Redirect virus and IE running in background, please help

Alright so I've tried to run this about half a dozen times and it hasn't gotten past 14%.
The first time I started it thinking it wouldnt take long but i had to cancel it because i needed my computer for some homework when i tried it the next time i opened my browser thinking that it wouldn't bother the scan running but it did and the scan stopped working "check online for fix or close program" message. After that I got the same error but i thought it was because IE was running in the background and i got a pop up from that. And finally I unplugged my Internet and tried running it, got to the same 14% as last time and gave me the stopped working.

Now I've been running this all from the setup icon that i downloaded as i couldn't find where it installed to, idk if that has anything to do with anything.

What do you suggest? should i try it again from safe mode?

Also on another note i have some verbatim IE errors i've been getting if you need them:
"Are you sure you want to navigate away from this page? Click cancel below to continue browsing on local pages. Click OK to continue."
and
"Stop running script? A script on this page is causing your web browser to run slowly. If it continues to run your computer might become unresponsive"

And there is something i realized recently that after all this started and i did a system restore in safe mode after rebooting there were a lot of files missing and i thought it was just a normal thing from the restore but now i've tried to copy something onto my desktop that was there before and it asked my to copy and replace as if the files were already there but invisible.

I went ahead and rebooted into safe mode just to see if it would run before i left for class this morning. I got home and it had come up with the same error that the program had stopped working though this time it was up to 67%. I ran it again and took a shower and when i got out it was errored at 13% again. No luck.

OK so I ran the command and I'm not sure if it automatically comes up with a new log or not. I assumed not and reran the aswMBR here's the log for that...

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-17 17:41:56
-----------------------------
17:41:56.220 OS Version: Windows x64 6.1.7600
17:41:56.220 Number of processors: 8 586 0x1A05
17:41:56.221 ComputerName: X UserName:
17:41:57.542 Initialize success
17:41:57.605 AVAST engine defs: 11111703
17:42:47.592 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port4Path0Target0Lun0
17:42:47.594 Disk 0 Vendor: WDC_WD64 05.0 Size: 610480MB BusType: 11
17:42:47.597 Device \Driver\mv91xx -> DriverStartIo SCSIPORT.SYS fffff88000d88bc0
17:42:47.599 Device \Driver\mv91xx -> MajorFunction fffffa8007a4c2c0
17:42:49.610 Disk 0 MBR read successfully
17:42:49.613 Disk 0 MBR scan
17:42:49.617 Disk 0 Windows 7 default MBR code
17:42:49.620 Service scanning
17:42:51.306 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
17:42:51.920 Modules scanning
17:42:51.924 Disk 0 trace - called modules:
17:42:51.934 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80085c3334]<<
17:42:51.939 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80085b1060]
17:42:51.945 3 CLASSPNP.SYS[fffff88001b4a43f] -> nt!IofCallDriver -> \Device\Scsi\mv91xx1Port4Path0Target0Lun0[0xfffffa8007ba4050]
17:42:51.950 \Driver\mv91xx[0xfffffa8007b86cd0] -> IRP_MJ_CREATE -> 0xfffffa8007a4c2c0
17:42:52.791 AVAST engine scan C:\Windows
17:42:55.532 AVAST engine scan C:\Windows\system32
17:43:45.291 AVAST engine scan C:\Windows\system32\drivers
17:43:50.756 AVAST engine scan C:\Users\Logan
17:48:54.617 AVAST engine scan C:\ProgramData
17:52:18.702 Scan finished successfully
17:56:12.694 Disk 0 MBR has been saved successfully to "C:\Users\Logan\Desktop\MBR.dat"
17:56:12.697 The log file has been saved successfully to "C:\Users\Logan\Desktop\aswMBR2.txt"

Hey, yeah as far as i can tell. there aren't anymore redirects and IE isn't running in the background... But i still have a bunch of missing files, my firefox search bar still had no providers and reset defaults is grayed out.

One thing i didn't mention and i don't know if it's related. In Steam when i add game servers to my favorites list they never stay and when i try and join a counter strike server it will tell me that my game isn't available or something.

What should I do now? it feels like my computer is very disorganized and things are missing.

Well I had a school folder on my desktop that had stuff in it from previous semesters that was gone but I got it back and go the files that were directly inside them from someone elses advise but now the files that were in that one are still gone, and then there are other folders I had that I can't quite remember the name of. I had a bunch of downloads in one folder like various addons and stuff for wow and other such things and the list of folders isn't as long. i can't remember what exactly is missing but i know its not all there. I thought it was from the system recovery but I got my school folder back and that turned out to just be invisible.

