Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WMC opening by itself repeatedly, programs exit w/o command, mouse acts odd


  • Please log in to reply
11 replies to this topic

#1 Gary's Girl

Gary's Girl

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:01:54 AM

Posted 19 October 2009 - 11:33 PM

Greetings. Hoping someone can help with a frustrating problem - - Dell Inspiron 1721; 3 GB RAM; 250 GB HDD; Athlon 64 x2 Dual Core 1.9 GHz processor; Vista Home Premium 32 bit OS.

Reformatted and clean install of Vista 2 months ago. Afterward, everything worked perfectly until a week ago. After automatic updates installed Vista SP2, suddenly Windows Media Center (which I've never used and am not at all familiar with and have no plans to learn it and use it in the future) began opening by itself over and over. A little window popped up on boot up that said something to the effect that my new hardware needed intalled; however, I have not added any new hardware. Have no idea what it was trying to install. Also, intermittently, programs I'm using just exit out even though I have not pressed exit. And, the mouse intermittently jumps around by itself or won't respond to the touchpad. Also, sometimes an odd looking exit menu appears top left screen in a different resolution than the screen is set at. AND, sometimes, when I'm working, all of a sudden the keys won't type but the computer issues a loud beep every time a key is pressed.

Weird! Good grief. So, here's what I did to try to fix the problem:

Immediately ran system restore. No change.
Tried another date. Still no change.
Went through all restore points and each time I got the message that the restore was successful; however no change.
Ran CCleaner.
Ran AVG (paid subscription); found nothing.
Ran SuperAntiSpyware (paid subscription); found nothing.
Ran Panda Online Scanner (paid subscription); it found a file that it said it couldn't disinfect; the file name was \Downloads\HC82_VistaLogo_Drv_...E Encoder x86 V62 Setup Silent.exe - - tried to find it and delete it but couldn't locate it; however similar file names were in the AverMedia folder. Don't use AverMedia even though it came with the computer, so I uninstalled it.
Ran Panda scan again and it found nothing this time.
Started googling and stopped all WMC services and removed every instance of it from startup.
Ran Trend Micro Housecall; found nothing.

Nothing has worked and the problem persists although it seems to be less frequent than before; however it still happens several times a day and is driving me insane.

Will try anything anyone can suggest, as I'm at my wit's end and have tried everything I know to do and could find by googling. I'm not very 'techy' but I can follow instructions well.

Thanks for any help forthcoming!
HomesickInTexas

Edited by HomesickInTexas, 20 October 2009 - 02:29 AM.


BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:02:54 AM

Posted 20 October 2009 - 11:24 AM

Let's see if we can find out what's going on

:flowers:

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

----------------------------------

Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to High

Also try: right-click on rootrepeal.exe and rename it to tatertot.scr

---------------------------------------------------------------

:thumbsup:
  • Please download System Repair Engineer from here
  • Unzip/extract sreng2.zip to a folder on your desktop
  • Double-click on SREngLdr.EXE to launch System Repair Engineer
  • Click the Smart Scan Icon
  • Click Scan
  • Wait for the scan to finish
  • Click on the Save Reports button
  • Save it to your desktop, using the recommended name of SREngLOG.log
  • Close System Repair Engineer
  • Use notepad to open the SREngLOG.log file
  • Copy & paste the contents of that file as a reply to this topic
  • Note: The log may be long, and you may need several posts to post all of it
  • If you are using a custom HOSTS file, please leave out the HOSTS File section, as it will make the log far too long

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:01:54 AM

Posted 20 October 2009 - 02:33 PM

Mark, thanks so much for your response. I've been trying to run RootRepeal and haven't yet been able to get it to complete. It hangs up somewhere in the process. Will try a couple of more times and then move on to the next scan you requested. Will post when done.

Thanks again!

#4 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:01:54 AM

Posted 20 October 2009 - 05:55 PM

Hello, again, Mark. I've tried repeatedly to get RootRepeal to run on the system and it would never complete, but kept hanging up with a little blank window popping up on top that said, simply, 'Error'.

I started to run the system repair engine, but wondered if the RootRepeal had to be done first; but as it wouldn't complete, I didn't know whether to run the other or not.

Please advise.

Thanks so much!

