Author Topic: [Inactive]strange happenings (Read 8680 times)

coast · « **Reply #15 on:** November 21, 2011, 07:12:20 PM »

I zipped the application and system files separately. They are 1.19 MB and 2.51 MB respectively. Too large to upload. Am I doing something wrong?

coast · « **Reply #16 on:** November 21, 2011, 07:23:38 PM »

i may have found the missing text document. It is attached as it indicated.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/1/2009 1:57:44 PM
System Uptime: 11/21/2011 4:57:41 PM (2 hours ago)
.
Motherboard: Acer | | Aspire 6920
Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | U2E1 | 1833/167mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 183.755 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP941: 11/18/2011 9:48:31 PM - Installed AVG 2012
RP942: 11/18/2011 9:49:01 PM - Installed AVG 2012
RP943: 11/18/2011 9:50:20 PM - Removed AVG 2012
RP944: 11/19/2011 8:07:52 AM - Installed AVG 2012
RP945: 11/19/2011 8:08:27 AM - Installed AVG 2012
RP946: 11/19/2011 8:09:29 AM - Removed AVG 2012
RP947: 11/20/2011 - Scheduled Checkpoint
RP948: 11/20/2011 7:45:31 PM - Installed AVG 2012
RP949: 11/20/2011 7:46:04 PM - Installed AVG 2012
RP950: 11/20/2011 7:47:40 PM - Removed AVG 2012
RP951: 11/21/2011 5:02:09 PM - Installed AVG 2012
RP952: 11/21/2011 5:02:43 PM - Installed AVG 2012
RP953: 11/21/2011 5:04:03 PM - Removed AVG 2012
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 2 (SP2)
7-Zip 4.57
Acer Bio Protection
Acer Crystal Eye Webcam
Acrobat.com
Acronis True Image Home
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe After Effects CS3 Presets
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader X (10.1.1)
Adobe Setup
Adobe Shockwave Player 11.5
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
Agere Systems HDA Modem
AHV content for Acrobat and Flash
Apple Application Support
Apple Software Update
Atheros Communications Inc.(R) AR8121/AR8113 Gigabit/Fast Ethernet Driver
CCleaner
DivX Setup
EASEUS Partition Master 9.0.0 Home Edition
eBay Icon
FileZilla Client 3.5.1
Free M4a to MP3 Converter 6.2
GIMP 2.6.6
Google Chrome
Google Earth
Google Update Helper
High-Definition Video Playback
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
InstallIQ Updater
Instant Eyedropper 1.75
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
ISO Recorder
ITECIR Driver
JMicron JMB38X Flash Media Controller
Launch Manager
LG United Mobile Driver
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Calculator Plus
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox (3.6.18)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Movie ThemePack Basic
Nero Core Components 10
Nero Dolby Files 10
Nero Kwik Media
Nero Update
NeroKwikMedia Help (CHM)
OGA Notifier 2.0.0048.0
PDF Settings
Programmer's Notepad 2
QuickTime
Realtek High Definition Audio Driver
SeaTools for Windows
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Toolbars
Skype™ 5.0
StudioTax 2009
StudioTax 2010
Synaptics Pointing Device Driver
Unified Remote
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Validity Sensors software
VC80CRTRedist - 8.0.50727.6195
WhiteSmoke
Windows iLivid Toolbar
Xtreme Technologies Gateway (Driver Removal)
Xvid Video Codec
XWizard
.
==== Event Viewer Messages From Past Week ========
.
11/21/2011 4:59:59 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error: "740" Happened while starting this command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
11/21/2011 4:59:41 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
==== End Of File ===========================

Hoov · « **Reply #17 on:** November 21, 2011, 08:46:55 PM »

I have sent you a Private Message on what to do with the two log files.

Please run ccleaner to remove temporary files from your system, and to improve the scanning time of the other scans we may be running. Then please run Malwarebytes' Anti-Malware to check for malware. Both sets of instructions are below

1.Download and scan with CCleaner
When you get to the website, there is a dark grey box on the left side with two tabs along the top. Inside this Dark Grey box is a light grey box. Below that light grey box is where the download links are at. The pay amount is for paid support.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:

Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
Clean all the entries in the "Windows Explorer" section.
Clean all entries in the "System" section.
Clean all entries in the "Advanced" section.
Clean any others that you choose.

In the Applications Tab:

Clean all except cookies in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section.
Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware

Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

coast · « **Reply #18 on:** November 21, 2011, 09:55:39 PM »

Done. Report below.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8212

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

11/21/2011 9:48:39 PM
mbam-log-2011-11-21 (21-48-39).txt

Scan type: Quick scan
Objects scanned: 194994
Time elapsed: 3 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Hoov · « **Reply #19 on:** November 21, 2011, 10:22:17 PM »

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

coast · « **Reply #20 on:** November 22, 2011, 06:25:07 AM »

Done. Zero threats found. No report.

Hoov · « **Reply #21 on:** November 22, 2011, 06:33:27 AM »

Did it not generate a report? If it did please post it. Even clean reports can point to the correct issue.

* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

coast · « **Reply #22 on:** November 22, 2011, 06:06:22 PM »

Too rushed and sleepy this morning I guess. I did not notice the report tab. My apologies.

18:01:25.0516 5488   TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55
18:01:25.0875 5488   ============================================================
18:01:25.0875 5488   Current date / time: 2011/11/22 18:01:25.0875
18:01:25.0875 5488   SystemInfo:
18:01:25.0875 5488
18:01:25.0875 5488   OS Version: 6.0.6002 ServicePack: 2.0
18:01:25.0875 5488   Product type: Workstation
18:01:25.0875 5488   ComputerName: ACER-ASPIRE6920
18:01:25.0875 5488   UserName: Kelly
18:01:25.0875 5488   Windows directory: C:\Windows
18:01:25.0875 5488   System windows directory: C:\Windows
18:01:25.0875 5488   Processor architecture: Intel x86
18:01:25.0875 5488   Number of processors: 2
18:01:25.0875 5488   Page size: 0x1000
18:01:25.0875 5488   Boot type: Normal boot
18:01:25.0875 5488   ============================================================
18:01:26.0296 5488   Initialize success
18:01:32.0021 4724   ============================================================
18:01:32.0021 4724   Scan started
18:01:32.0021 4724   Mode: Manual;
18:01:32.0021 4724   ============================================================
18:01:32.0536 4724   ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:01:32.0551 4724   ACPI - ok
18:01:32.0692 4724   adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
18:01:32.0692 4724   adp94xx - ok
18:01:32.0739 4724   adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
18:01:32.0739 4724   adpahci - ok
18:01:32.0770 4724   adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
18:01:32.0770 4724   adpu160m - ok
18:01:32.0785 4724   adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
18:01:32.0785 4724   adpu320 - ok
18:01:32.0941 4724   AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:01:32.0941 4724   AFD - ok
18:01:33.0004 4724   AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
18:01:33.0019 4724   AgereSoftModem - ok
18:01:33.0129 4724   agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
18:01:33.0129 4724   agp440 - ok
18:01:33.0160 4724   aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:01:33.0160 4724   aic78xx - ok
18:01:33.0207 4724   AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys
18:01:33.0207 4724   AlfaFF - ok
18:01:33.0253 4724   aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
18:01:33.0253 4724   aliide - ok
18:01:33.0285 4724   amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
18:01:33.0285 4724   amdagp - ok
18:01:33.0300 4724   amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
18:01:33.0300 4724   amdide - ok
18:01:33.0425 4724   AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
18:01:33.0425 4724   AmdK7 - ok
18:01:33.0441 4724   AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
18:01:33.0441 4724   AmdK8 - ok
18:01:33.0503 4724   Andbus (3e59df4984fbd6800d6621480b38a34e) C:\Windows\system32\DRIVERS\lgandbus.sys
18:01:33.0503 4724   Andbus - ok
18:01:33.0550 4724   AndDiag (8e0bf6f3b2c9c292bc7ce0de727cdd56) C:\Windows\system32\DRIVERS\lganddiag.sys
18:01:33.0550 4724   AndDiag - ok
18:01:33.0565 4724   AndGps (1d2c90e25483363d54b652898bbc8f2a) C:\Windows\system32\DRIVERS\lgandgps.sys
18:01:33.0565 4724   AndGps - ok
18:01:33.0628 4724   ANDModem (b1b06a95da2cac7fa19832c60c348c85) C:\Windows\system32\DRIVERS\lgandmodem.sys
18:01:33.0628 4724   ANDModem - ok
18:01:33.0675 4724   arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
18:01:33.0675 4724   arc - ok
18:01:33.0706 4724   arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
18:01:33.0706 4724   arcsas - ok
18:01:33.0737 4724   AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:01:33.0737 4724   AsyncMac - ok
18:01:33.0784 4724   atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:01:33.0784 4724   atapi - ok
18:01:33.0893 4724   AVGIDSDriver - ok
18:01:33.0924 4724   AVGIDSFilter - ok
18:01:33.0940 4724   AVGIDSShim - ok
18:01:33.0955 4724   Avgrkx86 - ok
18:01:33.0987 4724   Avgtdix - ok
18:01:34.0049 4724   Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:01:34.0049 4724   Beep - ok
18:01:34.0096 4724   blbdrive - ok
18:01:34.0174 4724   bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:01:34.0174 4724   bowser - ok
18:01:34.0221 4724   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:01:34.0221 4724   BrFiltLo - ok
18:01:34.0236 4724   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:01:34.0236 4724   BrFiltUp - ok
18:01:34.0345 4724   Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:01:34.0345 4724   Brserid - ok
18:01:34.0377 4724   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:01:34.0377 4724   BrSerWdm - ok
18:01:34.0392 4724   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:01:34.0392 4724   BrUsbMdm - ok
18:01:34.0408 4724   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:01:34.0408 4724   BrUsbSer - ok
18:01:34.0439 4724   BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:01:34.0439 4724   BTHMODEM - ok
18:01:34.0486 4724   cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:01:34.0486 4724   cdfs - ok
18:01:34.0548 4724   cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:01:34.0548 4724   cdrom - ok
18:01:34.0579 4724   circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
18:01:34.0579 4724   circlass - ok
18:01:34.0626 4724   CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:01:34.0626 4724   CLFS - ok
18:01:34.0673 4724   CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:01:34.0689 4724   CmBatt - ok
