15 16:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\twinspires
[2006/11/02 04:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/10/07 11:15:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/10/07 11:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/10/07 11:15:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/08/05 14:40:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/08/05 14:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2011/11/10 05:08:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/14 05:49:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 04:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/10/07 11:15:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/18 06:57:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/10/07 11:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/09/08 07:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 18:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 01:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2009/04/11 11:01:43 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009/04/10 22:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 22:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 18:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 18:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 01:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/04/11 11:01:42 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

< MD5 for: DISK.SYS >
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/10 22:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/20 18:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/20 18:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 01:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTOR.SYS >
[2008/05/07 14:40:38 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Drivers\storage\R197861\IaStor.sys
[2008/05/07 14:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\drivers\iaStor.sys
[2008/05/07 14:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys
[2009/03/31 10:12:36 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_8e717be2\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 18:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 01:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 18:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-10 17:18:39

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/29 19:36:01 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/29 19:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/10 16:02:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/10 16:02:51 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Files - Unicode (All) ==========
[2009/08/11 14:59:05 | 000,000,036 | ---- | M] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/08/11 14:59:05 | 000,000,036 | ---- | C] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:539420FF
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2B99FE60

< End of report >

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Extras.Txt

Post by Komodia on Fri 11 Nov 2011, 2:21 pm

Here is Extras.txt

OTL Extras logfile created on: 11/10/2011 6:30:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Imy\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 52.02% Memory free
6.14 Gb Paging File | 4.62 Gb Available in Paging File | 75.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 451.07 Gb Total Space | 320.64 Gb Free Space | 71.08% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 13.73 Gb Free Space | 93.70% Space Free | Partition Type: NTFS
Drive F: | 5.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: IMY-PC | User Name: Imy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A320108-8C8A-4E77-9AC2-6B954C17D2FC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{82BEA591-8587-4459-8B75-54D4BF228CC3}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{117E8AF3-D35C-4892-92B2-60AF6472D205}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1306A225-4A23-4382-B063-FCFACC198AE7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{19FC5045-F07C-429C-AB2F-218298CC8E7E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{34FCCF66-22A9-441B-A6CB-1E67095CA517}" = protocol=6 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"{431C8BAC-E63A-485D-B04A-97285B77694B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4C62B390-BEB1-4449-BDB3-284D0C70AFE7}" = protocol=6 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{88CA9A68-C5AF-45C1-BE22-9FD12E88E0CE}" = protocol=6 | dir=in | app=c:\program files\barnes & noble\nookstudy\nookstudy.exe |
"{8A623F99-9E70-41B6-9DFB-1E49C6224669}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{916E8009-91EA-4F4C-B218-1A1283DC699C}" = protocol=17 | dir=in | app=c:\program files\barnes & noble\nookstudy\nookstudy.exe |
"{91765E09-EB5B-443F-8F92-1C24946A22E6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9AE77666-F032-4903-8F43-C0D792A544FC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9CC9CC45-E3BF-41F7-B852-1C482741BF78}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{AC77CE78-1A43-4E88-A63E-E5AF1A143EF6}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C6F4EB76-366E-488D-959A-EBE1C11530A9}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{DA1ABDF1-2E90-4CF1-8BBF-CD26634EB250}" = protocol=17 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"{DF46C72C-7324-4B1F-AC06-F21EBA0FF19B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EC814EA0-F175-451A-9AD1-0FE8925C5D98}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{F575B3B8-33B7-4126-8E25-9E150CDDB5A3}" = protocol=17 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{F5C6B6CB-36BD-434F-B343-0F9428EA1540}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Fri 11 Nov 2011, 2:22 pm

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{258749E2-3A46-42B1-9A01-BF977AA06FAC}" = RPS CRT
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FB3647F-B6A6-46B4-8613-A09BCFAB80F0}" = Roxio Creator Premier 10
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}" = The Sims™ 3 Create a Pattern Tool
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{469EF13B-4AD0-48D7-AF89-6B92278293E2}" = Roxio Creator Premier
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F7AF444F-92A4-132D-AA3E-4D6AE3532C1E}" = Twinspires Pro
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Email Toolbar" = AOL Email Toolbar
"AOL News Toolbar" = AOL News Toolbar