#5 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:02:54 AM

Posted 20 October 2009 - 06:30 PM

You can skip Root Repeal

You can also try these:

:flowers:

Please download Win32kDiag.exe by AD and save it to your desktop.
alternate download 1
alternate download 2
  • This tool will create a diagnostic report
  • Double-click on Win32kDiag.exe to run and let it finish.
  • When it states Finished! Press any key to exit..., press any key on your keyboard to close the program.
  • A file called Win32kDiag.txt should be created on your Desktop.
  • Open that file in Notepad and copy/paste the entire contents (from Starting up... to Finished! Press any key to exit...) in your next reply.
--------------------------------------


:thumbsup: Go to Posted Image > Run..., then copy and paste this command into the open box: cmd
Click OK.
At the command prompt C:\>, copy and paste the following command and press Enter:
DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\eventlog.dll >Log.txt & START notepad Log.txt
A file called log.txt should be created on your Desktop.
Open that file and copy/paste the contents in your next reply.
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#6 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:01:54 AM

Posted 20 October 2009 - 08:42 PM

I think my computer has been taken over by aliens or by something or someone! Tonight the problems are escalating. Now weirder things are happening, such as: the computer starts beeping very fast and refusing to respond to any commands; suddenly two or three browsers open very quickly all by themselves; the start menu opens and the computer types gibberish into the start search command line; and that infernal WMC opens up with the computer beeping very fast beeps - - when WMC opens, it preempts everything else so that nothing else works until it's closed out; also, the computer has twice refused to disconnect from the wireless connection when I tried to disconnect.

Okay, Mark, here are the logs:

System Repair Engine Report:

2009-10-20,19:00:05

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Premium Edition Service Pack 2 (Build 6002) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
	All Boot Items (Including Registry, Startup Folders, Services and so on)
	Browser Add-ons
	Running Processes (Including process model information)
	File Associations
	Winsock Provider
	Autorun.Inf
	HOSTS File
	Process Privileges Scan
	Scheduled Tasks
	Windows Security Update Check
	API HOOK
	Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
	<ehTray.exe><C:\Windows\ehome\ehTray.exe>  [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
	<load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
	<Broadcom Wireless Manager UI><C:\Windows\system32\WLTRAY.exe>  [Dell Inc.]
	<AVG8_TRAY><C:\PROGRA~1\AVG\AVG8\avgtray.exe>  [(Verified)AVG Technologies]
	<Easy Dock><>  [N/A]
	<PC Pitstop Optimize Reminder><C:\Program Files\PCPitstop\Optimize3\Reminder-Optimize3.exe>  [(Verified)P.C. Pitstop LLC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
	<shell><explorer.exe>  [(Verified)Microsoft Windows]
	<Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
	<AppInit_DLLs><avgrsstx.dll>  [(Verified)AVG Technologies]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
	<{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}><C:\Program Files\SUPERAntiSpyware\SASSEH.DLL>  [SuperAdBlocker.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
	<WebCheck><C:\Windows\System32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
	<WinlogonNotify: !SASWinLogon><C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL>  [SUPERAntiSpyware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
	<WinlogonNotify: GoToAssist><C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
	<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
	<Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
	<Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
	<Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
	<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
	<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA851-CC51-11CF-AAFA-00AA00B6015C}]
	<Microsoft Web Publishing Wizard 1.52><rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\wpie4x86.inf,PerUserStub>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
	<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
	<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
	<Internet Explorer><C:\Windows\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
	<N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install>  [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Control Panel\Desktop]
	<SCRNSAVE.EXE><C:\Windows\system32\Aurora.scr>  [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
	<Ceedo Repair><; C:\Users\Sharon\AppData\Local\Temp\AutoDetect.exe /repair /drive=F /name=Ceedo>  [File is missing]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
	<Google Update><; "C:\Users\Sharon\AppData\Local\Google\Update\GoogleUpdate.exe" /c>  [(Verified)Google Inc]