And how to i transfer my prefrences/bookmarks from firefox through reinstalling? is that possible?

And I just got a random Internet Explorer window open behind my firefox.... on the page blogtalkradio.com and then it changed to blank page...

yep I'm sure, its the little blue 'e' and the blue bar, I never have used it on this computer for my browsing except to download firefox and it took me months to convince my wife to swap from IE to firefox and the iexplorer.exe process is coming up in my task manager again.

I'll post back after running unhide.

Alright the unhide worked well, everything seems to be back. I got a new combofix and ran it and it ran fine except it says is should only take 10 minutes? mine took about an hour.
~10 minutes for the blue box to pop up
~40 minutes for the scan to run
~20 minutes for the box to come back up and for it to create the log.

And after trying that virus scan like 6 times I ran another DDS to see if it would count all the 'installs' it was doing when i clicked on the setup and the DDS took a very long time as well.

but anyways, heres the combofix log.

ComboFix 11-11-17.03 - Logan 11/17/2011 21:20:52.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8183.5510 [GMT -6:00]
Running from: c:\users\Logan\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-10-18 to 2011-11-18 )))))))))))))))))))))))))))))))
.
.
2011-11-18 03:49 . 2011-11-18 03:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-17 22:39 . 2011-11-18 03:54 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D95749C-B2B6-4428-A977-CAB35ED0737B}\offreg.dll
2011-11-16 05:57 . 2011-11-16 05:57 -------- d-----w- c:\programdata\Kaspersky Lab
2011-11-15 20:22 . 2011-10-18 07:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D95749C-B2B6-4428-A977-CAB35ED0737B}\mpengine.dll
2011-11-13 20:22 . 2011-11-13 20:22 -------- d-----w- c:\users\Logan\AppData\Roaming\Malwarebytes
2011-11-13 20:22 . 2011-11-13 20:22 -------- d-----w- c:\programdata\Malwarebytes
2011-11-09 21:04 . 2011-10-01 05:28 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 21:04 . 2011-10-01 04:43 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 21:03 . 2011-09-29 16:24 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 21:03 . 2011-09-29 04:09 3141120 ----a-w- c:\windows\system32\win32k.sys
2011-11-06 22:03 . 2011-11-06 22:03 -------- d-----w- c:\programdata\Age of Empires 3
2011-11-06 21:44 . 2006-08-30 22:03 34304 ----a-r- c:\program files (x86)\Microsoft Games\Age of Empires III\SetupENU2.dll
2011-11-06 21:37 . 2011-11-09 20:40 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
2011-11-06 20:11 . 2011-11-06 20:11 -------- d-----w- c:\users\Logan\AppData\Local\WB Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-22 02:24 . 2010-11-15 07:51 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-10-15 16:08 . 2011-05-18 19:14 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-03 17:53 . 2011-10-03 17:53 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-10-03 17:53 . 2011-10-03 17:53 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-10-03 17:53 . 2011-10-03 17:53 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-03 17:52 . 2011-10-03 17:52 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-10-03 17:52 . 2011-10-03 17:52 16652288 ----a-w- c:\windows\system32\amdocl64.dll
2011-10-03 17:52 . 2011-10-03 17:52 13625856 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-10-03 17:43 . 2011-10-03 17:43 44032 ----a-w- c:\windows\system32\amdoclcl64.dll
2011-10-03 17:42 . 2011-10-03 17:42 37376 ----a-w- c:\windows\SysWow64\amdoclcl.dll
2011-10-03 16:56 . 2011-10-03 16:56 10203648 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-10-03 16:24 . 2011-10-03 16:24 24996864 ----a-w- c:\windows\system32\atio6axx.dll
2011-10-03 16:03 . 2011-10-03 16:03 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-10-03 16:03 . 2011-10-03 16:03 732672 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-10-03 16:03 . 2011-10-03 16:03 18836480 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-10-03 16:02 . 2011-10-03 16:02 862720 ----a-w- c:\windows\system32\aticfx64.dll
2011-10-03 16:00 . 2011-10-03 16:00 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-10-03 15:59 . 2011-10-03 15:59 486912 ----a-w- c:\windows\system32\atieclxx.exe
2011-10-03 15:59 . 2011-10-03 15:59 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-10-03 15:58 . 2011-10-03 15:58 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-10-03 15:58 . 2011-10-03 15:58 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-10-03 15:57 . 2011-10-03 15:57 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-10-03 15:57 . 2011-10-03 15:57 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-10-03 15:57 . 2011-10-03 15:57 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-10-03 15:57 . 2011-10-03 15:57 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-10-03 15:57 . 2011-10-03 15:57 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-10-03 15:54 . 2011-10-03 15:54 4204032 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-10-03 15:49 . 2011-10-03 15:49 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-10-03 15:49 . 2011-10-03 15:49 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-10-03 15:48 . 2011-10-03 15:48 3888640 ----a-w- c:\windows\system32\atiumd6a.dll
2011-10-03 15:46 . 2011-10-03 15:46 4944896 ----a-w- c:\windows\system32\atidxx64.dll
2011-10-03 15:39 . 2011-10-03 15:39 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-10-03 15:39 . 2011-10-03 15:39 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-10-03 15:39 . 2011-10-03 15:39 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-10-03 15:39 . 2011-10-03 15:39 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-10-03 15:39 . 2011-10-03 15:39 8723456 ----a-w- c:\windows\system32\aticaldd64.dll
2011-10-03 15:39 . 2011-10-03 15:39 4064768 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-10-03 15:36 . 2011-10-03 15:36 7331840 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-10-03 15:35 . 2011-10-03 15:35 4289024 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-10-03 15:30 . 2011-10-03 15:30 5428736 ----a-w- c:\windows\system32\atiumd64.dll
2011-10-03 15:29 . 2011-10-03 15:29 58880 ----a-w- c:\windows\system32\coinst.dll
2011-10-03 15:23 . 2011-10-03 15:23 381952 ----a-w- c:\windows\system32\atiadlxx.dll
2011-10-03 15:23 . 2011-10-03 15:23 270336 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-10-03 15:22 . 2011-10-03 15:22 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-10-03 15:22 . 2011-10-03 15:22 13312 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-10-03 15:22 . 2011-10-03 15:22 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-10-03 15:22 . 2011-10-03 15:22 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-10-03 15:22 . 2011-10-03 15:22 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-10-03 15:22 . 2011-10-03 15:22 310784 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-10-03 15:22 . 2011-10-03 15:22 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-10-03 15:21 . 2011-10-03 15:21 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-10-03 15:21 . 2011-10-03 15:21 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-10-03 15:21 . 2011-10-03 15:21 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-10-03 15:21 . 2011-10-03 15:21 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-10-03 15:21 . 2011-10-03 15:21 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-10-03 15:21 . 2011-10-03 15:21 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-10-03 15:21 . 2011-10-03 15:21 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-10-03 15:21 . 2011-10-03 15:21 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-10-01 03:21 . 2011-10-13 19:49 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-01 02:59 . 2011-10-13 19:49 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-06 21:45 . 2010-07-29 06:09 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 21:45 . 2010-07-29 06:09 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 21:45 . 2011-04-11 21:35 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 21:38 . 2011-04-11 21:35 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 21:38 . 2010-07-29 06:10 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 21:36 . 2010-07-29 06:10 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 21:36 . 2010-07-29 06:10 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 21:36 . 2010-07-29 06:10 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 21:36 . 2010-07-29 06:10 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-04 00:10 . 2003-03-19 08:14 499712 ----a-w- c:\windows\system32\MSVCP71.DLL
2011-08-27 05:40 . 2011-10-13 19:48 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 05:40 . 2011-10-13 19:48 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 04:43 . 2011-10-13 19:48 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:43 . 2011-10-13 19:48 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-08-20 05:45 . 2011-10-13 19:49 1197568 ----a-w- c:\windows\system32\wininet.dll
2011-08-20 05:41 . 2011-10-13 19:49 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-20 04:38 . 2011-10-13 19:49 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-20 04:35 . 2011-10-13 19:49 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-08-20 04:20 . 2011-10-13 19:49 482816 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-14_02.22.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-11-18 03:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-14 02:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-14 02:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-18 03:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-18 03:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-14 02:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:43 . 2011-11-18 03:53 39108 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-18 03:53 30550 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-07-29 20:04 . 2011-11-18 03:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-29 20:04 . 2011-11-13 02:58 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-29 20:04 . 2011-11-18 03:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-29 20:04 . 2011-11-13 02:58 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-13 02:58 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-18 03:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:15 . 2011-11-18 03:51 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-09 20:58 . 2011-11-14 02:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-09 20:58 . 2011-11-17 23:38 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2011-11-09 20:58 . 2011-11-14 02:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2011-11-09 20:58 . 2011-11-17 23:38 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
- 2011-11-09 20:58 . 2011-11-14 02:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
+ 2011-11-09 20:58 . 2011-11-17 23:38 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
+ 2010-07-29 05:15 . 2011-11-18 03:51 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:15 . 2011-11-18 03:51 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:15 . 2011-11-17 23:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-29 05:15 . 2011-11-17 23:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:16 . 2011-11-18 03:53 9398 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3619874440-108817763-147304035-1001_UserData.bin
+ 2011-11-18 03:51 . 2011-11-18 03:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-14 02:20 . 2011-11-14 02:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-18 03:51 . 2011-11-18 03:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-14 02:20 . 2011-11-14 02:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-29 23:32 . 2011-11-18 03:45 465494 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-07-14 02:36 . 2011-11-14 00:27 623890 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-17 23:44 623890 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-17 23:44 107522 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-11-14 00:27 107522 c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2011-11-14 02:19 483772 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-11-18 03:51 483772 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-08-04 08:11 . 2011-11-14 02:19 7528328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3619874440-108817763-147304035-1001-12288.dat
+ 2010-08-04 08:11 . 2011-11-18 03:51 7528328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3619874440-108817763-147304035-1001-12288.dat
- 2009-07-14 02:34 . 2011-11-13 18:16 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-11-17 17:19 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-05-14 2426368]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-03 343168]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [x]
R3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456]
S2 UsbService;ASUS Virtual MFP Service;c:\program files (x86)\ASUS\Printer Utilities\UsbService64.exe [2008-07-21 327680]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-12-17 497856]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vuhub;Virtual Usb Hub;c:\windows\system32\DRIVERS\vuhub.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 112512]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Logan\AppData\Roaming\Mozilla\Firefox\Profiles\lh6f0s91.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3619874440-108817763-147304035-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:a5,75,5b,5a,a5,56,35,a3,dc,c6,bf,73,f8,36,2d,ba,41,51,ab,39,83,6c,0c,
86,d6,fe,b1,f8,85,1c,27,07,28,d2,98,10,ca,1f,e0,40,26,b5,8b,f5,1a,fc,d4,4e,\
"??"=hex:67,15,c8,29,8a,0a,10,1a,98,7a,31,a6,67,f4,4d,f8
.
[HKEY_USERS\S-1-5-21-3619874440-108817763-147304035-1001\Software\SecuROM\License information*]
"datasecu"=hex:0e,b7,66,38,00,b8,ed,86,cb,66,a2,d6,2f,a2,78,ad,46,40,c9,5a,99,
30,e0,c3,64,26,57,60,16,ec,86,3c,b7,61,7a,b3,96,fe,1f,c9,eb,49,65,d2,98,a4,\
"rkeysecu"=hex:69,f6,b3,00,7a,1a,83,1d,c3,a1,02,9f,7b,fb,b4,8d
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Motorola\MotoConnectService\MotoConnect.exe
.
**************************************************************************
.
Completion time: 2011-11-17 22:16:08 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-18 04:15
ComboFix2.txt 2011-11-14 05:25
.
Pre-Run: 218,821,132,288 bytes free
Post-Run: 227,664,318,464 bytes free
.
- - End Of File - - BC9A781B8C19031D13624D049C2AD781

And yay my search providers are back on my firefox. they must have been hidden or something.

Nope, got a statefarm IE window randomly. and its running in the background still.

It took 20 minutes for the quick scan and it didn't find anything, i'm about to start the complete scan and i'll post results when I wake up.

hmm, not what I expected lol.


dds.scr;C:\Documents and Settings\Logan\Desktop;Trojan.MulDrop3.6866;;
OTL.exe;C:\Documents and Settings\Logan\Desktop;Trojan.Siggen3.20406;Incurable.Moved.;
dds.scr;C:\Documents and Settings\Logan\DoctorWeb\Quarantine;Trojan.MulDrop3.6866;Incurable.Moved.;
OTL.exe;C:\Documents and Settings\Logan\DoctorWeb\Quarantine;Trojan.Siggen3.20406;Incurable.Moved.;
dds.scr;C:\Users\Logan\Desktop;Trojan.MulDrop3.6866;;