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Fri 11 Nov 2011, 2:22 pm

"AOL Toolbar" = AOL Toolbar
"Canon MX320 series User Registration" = Canon MX320 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.twinspires.tspro.air" = Twinspires Pro
"Dell Support Center" = Dell Support Center
"EA Download Manager" = EA Download Manager
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"GamesBar" = GamesBar 2.0.1.81
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"NOOKstudy" = NOOKstudy
"Origin" = Origin
"Rhapsody" = Rhapsody
"SnapNShare" = Snap 'n Share
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Dell Touchpad
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Toolbar" = AOL Toolbar
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Fri 11 Nov 2011, 2:26 pm

Microsoft Security Essentials isn't letting me copy and paste so I'm going try to type out what it says

Detected Item: Exploit:Java/CVE-2010-0842.AN
Detected Item: TrojanDownloader:Java/OpenConnection.OU

Both of these were detected yesterday on Nov. 9th and it says they had been removed but my laptop is acting all wacky.

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Belahzur on Mon 14 Nov 2011, 11:22 am

Hello.

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Mon 14 Nov 2011, 1:34 pm

I never got an option to copy and paste that stuff but the scan went off and this is the log:



ComboFix 11-11-13.03 - Imy 11/13/2011 18:07:38.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3032.1110 [GMT -8:00]
Running from: c:\users\Imy\Desktop\commy.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\5907\Downloads\16837627-a839-41c5-a88f-3a0335128383.dll
c:\programdata\PCDr\5907\Downloads\76ca5355-2abf-4f06-bd1f-8e9052696db2.dll
c:\windows\system32\system
.
.
((((((((((((((((((((((((( Files Created from 2011-10-14 to 2011-11-14 )))))))))))))))))))))))))))))))
.
.
2011-11-14 02:20 . 2011-11-14 02:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-14 02:20 . 2011-11-14 02:21 -------- d-----w- c:\users\Imy\AppData\Local\temp
2011-11-14 01:30 . 2011-11-14 01:30 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\MpKslbe77ca7b.sys
2011-11-11 16:00 . 2011-11-11 16:00 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\MpKsl0194cf89.sys
2011-11-11 14:37 . 2011-11-11 14:37 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\MpKsl002b9e92.sys
2011-11-11 14:37 . 2011-11-14 01:30 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\offreg.dll
2011-11-11 14:29 . 2011-11-14 01:46 -------- d-----w- c:\programdata\AVAST Software
2011-11-11 14:29 . 2011-11-11 14:29 -------- d-----w- c:\program files\AVAST Software
2011-11-11 13:56 . 2011-11-11 23:54 489048 ------w- c:\windows\system32\drivers\4683457drv.sys
2011-11-11 13:33 . 2011-10-07 04:48 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E320043-F277-4143-AA9F-92D13DB5C94B}\mpengine.dll
2011-11-11 05:22 . 2011-11-11 05:23 -------- d-----w- c:\program files\Ask.com
2011-11-11 05:22 . 2011-11-14 01:35 -------- d-----w- c:\users\Imy\AppData\Roaming\Sammsoft
2011-11-11 02:10 . 2011-11-11 02:10 -------- d-----w- c:\program files\Common Files\Java
2011-11-11 02:08 . 2011-11-11 02:08 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-11-11 02:08 . 2011-11-11 02:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-09 15:13 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 15:13 . 2011-09-20 21:02 913280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 15:13 . 2011-09-20 13:44 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-11-09 15:13 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-07 23:51 . 2011-11-07 23:51 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FA353D0C-88E7-4161-9D80-11A97899949C}\gapaengine.dll
2011-11-06 23:15 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 04:48 . 2011-01-16 01:13 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-08 15:49 . 2011-05-26 00:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 13:30 . 2011-10-13 17:14 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 02:35 . 2011-10-14 00:33 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 02:28 . 2011-10-14 00:33 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 02:22 . 2011-10-14 00:33 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 01:00 . 2010-12-14 03:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-25 16:15 . 2011-10-13 17:13 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-08-25 16:14 . 2011-10-13 17:13 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-25 16:14 . 2011-10-13 17:13 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-08-25 13:31 . 2011-10-13 17:13 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-12-14 03:48 . 2010-12-14 03:48 7622112 ----a-w- c:\program files\mbam-setup-1.50.0.0.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-27 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9be4cb12-499d-4886-a444-78dce8571dde}]