==================================
Startup Folders
N/A

==================================
Services
[Andrea ST Filters Service / AESTFilters][Stopped/Disabled]
  <C:\Windows\system32\aestsrv.exe><Andrea Electronics Corporation>
[Ati External Event Utility / Ati External Event Utility][Running/Auto Start]
  <C:\Windows\system32\Ati2evxx.exe><ATI Technologies Inc.>
[AVG8 E-mail Scanner / avg8emc][Running/Auto Start]
  <C:\PROGRA~1\AVG\AVG8\avgemc.exe><AVG Technologies CZ, s.r.o.>
[AVG8 WatchDog / avg8wd][Running/Auto Start]
  <C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe><AVG Technologies CZ, s.r.o.>
[GoToAssist / GoToAssist][Stopped/Manual Start]
  <"C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe" Start=service><Citrix Online, a division of Citrix Systems, Inc.>
[Google Updater Service / gusvc][Stopped/Disabled]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[hpqcxs08 / hpqcxs08][Running/Manual Start]
  <C:\Windows\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll><Hewlett-Packard Co.>
[HP CUE DeviceDiscovery Service / hpqddsvc][Running/Auto Start]
  <C:\Windows\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll><Hewlett-Packard Co.>
[MBAMService / MBAMService][Running/Auto Start]
  <"C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"><Malwarebytes Corporation>
[Net Driver HPZ12 / Net Driver HPZ12][Running/Auto Start]
  <C:\Windows\System32\svchost.exe -k HPZ12-->C:\Windows\system32\HPZinw12.dll><Hewlett-Packard>
[PCPitstop Scheduling / PCPitstop Scheduling][Stopped/Disabled]
  <C:\Program Files\PCPitstop\PCPitstopScheduleService.exe><PC Pitstop LLC>
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
  <C:\Windows\System32\svchost.exe -k HPZ12-->C:\Windows\system32\HPZipm12.dll><Hewlett-Packard>
[SigmaTel Audio Service / STacSV][Running/Auto Start]
  <C:\Windows\system32\STacSV.exe><IDT, Inc.>
[stllssvr / stllssvr][Stopped/Disabled]
  <"C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"><MicroVision Development, Inc.>
[Dell Wireless WLAN Tray Service / wltrysvc][Running/Auto Start]
  <C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe><N/A>

==================================
Drivers
[adp94xx / adp94xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[arc / arc][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[atikmdag / atikmdag][Running/Manual Start]
  <system32\DRIVERS\atikmdag.sys><ATI Technologies Inc.>
[AVerBDA6x service / AVerBDA6x][Stopped/Manual Start]
  <system32\DRIVERS\AVerBDA716x.sys><AVerMedia TECHNOLOGIES, Inc.>
[AVG AVI Loader Driver x86 / AvgLdx86][Running/System Start]
  <\SystemRoot\System32\Drivers\avgldx86.sys><AVG Technologies CZ, s.r.o.>
[AVG On-access Scanner Minifilter Driver x86 / AvgMfx86][Running/System Start]
  <\SystemRoot\System32\Drivers\avgmfx86.sys><AVG Technologies CZ, s.r.o.>
[avgrkx86.sys / AvgRkx86][Running/Boot Start]
  <\SystemRoot\System32\Drivers\avgrkx86.sys><AVG Technologies CZ, s.r.o.>
[AVG8 Network Redirector / AvgTdiX][Running/System Start]
  <\SystemRoot\System32\Drivers\avgtdix.sys><AVG Technologies CZ, s.r.o.>
[BCM42RLY / BCM42RLY][Stopped/Manual Start]
  <system32\drivers\BCM42RLY.sys><N/A>
[Dell Wireless WLAN Card Driver / BCM43XX][Running/Manual Start]
  <system32\DRIVERS\bcmwl6.sys><Broadcom Corp.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[blbdrive / blbdrive][Stopped/Disabled]
  <\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
  <system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[HpCISSs / HpCISSs][Stopped/Disabled]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
  <system32\DRIVERS\VSTAZL3.SYS><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
  <system32\DRIVERS\VSTDPV3.SYS><Conexant Systems, Inc.>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_FC / LSI_FC][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[MBAMProtector / MBAMProtector][Running/Manual Start]
  <\??\C:\Windows\system32\drivers\mbam.sys><Malwarebytes Corporation>
[megasas / megasas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkfwd.sys><N/A>
[Creative Camera OEM002 Driver / OEM02Dev][Running/Manual Start]
  <system32\DRIVERS\OEM02Dev.sys><Creative Technology Ltd.>
[Creative Camera OEM002 Video VFX Driver / OEM02Vfx][Running/Manual Start]
  <system32\DRIVERS\OEM02Vfx.sys><EyePower Games Pte. Ltd.>
[pavboot / pavboot][Running/Boot Start]
  <\SystemRoot\system32\drivers\pavboot.sys><Panda Security, S.L.>
[PMEM / PMEM][Running/Auto Start]
  <\??\C:\Windows\system32\drivers\pmemnt.sys><Microsoft Corporation>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[rimmptsk / rimmptsk][Running/Auto Start]
  <system32\DRIVERS\rimmptsk.sys><REDC>
[rimsptsk / rimsptsk][Running/Auto Start]
  <system32\DRIVERS\rimsptsk.sys><REDC>
[Ricoh xD-Picture Card Driver / rismxdp][Running/Auto Start]
  <system32\DRIVERS\rixdptsk.sys><REDC>
[rootrepeal / rootrepeal][Stopped/Manual Start]
  <\??\C:\Windows\system32\drivers\rootrepeal.sys><N/A>
[rootrepeal1 / rootrepeal1][Stopped/Manual Start]
  <\??\C:\Windows\system32\drivers\rootrepeal1.sys><N/A>
[SASDIFSV / SASDIFSV][Running/System Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[SASENUM / SASENUM][Stopped/Manual Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[SASKUTIL / SASKUTIL][Running/System Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys><SUPERAdBlocker.com and SUPERAntiSpyware.com>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
  <system32\drivers\stwrt.sys><IDT, Inc.>
[Symc8xx / Symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[uliahci / uliahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[winachsf / winachsf][Running/Manual Start]
  <system32\DRIVERS\VSTCNXT3.SYS><Conexant Systems, Inc.>

==================================
Browser Add-ons
[&Yahoo! Toolbar Helper]
  {02478D38-C3F9-4efb-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[AVG Safe Search]
  {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} <C:\Program Files\AVG\AVG8\avgssie.dll, (Signed) AVG Technologies CZ, s.r.o.>
[AVG Security Toolbar BHO]
  {A3BC75A2-1F87-4686-AA43-5347D756017C} <C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll, (Signed) >
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[SingleInstance Class]
  {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} <C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll, (Signed) Yahoo! Inc>
[HP Smart BHO Class]
  {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll, (Signed) Hewlett-Packard Co.>
[ClipBookBtn Class]
  {DDE87865-83C5-48c4-8357-2F5B1AA84522} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll, (Signed) Hewlett-Packard Co.>
[AVG Security Toolbar]
  {CCC7A320-B3CA-4199-B1A6-9F516DD69829} <C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll, (Signed) >
[Yahoo! Toolbar]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[PCPitstop Utility]
  {0E5F0222-96B9-11D3-8997-00104BD12D94} <C:\Windows\Downloaded Program Files\PCPitstop.dll, (Signed) PC Pitstop>
[PCPitstop Exam]
  {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} <C:\Windows\Downloaded Program Files\pcpitstop2.dll, (Signed) PC Pitstop LLC>
[&Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[PCPitstop Utility]
  {0E5F0222-96B9-11D3-8997-00104BD12D94} <C:\Windows\Downloaded Program Files\PCPitstop.dll, (Signed) PC Pitstop>
[VistaWUWebControl Class]
  {12A66224-5E8A-4679-8941-0B9B960BF5EA} <%SystemRoot%\system32\wuwebv.dll, (Signed) N/A>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\Windows\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[AVG Safe Search]
  {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} <C:\Program Files\AVG\AVG8\avgssie.dll, (Signed) AVG Technologies CZ, s.r.o.>
[ActiveScan 2.0 AV Class]
  {41524153-46FB-488C-8E53-7624AB83C46F} <C:\Program Files\Panda Security\ActiveScan 2.0\as2guiie.dll, (Signed) Panda Security>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[isInstalled Class]
  {5852F5ED-8BF4-11D4-A245-0080C6F74284} <C:\Program Files\Java\jre6\bin\wsdetect.dll, Sun Microsystems, Inc.>
[Perf Class]
  {694FAF81-2A8F-4E88-B111-347B4A48F677} <C:\Windows\Downloaded Program Files\PCPitstop3D.dll, (Signed) PC Pitstop LLC>
[HPDDClientExec Class]
  {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} <C:\Program Files\Hp\Common\HPDDAXO.dll, (Signed) Hewlett-Packard>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_16]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[]
  {9191F686-7F0A-441D-8A98-2FE3AC1BD913} <, >
[]
  {9CAB0A33-96F5-428D-9123-2333F2479AA2} <, >
[AVG Security Toolbar BHO]
  {A3BC75A2-1F87-4686-AA43-5347D756017C} <C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll, (Signed) >
[DDRevision Class]
  {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} <C:\Program Files\Hp\Common\HPDDRev.dll, (Signed) Hewlett-Packard>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\Windows\System32\msnetobj.dll, (Signed) Microsoft Corporation>
[Google Update Plugin]
  {B79267AC-3725-42EB-890A-6CF077567C47} <C:\Users\Sharon\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll, (Signed) Google Inc.>
[Deployment Toolkit]
  {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} <C:\Windows\system32\deploytk.dll, (Signed) Sun Microsystems, Inc.>
[AVG Security Toolbar]
  {CCC7A320-B3CA-4199-B1A6-9F516DD69829} <C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll, (Signed) >
[Microsoft Url Search Hook]
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[ClipBookBtn Class]
  {DDE87865-83C5-48C4-8357-2F5B1AA84522} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll, (Signed) Hewlett-Packard Co.>
[Microsoft Silverlight]
  {DFEAF541-F3E1-4C24-ACAC-99C30715084A} <c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll, (Signed)  Microsoft Corporation>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Yahoo! Toolbar]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
  {FC345D4C-B8F4-4674-BFF7-3C37D2E535EE} <"C:\Users\Sharon\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll", N/A>
[SingleInstance Class]
  {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} <C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll, (Signed) Yahoo! Inc>
[HP Smart BHO Class]
  {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} <C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll, (Signed) Hewlett-Packard Co.>
[Add to Google Photos Screensa&ver]
  <res://C:\Windows\system32\GPhotos.scr/200, N/A>

==================================
Running Processes
[PID: 484 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 6.0.6002.18005 (lh_sp2rtm.090410-1830)]
[PID: 552 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 608 / SYSTEM][C:\Windows\system32\wininit.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 620 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 672 / SYSTEM][C:\Windows\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 696 / SYSTEM][C:\Windows\system32\services.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 708 / SYSTEM][C:\Windows\system32\lsass.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 716 / SYSTEM][C:\Windows\system32\lsm.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 904 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 972 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1012 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1112 / SYSTEM][C:\Windows\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4178]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1160 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1200 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1228 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1336 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1356 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe]  [(Verified) Microsoft Corporation, 6.0.6002.18005 (lh_sp2rtm.090410-1830)]
[PID: 1396 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1532 / SYSTEM][C:\Windows\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4178]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2512]
	[C:\Windows\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2524]
	[C:\Windows\system32\ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4176]
[PID: 1568 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1768 / SYSTEM][C:\Windows\System32\WLTRYSVC.EXE]  [N/A, ]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1796 / SYSTEM][C:\Windows\system32\WLANExt.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\System32\bcmihvsrv.dll]  [Dell Inc., 4.170.25.17]
[PID: 2004 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\System32\hpz3l5mu.dll]  [Hewlett-Packard Company, 61.073.242.00]
	[C:\Windows\system32\spool\PRTPROCS\W32X86\hpzpp5mu.dll]  [Hewlett-Packard Corporation, 61.073.242.00]
[PID: 336 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 496 / Sharon][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\system32\atitmmxx.dll]  [, 6, 14, 11, 17]
	[C:\Windows\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2524]
[PID: 1440 / Sharon][C:\Windows\system32\Dwm.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\system32\atiumdag.dll]  [ATI Technologies Inc. , 7.14.10.0532]
	[C:\Windows\system32\atiumdva.dll]  [ATI Technologies Inc. , 7.14.10.0167]
[PID: 1584 / Sharon][C:\Windows\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1636 / SYSTEM][C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgwd.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgcfgx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgsched.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgwdwsc.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avglngx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2112 / SYSTEM][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2184 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[c:\program files\hp\digital imaging\bin\hpqddsvc.dll]  [Hewlett-Packard Co., 100.0.190.000]
	[c:\program files\hp\digital imaging\bin\hpqddcmn.dll]  [Hewlett-Packard Co., 100.0.190.000]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[c:\program files\hp\digital imaging\bin\hpqcxs08.dll]  [Hewlett-Packard Co., 100.0.190.000]
[PID: 2240 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe]  [Microsoft Corporation, 7.00.9466]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2420 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[c:\windows\system32\hpzinw12.dll]  [Hewlett-Packard, 12,1,1,54]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2492 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[c:\windows\system32\hpzipm12.dll]  [Hewlett-Packard, 12,1,1,54]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2556 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2564 / SYSTEM][C:\PROGRA~1\AVG\AVG8\avgam.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgcfgx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglngx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgameh.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgamnot.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2592 / SYSTEM][C:\PROGRA~1\AVG\AVG8\avgrsx.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgcorex.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.416]
	[C:\PROGRA~1\AVG\AVG8\avgcrlpx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2600 / SYSTEM][C:\PROGRA~1\AVG\AVG8\avgnsx.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgcfgx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgxpl.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglvex.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\PROGRA~1\AVG\AVG8\avgcorex.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.416]