18:01:34.0720 4724   cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
18:01:34.0720 4724   cmdide - ok
18:01:34.0735 4724   Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:01:34.0751 4724   Compbatt - ok
18:01:34.0767 4724   crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
18:01:34.0767 4724   crcdisk - ok
18:01:34.0798 4724   Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
18:01:34.0798 4724   Crusoe - ok
18:01:34.0860 4724   DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:01:34.0860 4724   DfsC - ok
18:01:34.0938 4724   disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:01:34.0938 4724   disk - ok
18:01:34.0985 4724   DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
18:01:34.0985 4724   DKbFltr - ok
18:01:35.0047 4724   DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
18:01:35.0047 4724   DritekPortIO - ok
18:01:35.0141 4724   drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:01:35.0141 4724   drmkaud - ok
18:01:35.0188 4724   DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:01:35.0203 4724   DXGKrnl - ok
18:01:35.0235 4724   E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:01:35.0235 4724   E1G60 - ok
18:01:35.0375 4724   Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:01:35.0375 4724   Ecache - ok
18:01:35.0422 4724   elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
18:01:35.0422 4724   elxstor - ok
18:01:35.0515 4724   epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\Windows\system32\epmntdrv.sys
18:01:35.0515 4724   epmntdrv - ok
18:01:35.0547 4724   EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\Windows\system32\EuGdiDrv.sys
18:01:35.0562 4724   EuGdiDrv - ok
18:01:35.0703 4724   exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:01:35.0703 4724   exfat - ok
18:01:35.0734 4724   fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:01:35.0734 4724   fastfat - ok
18:01:35.0781 4724   fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
18:01:35.0781 4724   fdc - ok
18:01:35.0843 4724   FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:01:35.0843 4724   FileInfo - ok
18:01:35.0890 4724   Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:01:35.0890 4724   Filetrace - ok
18:01:35.0921 4724   flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
18:01:35.0921 4724   flpydisk - ok
18:01:35.0952 4724   FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:01:35.0968 4724   FltMgr - ok
18:01:36.0030 4724   Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:01:36.0046 4724   Fs_Rec - ok
18:01:36.0077 4724   gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
18:01:36.0077 4724   gagp30kx - ok
18:01:36.0139 4724   HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:01:36.0155 4724   HdAudAddService - ok
18:01:36.0202 4724   HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:01:36.0217 4724   HDAudBus - ok
18:01:36.0249 4724   HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:01:36.0249 4724   HidBth - ok
18:01:36.0280 4724   HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
18:01:36.0280 4724   HidIr - ok
18:01:36.0342 4724   HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:01:36.0342 4724   HidUsb - ok
18:01:36.0373 4724   HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
18:01:36.0373 4724   HpCISSs - ok
18:01:36.0420 4724   HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:01:36.0420 4724   HTTP - ok
18:01:36.0436 4724   i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
18:01:36.0436 4724   i2omp - ok
18:01:36.0483 4724   i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:01:36.0483 4724   i8042prt - ok
18:01:36.0514 4724   iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
18:01:36.0514 4724   iaStor - ok
18:01:36.0561 4724   iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
18:01:36.0561 4724   iaStorV - ok
18:01:36.0623 4724   igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:01:36.0639 4724   igfx - ok
18:01:36.0685 4724   iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:01:36.0685 4724   iirsp - ok
18:01:36.0732 4724   Int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\System32\drivers\int15.sys
18:01:36.0732 4724   Int15 - ok
18:01:36.0904 4724   IntcAzAudAddService (92bcc487f16892cda495dbd8160272d9) C:\Windows\system32\drivers\RTKVHDA.sys
18:01:36.0919 4724   IntcAzAudAddService - ok
18:01:36.0982 4724   intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:01:36.0982 4724   intelide - ok
18:01:37.0044 4724   intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:01:37.0044 4724   intelppm - ok
18:01:37.0107 4724   IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:01:37.0107 4724   IpFilterDriver - ok
18:01:37.0138 4724   IpInIp - ok
18:01:37.0185 4724   IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
18:01:37.0185 4724   IPMIDRV - ok
18:01:37.0216 4724   IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:01:37.0216 4724   IPNAT - ok
18:01:37.0263 4724   IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:01:37.0263 4724   IRENUM - ok
18:01:37.0294 4724   isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
18:01:37.0294 4724   isapnp - ok
18:01:37.0325 4724   iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:01:37.0325 4724   iScsiPrt - ok
18:01:37.0341 4724   iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:01:37.0341 4724   iteatapi - ok
18:01:37.0372 4724   itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
18:01:37.0387 4724   itecir - ok
18:01:37.0403 4724   iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:01:37.0403 4724   iteraid - ok
18:01:37.0450 4724   kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:01:37.0450 4724   kbdclass - ok
18:01:37.0497 4724   kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:01:37.0497 4724   kbdhid - ok
18:01:37.0543 4724   KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
18:01:37.0559 4724   KSecDD - ok
18:01:37.0590 4724   L1E (a611c063a83f77533c1217ecc455a094) C:\Windows\system32\DRIVERS\L1E60x86.sys
18:01:37.0590 4724   L1E - ok
18:01:37.0637 4724   lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:01:37.0637 4724   lltdio - ok
18:01:37.0684 4724   LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
18:01:37.0684 4724   LSI_FC - ok
18:01:37.0699 4724   LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
18:01:37.0699 4724   LSI_SAS - ok
18:01:37.0715 4724   LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
18:01:37.0715 4724   LSI_SCSI - ok
18:01:37.0777 4724   luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:01:37.0777 4724   luafv - ok
18:01:37.0809 4724   mcdbus - ok
18:01:37.0871 4724   megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
18:01:37.0871 4724   megasas - ok
18:01:37.0902 4724   Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:01:37.0902 4724   Modem - ok
18:01:37.0996 4724   monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:01:37.0996 4724   monitor - ok
18:01:38.0011 4724   mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:01:38.0011 4724   mouclass - ok
18:01:38.0043 4724   mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:01:38.0043 4724   mouhid - ok
18:01:38.0074 4724   MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:01:38.0074 4724   MountMgr - ok
18:01:38.0121 4724   mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
18:01:38.0121 4724   mpio - ok
18:01:38.0152 4724   mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:01:38.0152 4724   mpsdrv - ok
18:01:38.0199 4724   Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:01:38.0199 4724   Mraid35x - ok
18:01:38.0230 4724   MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:01:38.0230 4724   MRxDAV - ok
18:01:38.0261 4724   mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:01:38.0261 4724   mrxsmb - ok
18:01:38.0308 4724   mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:01:38.0308 4724   mrxsmb10 - ok
18:01:38.0339 4724   mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:01:38.0339 4724   mrxsmb20 - ok
18:01:38.0401 4724   msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
18:01:38.0401 4724   msahci - ok
18:01:38.0417 4724   msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
18:01:38.0417 4724   msdsm - ok
18:01:38.0526 4724   Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:01:38.0526 4724   Msfs - ok
18:01:38.0573 4724   msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
18:01:38.0573 4724   msisadrv - ok
18:01:38.0604 4724   MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:01:38.0604 4724   MSKSSRV - ok
18:01:38.0635 4724   MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:01:38.0635 4724   MSPCLOCK - ok
18:01:38.0667 4724   MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:01:38.0667 4724   MSPQM - ok
18:01:38.0713 4724   MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:01:38.0713 4724   MsRPC - ok
18:01:38.0745 4724   mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:01:38.0745 4724   mssmbios - ok
18:01:38.0776 4724   MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:01:38.0776 4724   MSTEE - ok
18:01:38.0823 4724   Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:01:38.0823 4724   Mup - ok
18:01:38.0885 4724   NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:01:38.0901 4724   NativeWifiP - ok
18:01:39.0010 4724   NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:01:39.0010 4724   NDIS - ok
18:01:39.0057 4724   NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:01:39.0057 4724   NdisTapi - ok
18:01:39.0088 4724   Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:01:39.0088 4724   Ndisuio - ok
18:01:39.0135 4724   NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:01:39.0135 4724   NdisWan - ok
18:01:39.0166 4724   NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:01:39.0166 4724   NDProxy - ok
18:01:39.0259 4724   NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:01:39.0259 4724   NetBIOS - ok
18:01:39.0306 4724   netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:01:39.0306 4724   netbt - ok
18:01:39.0493 4724   NETw4v32 (caaea35dae7f4c19db05481dac22c2ba) C:\Windows\system32\DRIVERS\NETw4v32.sys
18:01:39.0509 4724   NETw4v32 - ok
18:01:39.0540 4724   nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:01:39.0556 4724   nfrd960 - ok
18:01:39.0571 4724   Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:01:39.0571 4724   Npfs - ok
18:01:39.0618 4724   nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:01:39.0634 4724   nsiproxy - ok
18:01:39.0712 4724   Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:01:39.0727 4724   Ntfs - ok
18:01:39.0759 4724   ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:01:39.0759 4724   ntrigdigi - ok
18:01:39.0790 4724   Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:01:39.0790 4724   Null - ok
18:01:39.0821 4724   nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
18:01:39.0821 4724   nvraid - ok
18:01:39.0837 4724   nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
18:01:39.0837 4724   nvstor - ok
18:01:39.0868 4724   nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
18:01:39.0868 4724   nv_agp - ok
18:01:39.0883 4724   NwlnkFlt - ok
18:01:39.0899 4724   NwlnkFwd - ok
18:01:39.0961 4724   ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
18:01:39.0961 4724   ohci1394 - ok
18:01:40.0086 4724   Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:01:40.0086 4724   Parport - ok
18:01:40.0117 4724   partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:01:40.0117 4724   partmgr - ok
18:01:40.0149 4724   Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:01:40.0149 4724   Parvdm - ok
18:01:40.0211 4724   pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:01:40.0211 4724   pci - ok
18:01:40.0242 4724   pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
18:01:40.0242 4724   pciide - ok
18:01:40.0273 4724   pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:01:40.0273 4724   pcmcia - ok
18:01:40.0367 4724   pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
18:01:40.0367 4724   pcouffin - ok
18:01:40.0429 4724   PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:01:40.0445 4724   PEAUTH - ok
18:01:40.0554 4724   PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:01:40.0554 4724   PptpMiniport - ok
18:01:40.0570 4724   Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
18:01:40.0570 4724   Processor - ok
18:01:40.0679 4724   PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:01:40.0679 4724   PSched - ok
18:01:40.0741 4724   ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
18:01:40.0757 4724   ql2300 - ok
18:01:40.0804 4724   ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:01:40.0804 4724   ql40xx - ok
18:01:40.0866 4724   QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:01:40.0866 4724   QWAVEdrv - ok
18:01:40.0897 4724   RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:01:40.0897 4724   RasAcd - ok
18:01:40.0929 4724   Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:01:40.0929 4724   Rasl2tp - ok
18:01:40.0991 4724   RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:01:40.0991 4724   RasPppoe - ok
18:01:41.0022 4724   RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:01:41.0022 4724   RasSstp - ok
18:01:41.0069 4724   rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:01:41.0069 4724   rdbss - ok
18:01:41.0100 4724   RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:01:41.0100 4724   RDPCDD - ok
18:01:41.0147 4724   rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
18:01:41.0147 4724   rdpdr - ok
18:01:41.0194 4724   RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:01:41.0194 4724   RDPENCDD - ok
18:01:41.0303 4724   RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:01:41.0303 4724   RDPWD - ok
18:01:41.0365 4724   rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:01:41.0365 4724   rspndr - ok
18:01:41.0412 4724   sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:01:41.0412 4724   sbp2port - ok
18:01:41.0459 4724   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:01:41.0459 4724   secdrv - ok
18:01:41.0490 4724   Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:01:41.0490 4724   Serenum - ok
18:01:41.0506 4724   Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:01:41.0506 4724   Serial - ok
18:01:41.0537 4724   sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:01:41.0537 4724   sermouse - ok
18:01:41.0615 4724   sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
18:01:41.0615 4724   sffdisk - ok
18:01:41.0631 4724   sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
18:01:41.0631 4724   sffp_mmc - ok
18:01:41.0646 4724   sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
18:01:41.0646 4724   sffp_sd - ok
18:01:41.0677 4724   sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:01:41.0677 4724   sfloppy - ok
18:01:41.0724 4724   sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
18:01:41.0724 4724   sisagp - ok
18:01:41.0802 4724   SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
18:01:41.0802 4724   SiSRaid2 - ok
18:01:41.0818 4724   SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
18:01:41.0818 4724   SiSRaid4 - ok
18:01:41.0911 4724   Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:01:41.0911 4724   Smb - ok
18:01:42.0036 4724   snapman380 (5ce1cf27620b144e212d407cdb14d339) C:\Windows\system32\DRIVERS\snman380.sys
18:01:42.0052 4724   snapman380 - ok
18:01:42.0083 4724   spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:01:42.0083 4724   spldr - ok
18:01:42.0130 4724   srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:01:42.0145 4724   srv - ok
18:01:42.0208 4724   srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:01:42.0208 4724   srv2 - ok
18:01:42.0255 4724   srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:01:42.0255 4724   srvnet - ok
18:01:42.0348 4724   swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:01:42.0348 4724   swenum - ok
18:01:42.0395 4724   Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:01:42.0395 4724   Symc8xx - ok
18:01:42.0426 4724   Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:01:42.0426 4724   Sym_hi - ok
18:01:42.0457 4724   Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:01:42.0457 4724   Sym_u3 - ok
18:01:42.0504 4724   SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
18:01:42.0504 4724   SynTP - ok
18:01:42.0567 4724   Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
18:01:42.0582 4724   Tcpip - ok
18:01:42.0645 4724   Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
18:01:42.0660 4724   Tcpip6 - ok
18:01:42.0707 4724   tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:01:42.0707 4724   tcpipreg - ok
18:01:42.0738 4724   TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:01:42.0754 4724   TDPIPE - ok
18:01:42.0847 4724   tdrpman174 (d953f161177dab3c8440844a9ab6e5a2) C:\Windows\system32\DRIVERS\tdrpm174.sys
18:01:42.0863 4724   tdrpman174 - ok
18:01:42.0910 4724   TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:01:42.0910 4724   TDTCP - ok
18:01:42.0972 4724   tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:01:42.0972 4724   tdx - ok
18:01:43.0019 4724   TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:01:43.0019 4724   TermDD - ok
18:01:43.0081 4724   tifsfilter (6dcb8ddb481cd3c40fa68593723b4d89) C:\Windows\system32\DRIVERS\tifsfilt.sys
18:01:43.0081 4724   tifsfilter - ok
18:01:43.0159 4724   timounter (394fc70b88b7958fa85798bbc76d140a) C:\Windows\system32\DRIVERS\timntr.sys
18:01:43.0159 4724   timounter - ok
18:01:43.0222 4724   tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:01:43.0222 4724   tssecsrv - ok
18:01:43.0300 4724   tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:01:43.0300 4724   tunmp - ok
18:01:43.0347 4724   tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
18:01:43.0347 4724   tunnel - ok
18:01:43.0393 4724   uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
18:01:43.0393 4724   uagp35 - ok
18:01:43.0440 4724   udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:01:43.0440 4724   udfs - ok
18:01:43.0487 4724   uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
18:01:43.0487 4724   uliagpkx - ok
18:01:43.0565 4724   uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
18:01:43.0565 4724   uliahci - ok
18:01:43.0581 4724   UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:01:43.0581 4724   UlSata - ok
18:01:43.0596 4724   ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:01:43.0612 4724   ulsata2 - ok
18:01:43.0690 4724   umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:01:43.0690 4724   umbus - ok
18:01:43.0737 4724   usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
18:01:43.0752 4724   usbaudio - ok
18:01:43.0830 4724   usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:01:43.0830 4724   usbccgp - ok
18:01:43.0861 4724   usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:01:43.0861 4724   usbcir - ok
18:01:43.0971 4724   usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:01:43.0971 4724   usbehci - ok
18:01:44.0002 4724   usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:01:44.0002 4724   usbhub - ok
18:01:44.0049 4724   usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:01:44.0049 4724   usbohci - ok
18:01:44.0080 4724   usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:01:44.0080 4724   usbprint - ok
18:01:44.0127 4724   USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:01:44.0127 4724   USBSTOR - ok
18:01:44.0173 4724   usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:01:44.0173 4724   usbuhci - ok
18:01:44.0205 4724   usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:01:44.0205 4724   usbvideo - ok
18:01:44.0251 4724   VClone (1cdaa48cb2f7744b8d25650e050766a5) C:\Windows\system32\DRIVERS\VClone.sys
18:01:44.0251 4724   VClone - ok
18:01:44.0345 4724   vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys
18:01:44.0345 4724   vfs101x - ok
18:01:44.0392 4724   vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
18:01:44.0392 4724   vga - ok
18:01:44.0423 4724   VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:01:44.0423 4724   VgaSave - ok
18:01:44.0439 4724   viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
18:01:44.0454 4724   viaagp - ok
18:01:44.0470 4724   ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
18:01:44.0470 4724   ViaC7 - ok
18:01:44.0501 4724   viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
18:01:44.0501 4724   viaide - ok
18:01:44.0532 4724   volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:01:44.0532 4724   volmgr - ok
18:01:44.0579 4724   volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:01:44.0579 4724   volmgrx - ok
18:01:44.0626 4724   volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:01:44.0626 4724   volsnap - ok
18:01:44.0657 4724   vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
18:01:44.0657 4724   vsmraid - ok
18:01:44.0704 4724   WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:01:44.0704 4724   WacomPen - ok
18:01:44.0735 4724   Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:01:44.0735 4724   Wanarp - ok
18:01:44.0751 4724   Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:01:44.0751 4724   Wanarpv6 - ok
18:01:44.0797 4724   Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
18:01:44.0797 4724   Wd - ok
18:01:44.0844 4724   Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:01:44.0844 4724   Wdf01000 - ok
18:01:44.0953 4724   WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:01:44.0953 4724   WmiAcpi - ok
18:01:45.0031 4724   ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:01:45.0047 4724   ws2ifsl - ok
18:01:45.0094 4724   WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:01:45.0094 4724   WUDFRd - ok
18:01:45.0141 4724   XSIUSBXP (bc9c2ef22ee0320c079e3ff9b4d29951) C:\Windows\system32\drivers\XSiUSBXp.sys
18:01:45.0141 4724   XSIUSBXP - ok
18:01:45.0172 4724   MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:01:45.0187 4724   \Device\Harddisk0\DR0 - ok
18:01:45.0187 4724   Boot (0x1200) (541e8843c6bc09ba4291975909b8bdda) \Device\Harddisk0\DR0\Partition0
18:01:45.0187 4724   \Device\Harddisk0\DR0\Partition0 - ok
18:01:45.0187 4724   ============================================================
18:01:45.0187 4724   Scan finished
18:01:45.0187 4724   ============================================================
18:01:45.0203 4208   Detected object count: 0
18:01:45.0203 4208   Actual detected object count: 0

Hoov · « **Reply #23 on:** November 22, 2011, 06:38:30 PM »

No worries. Go ahead and run combofix.

coast · « **Reply #24 on:** November 23, 2011, 05:29:51 AM »

ComboFix was started about 8 hours ago. It ran as expected (including an auto reboot) and got to Preparing Log Report. That screen has been on since then. I have not touched the computer. Even now I am on another one. I know it says to be patient at this stage, but I am thinking something is not working.

Hoov · « **Reply #25 on:** November 23, 2011, 06:52:33 AM »

Go ahead and restart the computer and then go to c:\qoobox and open the file named combofix.txt and copy it and post it up. If its not there, let me know.

Also test your computer and see if anything has changed.

coast · « **Reply #26 on:** November 23, 2011, 05:29:23 PM »

There was no file in that folder. The computer was locked and could only restart be removing the power. Once restarted all seemed as it was, including the AVG error.

Hoov · « **Reply #27 on:** November 23, 2011, 06:00:47 PM »

I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

Now run combofix again. Once it is done and has rebooted the computer again, run msconfig and select normal startup then click apply then OK and reboot the computer. If it ran good post the log, if not let me know how it went.

coast · « **Reply #28 on:** November 23, 2011, 07:23:26 PM »

It worked!
A Windows dialog box appeared. It said PEV.exe stopped working and then disappeared after a bit.
Not to complicate things..........but I sure regret having downloaded White Smoke.

ComboFix 11-11-23.03 - Kelly 11/23/2011 18:58:28.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.1968 [GMT -6:00]
Running from: c:\users\Kelly\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\program files\Acer\Acer Bio Protection\PwdFilter.dll
c:\users\Kelly\AppData\Roaming\Desktopicon\eBay.ico
c:\users\Kelly\AppData\Roaming\Desktopicon\uninst.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-24 to 2011-11-24 )))))))))))))))))))))))))))))))
.
.
2011-11-24 01:06 . 2011-11-24 01:06   --------   d-----w-   c:\users\Kelly\AppData\Local\temp
2011-11-24 01:06 . 2011-11-24 01:06   --------   d-----w-   c:\users\Laptop\AppData\Local\temp
2011-11-24 01:06 . 2011-11-24 01:06   --------   d-----w-   c:\users\Kelly2\AppData\Local\temp
2011-11-24 01:06 . 2011-11-24 01:06   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-11-22 08:15 . 2011-10-18 07:28   6668624   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7EB06C8-3573-4885-9364-142D0F6AEA5E}\mpengine.dll
2011-11-22 03:43 . 2011-11-22 03:43   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2011-11-22 03:43 . 2011-08-31 23:00   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-11-19 00:55 . 2011-11-19 00:55   2069272   ----a-w-   c:\windows\system32\AutoPartNt.exe
2011-11-12 03:19 . 2011-11-12 03:19   44704   ----a-w-   c:\windows\system32\drivers\tifsfilt.sys
2011-11-12 03:18 . 2011-11-17 02:44   --------   d-----w-   c:\program files\Common Files\Acronis
2011-11-12 03:08 . 2011-11-12 03:08   --------   d-sh--w-   c:\windows\system32\AI_RecycleBin
2011-11-12 03:08 . 2011-11-12 03:08   --------   d-----w-   c:\programdata\W3i
2011-11-12 03:08 . 2011-11-12 03:08   --------   d-----w-   c:\program files\W3i
2011-11-12 03:08 . 2011-11-12 03:08   --------   d-----w-   c:\program files\7-Zip
2011-11-12 03:08 . 2011-11-12 03:08   --------   d-----w-   c:\program files\Free Offers from Freeze.com
2011-11-12 03:07 . 2011-11-13 18:45   --------   d-----w-   c:\programdata\Yahoo!
2011-11-12 03:07 . 2011-11-13 18:45   --------   d-----w-   c:\program files\Yahoo!
2011-11-09 07:37 . 2011-09-20 21:02   905088   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-09 07:37 . 2011-09-30 15:57   707584   ----a-w-   c:\program files\Common Files\System\wab32.dll
2011-10-26 02:42 . 2011-10-26 02:42   --------   d-----w-   c:\users\Kelly\AppData\Roaming\Unified Remote
2011-10-26 02:41 . 2011-10-26 02:41   --------   d-----w-   c:\program files\Unified Remote
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-13 23:28 . 2011-06-10 00:34   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 13:30 . 2011-10-12 05:36   2043392   ----a-w-   c:\windows\system32\win32k.sys
2011-09-01 02:35 . 2011-10-13 21:22   1798144   ----a-w-   c:\windows\system32\jscript9.dll
2011-09-01 02:28 . 2011-10-13 21:22   1126912   ----a-w-   c:\windows\system32\wininet.dll
2011-09-01 02:22 . 2011-10-13 21:22   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
c:\users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2010-6-6 3656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2009-06-01 18:50   3024384   ----a-w-   c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\WI371A~1\Datamngr\datamngr.dll c:\progra~1\WI371A~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Users^Kelly^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Launch WhiteSmoke.lnk]
path=c:\users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke.lnk
backup=c:\windows\pss\Launch WhiteSmoke.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-11-22 03:48   165144   ----a-w-   c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2008-11-22 03:57   960528   ----a-w-   c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 17:55   937920   ----a-w-   c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2011-09-28 07:39   404568   ----a-w-   c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08   1259376   ----a-w-   c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33   125952   ----a-w-   c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-01-02 14:06   166424   ----a-w-   c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-10-24 15:02   178712   ----a-w-   c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-01-02 14:07   141848   ----a-w-   c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallIQUpdater]
2011-10-11 18:49   1179648   ----a-w-   c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2006-05-17 05:58   213936   ----a-w-   c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2009-06-01 18:58   805384   ----a-w-   c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-08-31 23:00   449608   ----a-w-   c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-01-02 14:07   133656   ----a-w-   c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
2007-10-23 15:56   200704   ----a-w-   c:\windows\PLFSetI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 23:36   421888   ----a-w-   c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-03-11 22:53   5296128   ----a-w-   c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28   1233920   ----a-w-   c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-11-20 23:15   1826816   ----a-w-   c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-01-18 16:31   1033512   ----a-w-   c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2008-11-22 03:20   4352832   ----a-w-   c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unified Remote v2]
2011-09-30 19:37   194560   ----a-w-   c:\program files\Unified Remote\RemoteServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41   8192   ----a-w-   c:\program files\Xvid\CheckUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000]
2009-06-01 18:49   3642368   ----a-w-   c:\program files\Acer\Acer Bio Protection\PdtWzd.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-08-20 47360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 XSIUSBXP;XSIUSBXP;c:\windows\system32\drivers\XSiUSBXp.sys [2011-01-06 14848]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 133104]
R4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 133104]
R4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R4 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-03-29 598312]
R4 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-02-15 595248]
S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2009-06-01 43184]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
S3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-02-15 40752]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ     FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 01:47]
.
2011-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-18 01:47]
.
2011-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1165372615-1279365063-1623047941-1001.job
- c:\users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-05 22:51]
.
2011-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1165372615-1279365063-1623047941-1002Core.job
- c:\users\Kelly\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-11 00:49]
.
2011-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1165372615-1279365063-1623047941-1002UA.job
- c:\users\Kelly\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-11 00:49]
.
2010-12-15 c:\windows\Tasks\User_Feed_Synchronization-{10696670-8BB2-479B-BF95-6644FFA8EFA8}.job
- c:\windows\system32\msfeedssync.exe [2011-04-26 02:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\3y5vcej3.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=119&systemid=406&sr=0&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
FF - Ext: ColorZilla: {6AC85730-7D0F-4de0-B3FA-21142DD85326} - %profile%\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: CodeBurner for Firebug: firebug@tools.sitepoint.com - %profile%\extensions\firebug@tools.sitepoint.com
FF - Ext: MeasureIt: {75CEEE46-9B64-46f8-94BF-54012DE155F0} - %profile%\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Screenshot Pimp: {056d0610-e44d-11df-bccf-0800200c9a66} - %profile%\extensions\{056d0610-e44d-11df-bccf-0800200c9a66}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
AddRemove-eBay Icon - c:\users\Kelly\AppData\Roaming\Desktopicon\uninst.exe
AddRemove-XSIUSBXP&10C4&8227 - c:\windows\system32\Silabs\DriverUninstaller.exe USBXpress\XSIUSBXP&10C4&8227
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-23 19:06
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a0,49,59,d5,76,4d,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,87,7e,07,70,2b,4b,13,40,87,13,ab,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,87,7e,07,70,2b,4b,13,40,87,13,ab,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-11-23 19:07:53
ComboFix-quarantined-files.txt 2011-11-24 01:07
.
Pre-Run: 191,074,025,472 bytes free
Post-Run: 191,027,625,984 bytes free
.
- - End Of File - - D480587481A41CC44FC5378F2A82EA7B

Hoov · « **Reply #29 on:** November 23, 2011, 07:40:30 PM »

I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

Now run the AVG Removal tool again. Reboot the computer and try installing AVG again. Once it has failed or installed, run msconfig and select normal startup then click apply then OK and reboot the computer. Let me know how it went.

News:

Author Topic: [Inactive]strange happenings (Read 8680 times)

coast

Re: [In Progress] strange happenings

coast

Re: [In Progress] strange happenings

Hoov

Re: [In Progress] strange happenings

coast

Re: [In Progress] strange happenings

Hoov

Re: [In Progress] strange happenings

coast

Re: [In Progress] strange happenings

Hoov

Re: [In Progress] strange happenings

coast

Re: [In Progress] strange happenings

Hoov

Re: [In Progress] strange happenings

coast

Re: [In Progress] strange happenings

Hoov

Re: [In Progress] strange happenings

coast

Re: [In Progress] strange happenings

Hoov

Re: [In Progress] strange happenings

coast

Re: [In Progress] strange happenings

Hoov

Re: [In Progress] strange happenings