2009-02-25 18:50 1283368 ----a-w- c:\program files\AOL News Toolbar\aolnewstb.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-27 02:23 1493160 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{142b34db-65ac-47e8-8a7f-026e3ec79fca}"= "c:\program files\AOL News Toolbar\aolnewstb.dll" [2009-02-25 1283368]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-27 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{142b34db-65ac-47e8-8a7f-026e3ec79fca}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{770db96d-5ed4-43b0-aa6f-3ecc3def19d2}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{142B34DB-65AC-47E8-8A7F-026E3EC79FCA}"= "c:\program files\AOL News Toolbar\aolnewstb.dll" [2009-02-25 1283368]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-27 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{142b34db-65ac-47e8-8a7f-026e3ec79fca}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{770db96d-5ed4-43b0-aa6f-3ecc3def19d2}]
[HKEY_CLASSES_ROOT\AOLNewsTb.AOLToolBand]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-03 3882312]
"SearchEngineProtection"="c:\program files\Gamesbar\SearchEngineProtection.exe" [2010-12-29 591248]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]
"EADM"="c:\program files\Origin\Origin.exe" [2011-09-23 27763336]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-05-08 1516840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-10 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-10 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-05-10 150552]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-04-09 1762032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-05-11 483428]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-12-11 722256]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-12-14 352976]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-06 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-07-27 397992]
.
c:\users\Imy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-5-28 1320288]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-5-28 1320288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-08-05 22:32 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-05-11 81920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLBE77CA7B
*NewlyCreated* - PCDSRVC{E9D79540-57D5953E-06020101}_0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
yksvcs REG_MULTI_SZ yksvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-19 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
2011-10-20 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
2011-11-14 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:31]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = ;*.local
IE: &AOL Email Toolbar Search - c:\programdata\AOL Email Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 192.168.2.1
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Kaspersky URL Advisor: [You must be registered and logged in to see this link.] - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Anti-Banner: [You must be registered and logged in to see this link.] - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Oberon GamesBar: [You must be registered and logged in to see this link.] - %profile%\extensions\gamesbar@oberon-media.com
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Support.com Toolbar: [You must be registered and logged in to see this link.] - %profile%\extensions\toolbar@ask.com
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKLM-Run-dellsupportcenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
HKLM-Run-NapsterShell - c:\program files\Napster\napster.exe
AddRemove-EA Download Manager - c:\program files\Electronic Arts\EADM\EADMUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-11-13 18:21
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,74,42,35,a7,2c,89,e6,49,a4,3c,7a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,74,42,35,a7,2c,89,e6,49,a4,3c,7a,\
.
Completion time: 2011-11-13 18:30:53
ComboFix-quarantined-files.txt 2011-11-14 02:30
.
Pre-Run: 343,714,476,032 bytes free
Post-Run: 344,087,343,104 bytes free
.
- - End Of File - - C71F5FA738C23D883FCAA4EB134BD9F1

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Belahzur on Tue 15 Nov 2011, 10:06 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Tue 15 Nov 2011, 2:03 pm

My laptop froze two hours and thirty nine mintues into the scan so the scan never finished. This is a problem I keep having with any anti virus program I use, it freezes towards the end of the scan.

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Belahzur on Wed 16 Nov 2011, 4:03 am

Okay lets get rid of some more stuff with Combofix.