	[C:\PROGRA~1\AVG\AVG8\avgcrlpx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2716 / SYSTEM][C:\Windows\system32\STacSV.exe]  [IDT, Inc., 1.0.5614.0  nd654 cp1]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\system32\stapi32.dll]  [IDT, Inc., 1.0.5614.0  nd654 cp1]
[PID: 2968 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 3016 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 3080 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [(Verified) Microsoft Corporation, 7.00.6002.18005 (lh_sp2rtm.090410-1830)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 3120 / SYSTEM][C:\PROGRA~1\AVG\AVG8\avgemc.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\libsasl.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgapix.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgcfgx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglngx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgscanx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgsrmx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgvvx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgmvflx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgcclix.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\saslcrammd5.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\sasldigestmd5.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\sasllogin.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\saslplain.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 3308 / SYSTEM][C:\Program Files\AVG\AVG8\avgcsrvx.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgcorex.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.416]
	[C:\Program Files\AVG\AVG8\avgcrlpx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 3344 / Sharon][C:\Windows\System32\WLTRAY.EXE]  [Dell Inc., 4.170.25.12]
	[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\894183c0c47bd4772fbfad4c1a7e3b71\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.4200 (NetFxQFE.050727-4200)]
	[C:\Windows\System32\bcmwlrmt.dll]  [N/A, ]
	[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\13cce38e8de5fd54853390e4e98abd0e\System.ni.dll]  [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[PID: 3388 / Sharon][C:\Program Files\AVG\AVG8\avgtray.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.417]
	[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avgcfgx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglngx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avguires.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 3532 / Sharon][C:\Windows\ehome\ehtray.exe]  [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 3740 / Sharon][C:\Windows\ehome\ehmsas.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 2344 / SYSTEM][C:\Windows\System32\bcmwltry.exe]  [Dell Inc., 4.170.25.12]
	[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Windows\System32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]
	[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\894183c0c47bd4772fbfad4c1a7e3b71\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.4200 (NetFxQFE.050727-4200)]
	[C:\Windows\System32\bcmwlrmt.dll]  [N/A, ]
	[C:\Windows\System32\wltrynt.dll]  [Broadcom Corporation, 4.170.25.12]
	[C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
	[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\13cce38e8de5fd54853390e4e98abd0e\System.ni.dll]  [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[PID: 3276 / SYSTEM][C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe]  [Malwarebytes Corporation, 1.04]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1624 / Sharon][C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe]  [Google Inc., 0.0.0.0]
	[C:\Windows\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\chrome.dll]  [Google Inc., 3.0.195.27]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\icudt38.dll]  [IBM Corporation and others, 3, 8, 0, 0]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\gears.dll]  [Google Inc., 0.5.32.0]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\rlz.dll]  [N/A, ]
[PID: 1784 / Sharon][C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe]  [Google Inc., 0.0.0.0]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\chrome.dll]  [Google Inc., 3.0.195.27]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\icudt38.dll]  [IBM Corporation and others, 3, 8, 0, 0]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\avcodec-52.dll]  [N/A, ]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\avutil-50.dll]  [N/A, ]
	[C:\Users\Sharon\AppData\Local\Google\Chrome\Application\3.0.195.27\avformat-52.dll]  [N/A, ]
[PID: 5344 / Sharon][C:\Users\Sharon\Documents\Downloads\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
[PID: 4528 / Sharon][C:\Users\Sharon\Documents\Downloads\sreng2\SRE851d796e.EXE]  [Smallfrogs Studio, 2.8.1.1279]
	[C:\Users\Sharon\Documents\Downloads\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["%SystemRoot%\hh.exe" %1]
.HLP  OK. [%SystemRoot%\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS   Error. [C:\Windows\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1	   localhost
::1			 localhost

==================================
Process Privileges Scan
N/A

==================================
Scheduled Tasks
[Enabled] \\Auslogics Console Defragmentation
		C:\Program Files\Auslogics\Auslogics Disk Defrag\cdefrag.exe C: -bk -Log:"C:\Users\Sharon\AppData\Roaming\Auslogics\Disk Defrag\CDefrag\"
[Enabled] \\Defraggler Volume C Task
		C:\Program Files\Defraggler\df.exe C: /ts
[Enabled] \\GoogleUpdateTaskUserS-1-5-21-1388680736-1461927579-688189125-1000Core
		C:\Users\Sharon\AppData\Local\Google\Update\GoogleUpdate.exe /c
[Enabled] \\GoogleUpdateTaskUserS-1-5-21-1388680736-1461927579-688189125-1000UA
		C:\Users\Sharon\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
[Enabled] \\Malwarebytes' Scheduled Update for Sharon
		C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runupdate
[Enabled] \\Secunia PSI Logon Task
		C:\Program Files\Secunia\PSI\psi.exe --start-in-tray
[Enabled] \Apple\AppleSoftwareUpdate
		C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
[Disabled] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
		N/A 
[Enabled] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
		N/A 
[Enabled] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
		BthUdTask.exe $(Arg0)
[Enabled] \Microsoft\Windows\CertificateServicesClient\SystemTask
		N/A 
[Enabled] \Microsoft\Windows\CertificateServicesClient\UserTask
		N/A 
[Enabled] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
		N/A 
[Enabled] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
		%SystemRoot%\System32\wsqmcons.exe 
[Enabled] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
		%SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
[Enabled] \Microsoft\Windows\Defrag\ManualDefrag
		%windir%\system32\defrag.exe -c
[Enabled] \Microsoft\Windows\Defrag\ScheduledDefrag
		%windir%\system32\defrag.exe -c -i
[Enabled] \Microsoft\Windows\Media Center\ehDRMInit
		%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[Enabled] \Microsoft\Windows\Media Center\mcupdate
		%SystemRoot%\ehome\mcupdate $(Arg0) -gc
[Enabled] \Microsoft\Windows\Media Center\OCURActivate
		%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[Enabled] \Microsoft\Windows\Media Center\OCURDiscovery
		%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery
[Enabled] \Microsoft\Windows\Media Center\UpdateRecordPath
		%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[Enabled] \Microsoft\Windows\MobilePC\HotStart
		N/A 
[Enabled] \Microsoft\Windows\MobilePC\TMM
		N/A 
[Enabled] \Microsoft\Windows\MUI\LPRemove
		%windir%\system32\lpremove.exe 
[Enabled] \Microsoft\Windows\Multimedia\SystemSoundsService
		N/A 
[Enabled] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
		N/A 
[Enabled] \Microsoft\Windows\Shell\CrawlStartPages
		N/A 
[Disabled] \Microsoft\Windows\SideShow\AutoWake
		N/A 
[Enabled] \Microsoft\Windows\SideShow\GadgetManager
		N/A 
[Disabled] \Microsoft\Windows\SideShow\SessionAgent
		N/A 
[Disabled] \Microsoft\Windows\SideShow\SystemDataProviders
		N/A 
[Enabled] \Microsoft\Windows\SystemRestore\SR
		%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[Enabled] \Microsoft\Windows\Tcpip\IpAddressConflict1
		rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[Enabled] \Microsoft\Windows\Tcpip\IpAddressConflict2
		rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[Enabled] \Microsoft\Windows\UPnP\UPnPHostConfig
		sc.exe config upnphost start= auto
[Enabled] \Microsoft\Windows\Windows Error Reporting\QueueReporting
		%windir%\system32\wermgr.exe -queuereporting
[Enabled] \Microsoft\Windows\WindowsCalendar\Reminders - Sharon
		C:\Program Files\Windows Calendar\WinCal.exe /reminder
[Enabled] \Microsoft\Windows\Wired\GatherWiredInfo
		%windir%\system32\gatherWiredInfo.vbs 
[Enabled] \Microsoft\Windows\Wireless\GatherWirelessInfo
		%windir%\system32\gatherWirelessInfo.vbs 

==================================
Windows Security Update Check
 Windows Live Essentials 

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


-------------------------------------------------------------------------------------------------------

The Win32kDiag Report was:
Running from: C:\Users\Sharon\Documents\Downloads\Win32kDiag.exe

Log file at : C:\Users\Sharon\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\Windows'...



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl

[1] 2009-10-20 15:09:28 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl ()

--------------------------------------------------------------------------------------------------------------------------------

Here's the Report from the cmd thingy:

Volume in drive C has no label.
Volume Serial Number is 8E5C-EADF

Directory of C:\Windows\System32

04/10/2009 11:28 PM 177,152 scecli.dll

Directory of C:\Windows\System32

04/10/2009 11:28 PM 592,896 netlogon.dll
2 File(s) 770,048 bytes

Directory of C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e

11/02/2006 04:46 AM 176,640 scecli.dll
1 File(s) 176,640 bytes

Directory of C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12

01/19/2008 02:36 AM 177,152 scecli.dll
1 File(s) 177,152 bytes

Directory of C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e

04/10/2009 11:28 PM 177,152 scecli.dll
1 File(s) 177,152 bytes

Directory of C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783

11/02/2006 04:46 AM 559,616 netlogon.dll
1 File(s) 559,616 bytes

Directory of C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857

01/19/2008 02:35 AM 592,384 netlogon.dll
1 File(s) 592,384 bytes

Directory of C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3

04/10/2009 11:28 PM 592,896 netlogon.dll
1 File(s) 592,896 bytes

Total Files Listed:
8 File(s) 3,045,888 bytes
0 Dir(s) 157,153,456,128 bytes free

Hope that sheds some light on the problem.

Let me say again - - I think my computer has been taken over by aliens or by something or someone! It starts beeping very fast and refusing to respond to any commands; suddenly two or three browsers open very quickly all by themselves; the start menu opens and the computer types gibberish into the start search command line; and that infernal WMC opens up with the computer beeping very fast beeps - - when WMC opens, it preempts everything else so that nothing else works until it's closed out; also, the computer has twice refused to disconnect from the wireless connection when I tried to disconnect. Hoping you can help.

Thanks again for your assistance!

Sharon

Edited by HomesickInTexas, 21 October 2009 - 01:21 AM.


#7 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:01:54 AM

Posted 21 October 2009 - 04:33 PM

New problems since last post:

Space bar must be pressed several times to work; now after WMC pops open, the keyboard won't accept any input and computer has to be restarted, sometimes several times, before the keyboard works again; often, shortcuts must be right clicked, then click 'open' because when a shortcut is pressed, the properties dialog opens instead of the program, also when the computer is rebooted, instead of Vista opening, it goes to a black screen and Vista must be chosen before it will open and a couple of times the computer froze at that screen and wouldn't boot up - had to shut down manually and press F12 and chose the HDD option to get it to open.

Just upgraded to AVG 9 (had 8) - it's supposed to be better. Currently running scan.

I've been using computers for more than 20 years and have never seen or heard of such weirdness!

Anyway, am now backing up personal files just in case the computer has to be reformatted. Just reformatted 2 months ago because the audio/video caused BOSD every time a sound or video file was played. The computer was still under warranty and a Dell tech walked me through that and then installed a codec pack which fixed the problems with audio/video. Computer worked great until last week. I've run every kind of virus/spyware scan, including Trend Micro Housecall (ran yesterday) and none of them have found anything. AVG 9 in 45 minutes into its first scan and hasn't found anything yet either.

Could all this have been caused by the Vista SP2 update?

Will wait to hear from you before doing anything else.

Thanks
Sharon

#8 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:02:54 AM

Posted 21 October 2009 - 06:47 PM

Boy you sure have a mess on your hands
I would suggest that you reformat again
Browsing the log I see at least three missing files
None are critical, but it makes you wonder what else is borked
I think it would be best
Sorry
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#9 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:01:54 AM

Posted 21 October 2009 - 06:56 PM

Just a quick question: Do you know why AVG 9 doesn't have an anti-rootkit scan included - - there is a checkbox for it in advanced settings but it is greyed out and you can't choose it.

Also, can you assist with a reformat? The computer has run out of warranty since I reformatted with Dell Tech help.

10:36 p.m. Edit: I can't explain what has occurred, but since AVG 9 finished scanning (finding/fixing only six 'tracking cookies'), the computer has operated flawlessly. Is it possible that unistalling AVG 8, installing and running AVG 9 could have caused this? Don't know how long it will last, but as of now, everything is working and for the past three hours, haven't seen WMC. You said there were some necessary files missing - - if this good behavior keeps up, is it possible to use the Vista CD to fix that?

If this keeps up for 24 hours, do you think I should still reformat? I'm willing to do that (with your help) if you think that's best. It feels as if I've been in cyber-Twilight Zone for the past week.

Thanks,
Sharon

Edited by HomesickInTexas, 21 October 2009 - 10:40 PM.


#10 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:01:54 AM

Posted 22 October 2009 - 04:29 PM

Today the space bar isn't working right again, as if the computer doesn't realize it's been pressed until you do it a few times. Also, help windows opening without being accessed, browser tabs switching without being told to do so, etc. Looks as if my good fortune didn't last. Anyway, I guess the only thing to do is reformat. Can you help with that early next week?

Thanks
S.

Edited by HomesickInTexas, 22 October 2009 - 04:33 PM.


#11 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:02:54 AM

Posted 22 October 2009 - 07:09 PM

Post in the proper forum and send me a PM when you do
We have many excellent members that can also help, but I'll be here
Good luck
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#12 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:01:54 AM

Posted 22 October 2009 - 11:55 PM

Thanks, will do. I appreciate you!

S.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users