  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:
    Code:

    Folder::
    c:\program files\Ask.com

    Registry::
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
    [-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
    [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
    [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

    DDS::
    uStart Page = about:blank
    mStart Page = about:blank

    Firefox::
    FF - ProfilePath - c:\users\Imy\AppData\Roaming\Mozilla\Firefox\Profiles\cdabwtdr.default\
    FF - prefs.js: browser.search.selectedEngine - Ask.com
    FF - prefs.js: browser.startup.homepage - hxxp://start.pogo.iplay.com/?o=shp
    FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=X-SD&o=13959&locale=en_US&apn_uid=69cc0e4d-5d7c-4e52-ab65-5dcf0881e275&apn_ptnrs=SV&apn_sauid=C9730B2A-C549-493D-8017-8703D0504A2A&apn_dtid=YYYYYYB9US&q=
    FF - Ext: Support.com Toolbar: [You must be registered and logged in to see this link.] - %profile%\extensions\toolbar@ask.com

  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Thu 17 Nov 2011, 11:27 am

I ran what I was told too and the Combo thing did show up as something infected but I didn't catch what it was since I had to leave the room at the moment, when I had come back my computer had restarted itself and there is no log. I keep typing in C:\Combofix.txt in the search but it can't find any and I can't find it either. I ran the Mal-ware Bytes again to see what it would do and it frooze again. It freezes on this:

C:\\Windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6002.18005_none_30e75e2643dc18b4\System.Windows.Forms.dll

It'll show that under "Currently Scanning" and it freezes. Should I try the steps over again with the CFScript and just make sure I do when I can be by the whole time to catch whatever it does?

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Wed 23 Nov 2011, 12:50 am

bump

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Belahzur on Fri 25 Nov 2011, 5:18 am

Hello.
Sorry for the delay, been busy.

How is the machine running now?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Fri 25 Nov 2011, 7:08 pm

It hasn't changed, still freezing on the anti virus programs and going slow and freezing

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Thu 01 Dec 2011, 9:10 am

Bump

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Belahzur on Thu 01 Dec 2011, 11:44 am

Sorry for the delay, busy week. Lets see if we can help the slowness.

Please download the current version of HijackThis from HERE

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Sun 04 Dec 2011, 4:22 pm

All I get at the end when it should show me the notepad log is a window poping up saying "Cannot Find the C:\Program Files\TrendMicro\HijackThis\hijackthis.log file" Then it ask me if I want to create a new file,one time I pressed yes and nothing happen, second time I pressed no and nothing happened.

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Belahzur on Tue 06 Dec 2011, 5:05 am

Hello.
Okay, right click Hijack This, run it as administrator and it should run correctly then.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Sat 10 Dec 2011, 2:20 pm

It doesn't give me that option when I right click it

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Belahzur on Mon 12 Dec 2011, 11:22 am

Okay, Download Startup Lite from here: [You must be registered and logged in to see this link.]

Open the program and press continue, follow any prompts and reboot normally (if it doesn't do it itself)

How is the machine now, any better? startup should be faster.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Tue 13 Dec 2011, 12:37 pm

No, anti virus still freezes and the comp still runs slow and freezes. When I tried that I got "Error on value:SunJavaUpateSched. There was an error creating a MsConfig Key" and got the error on these as well: Quick Time Task, IgfxTray, Persistence, HotkeysCmds and MsnMsgr.

I have now done a system restore which brought back my icons but the same problem I'm running into with the anti virus program freezing when it scans:
"C:\\Windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6002.18005_none_30e75e2643dc18b4\System.Windows.Forms.dll"

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Belahzur on Thu 15 Dec 2011, 9:20 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Komodia on Thu 15 Dec 2011, 9:31 am

I have maleware bytes and it freezes as well. On the same thing the other one does.

Komodia

Rookie Surfer
Rookie Surfer

Posts : 71
Joined : 2010-11-08
Operating System : Vista

View user profile

Back to top Go down

Re: Laptop freezing and anti virus programs freezing at the end of scans.

Post by Sponsored content Today at 4:40 pm


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum