Jump to content

ginakra

Members
  • Posts

    12
  • Joined

  • Last visited

Everything posted by ginakra

  1. Exact same issue here. In trial mode, can't activate license, get the usage level error> Didn't change a thing other than installing the upgrade.
  2. Yes i was doing that over and over. It just never alerted me that there was an update found so I didn't know it had been applied. I ended the task again because cpu and ram were still climbing. I ran MB a bit later, everything was fine. Thanks.
  3. EDITED TO ADD: Nevermind! Its back to normal now without a system restart. Im on update 3803. Seems to be doing fine now. Guess it updated in the background somehow. /////////////////// Don't understand. Why restart the PC if the update hasnt been received? Look where for the update package?
  4. I have been following, and i just started Malwarebytes and tried to force an update. Says no updates found. Meanwhile my RAM is running out and cpu is running higher and higher. I ended the task before my computer crashed again. Guess i will sit tight until the update rolls out to me finally. Whenever that is.
  5. Oh, and I will consider the reformat. I just didn't want to spend all the time and effort if the hard drive is failing anyway. I have also been looking at new laptops too, I need something bigger than this little tablet pc for normal work. I will be letting my husband use it mostly, which would need a format/reinstall anyway, so that's why I was putting it off. But you're right, it would help troubleshoot. Thanks!!!!
  6. I rebooted today and the boot up time was normal. (For now) Yay!! Yeah, I know I have a lot of crap on the computer. I have health issues that make it difficult or impossible to spend much time on the computer. I don't have enough computer time for fun/necessary stuff, so I tend to get behind on maintenance. The last few days, I've been paying the price for being on the pc more than I should. I am going to keep an eye on the hard drive for sure. I have a couple of diagnostics on the comp now. I still have to decide what to do with the quarentine/chest stuff. But it can wait until I recouperate. Thanks a ton for your help I might pop back in after a few days if something arises. Will be taking a break until then. Thanks screen317! I really appreciate your time and assistance.
  7. Hi, I had already rebooted my machine before your reply, and it took all the rest of the day, evening, and next morning for my computer to boot with the boot scans I had scheduled. I am now typing on the machine that had problems, and not my husband's. Which is a good start I think. It booted up seemingly fine after the scandisk. I need to reboot after I type this, both into safe and normal modes, and see if it seems normal. In the meantime, I wanted to let you know what's up. Thanks for sticking with me on this. After all the repairwork yesterday, this is first boot. So far the computer seems to be running okay. It could be temporary, and I need to reboot again to see if my boot time is back to normal instead of a loop, and that I can get into safe mode (before I couldn't). ====================================== What I did yesterday, that I recall (TIRED!!!) ====================================== Ok, I did a lot yesterday. I did uninstall all the software from the "known good" date to the "went south" date. Except for SQL/system type updates and such. I took a lot of stuff out of my start up that I knew didn't need to run, but I have a lot more work to do. I went looking around in my Event viewer and I had LOTS of errors for the Disk, starting after the electric went out, that said: The driver detected a controller error on \Device\Harddisk0\DR0. I have not received any today after the reboot (after the scandisk at boot, and Avast at boot). I tried to look up the error, but still not sure what it is. I also ran Kapersky TDSSKiller (nothing found). I did notice everytime I turned on my wifi the computer would slow down badly, but figured out it was Sugar Sync trying to upload 6GB of crap I moved over to a syncing folder. Turned off Sugar Sync and it immproved drastically. I did a Quick scan in Malwarewarebytes in normal mode first. Then a full scan in normal mode. I was afraid I would not be able to boot again if I tried safemode. Here are the two logs, Quickscan found nothing. I did notice it paused for a long time on bootstat.dat, which ended up having bad clusters when I did my scandisk scheduled on boot. ================================== Scan Results =================================== Here is Malwarebytes FullScan Log Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.26.16 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Protection: Enabled 7/31/2012 3:33:36 AM mbam-log-2012-07-31 (10-06-28).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 1194021 Time elapsed: 6 hour(s), 32 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 5 C:\Users\MyName\Desktop\Floor_Comp\Games\SeaWar2\CD_Gif.dll (AdWare.Cydoor) -> No action taken. C:\Users\MyName\Desktop\Floor_Comp\Graphics Software\SWiSH v2.0\Downloaded SWI\part2\fr08_final\64k.exe (Malware.Packer.Krunchy) -> No action taken. C:\Users\MyName\Desktop\Floor_Comp\Graphics Software\SWiSH v2.0\Downloaded SWI\part2\part2\fr08_final\64k.exe (Malware.Packer.Krunchy) -> No action taken. C:\Users\MyName\Desktop\Floor_Comp\Program Files\WEBSVR\SYSTEM\KEYGEN.EXE (Riskware.Tool.CK) -> No action taken. C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\SYSTEM\CD_Gif.dll (AdWare.Cydoor) -> No action taken. (end) I put the files above in quarentine. These files are actually from a copied backup of another hard drive I have in an enclosure, It was from an old computer. I took the hard drive out of the tower and put in a usb enclosure, then copied the entire drive contents my my current computer. Okay, here's DDs.txt . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33 Run by MyName at 12:58:58 on 2012-08-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8095.5190 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\USB Safely Remove\USBSRService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_10227f8c486f7892\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Program Files\Tablet\Pen\Pen_TouchService.exe C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe C:\Windows\system32\atieclxx.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\vcsFPService.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe C:\Windows\system32\taskhost.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Common Files\Chameleon Manager\monitor.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskeng.exe C:\Program Files\Tablet\Pen\Pen_TouchUser.exe C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_10227f8c486f7892\AESTSr64.exe C:\Program Files (x86)\Common Files\Chameleon Manager\proc64.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe C:\Windows\system32\crypserv.exe C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files\Tablet\Pen\Pen_TabletUser.exe C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files (x86)\BERNINA\UCS\UniversalCommunicationServer.exe C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\DigitalPersona\Bin\DPAgent.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Pantone\huey\hueyTray.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Bar = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll mWinlogon: Userinit=userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DigitalPersona Personal Extension: {395610ae-c624-4f58-b89e-23733ea00f9a} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll BHO: PodcastBHO Class: {65134fdf-f8a5-4b3d-91d9-cdf273cfd578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll BHO: NXIECatcher Class: {83b80a9c-d91a-4f22-8dcf-ea7204039f79} - C:\Program Files (x86)\Xi\NetXfer\NXIEHelper.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} - C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: NetXfer: {c16cbaac-a75c-4db5-a0dd-cdf5cafcdd3a} - C:\Program Files (x86)\Xi\NetXfer\NXToolBar.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [Power2GoExpress] uRun: [SysResources Manager] "C:\Program Files (x86)\SysResources Manager\SysResManager.exe" uRun: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe uRun: [AdobeBridge] mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [<NO NAME>] mRun: [HotKeysCmds] C:\Windows\system32\hkcmd.exe mRun: [Persistence] C:\Windows\system32\igfxpers.exe mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\hueyTray.lnk - C:\Program Files (x86)\Pantone\huey\hueyTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: Download all by NetXfer - C:\Program Files (x86)\Xi\NetXfer\NXAddList.html IE: Download by NetXfer - C:\Program Files (x86)\Xi\NetXfer\NXAddLink.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{B075D54C-D331-4524-9A26-3FE5F571D419} : DhcpNameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll LSA: Notification Packages = scecli DPPWDFLT mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" mASetup: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO-X64: 0x1 - No File BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DigitalPersona Personal Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll BHO-X64: DigitalPersona Personal Extension - No File BHO-X64: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll BHO-X64: dTPodcastBHO - No File BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll BHO-X64: Zynga - No File BHO-X64: NXIECatcher Class: {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files (x86)\Xi\NetXfer\NXIEHelper.dll BHO-X64: NetXfer - No File BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: SmartSelect - No File BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll TB-X64: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll TB-X64: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB-X64: NetXfer: {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files (x86)\Xi\NetXfer\NXToolBar.dll TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun-x64: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [(Default)] mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\ FF - component: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext\components\dpffcli.dll FF - component: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\MyName\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll FF - plugin: C:\Users\MyName\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll FF - plugin: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll FF - plugin: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - plugin: C:\Windows\SysWOW64\Npplg80n.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true ============= SERVICES / DRIVERS =============== . R0 fltsrv;Acronis Storage Filter Management;C:\Windows\system32\DRIVERS\fltsrv.sys --> C:\Windows\system32\DRIVERS\fltsrv.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 vididr;Acronis Virtual Disk;C:\Windows\system32\DRIVERS\vididr.sys --> C:\Windows\system32\DRIVERS\vididr.sys [?] R0 vidsflt67;Acronis Disk Storage Filter (67);C:\Windows\system32\DRIVERS\vsflt67.sys --> C:\Windows\system32\DRIVERS\vsflt67.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\system32\Drivers\uim_vimx64.sys --> C:\Windows\system32\Drivers\uim_vimx64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-10-25 37280] R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_10227f8c486f7892\AESTSr64.exe [2009-3-3 89600] R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-6-4 3459024] R2 AHDDC2;Ashampoo HDD Control 2 Service;C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-7-31 1517976] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-8 44808] R2 BotkindSyncService;Botkind Service;C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe service --> C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe service [?] R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2009-10-15 22072] R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-5 296808] R2 FreemakeVideoCapture;FreemakeVideoCapture;C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-5-23 8704] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R2 iPodDrv;iPodDrv;\??\C:\Windows\system32\drivers\iPodDrv.sys --> C:\Windows\system32\drivers\iPodDrv.sys [?] R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375208] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-3-20 655944] R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-1-24 25824] R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088] R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-6-15 548264] R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504] R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-4-27 5914912] R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-10-26 5790064] R2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2012-4-6 7515000] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-5-31 2666880] R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-10-26 487280] R2 TouchServiceWacom;Wacom Professional Touch Service;C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe [2012-4-6 552312] R2 UniversalCommunicationServer;Universal Communication Server;C:\Program Files (x86)\BERNINA\UCS\UniversalCommunicationServer.exe [2012-1-16 90112] R2 USBSafelyRemoveService;USB Safely Remove Assistant;C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [2012-6-16 1473920] R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2009-7-13 1656112] R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys --> C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [?] R3 bbcap;bb_capture_driver;C:\Windows\system32\DRIVERS\bbcap.sys --> C:\Windows\system32\DRIVERS\bbcap.sys [?] R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-1-12 227896] R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?] R3 RRNetCapMP;RRNetCapMP;C:\Windows\system32\DRIVERS\rrnetcap.sys --> C:\Windows\system32\DRIVERS\rrnetcap.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-6 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-18 250056] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 busbcrw;USB Card Reader Writer driver;C:\Windows\system32\Drivers\bucrw64.sys --> C:\Windows\system32\Drivers\bucrw64.sys [?] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?] S3 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [2012-7-31 544768] S3 fdrawcmd;Low-level Floppy Driver;\??\C:\Windows\system32\drivers\fdrawcmd.sys --> C:\Windows\system32\drivers\fdrawcmd.sys [?] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-6 135664] S3 MEMSWEEP2;MEMSWEEP2;\??\C:\Windows\system32\7273.tmp --> C:\Windows\system32\7273.tmp [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 113120] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] S3 rcmirror;rcmirror;C:\Windows\system32\DRIVERS\rcmirror.sys --> C:\Windows\system32\DRIVERS\rcmirror.sys [?] S3 RRNetCap;RRNetCap Service;C:\Windows\system32\DRIVERS\rrnetcap.sys --> C:\Windows\system32\DRIVERS\rrnetcap.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Moo0\SystemMonitor 1.64\WinRing0x64.sys [2011-11-28 14544] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-08-01 16:50:36 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{33291609-9A23-4223-8308-BCCCE324DCCD}\mpengine.dll 2012-07-31 20:49:48 34304 ----a-w- C:\Windows\System32\DfSdkBt.exe 2012-07-31 20:46:13 -------- d-----w- C:\Program Files (x86)\CrystalDiskInfo 2012-07-31 20:34:09 -------- d-----w- C:\Program Files (x86)\DiskCheckup 2012-07-31 18:37:09 -------- d-----w- C:\ProgramData\Sophos 2012-07-31 18:33:19 73728 ----a-r- C:\Users\MyName\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe 2012-07-31 18:33:19 73728 ----a-r- C:\Users\MyName\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe 2012-07-31 18:33:18 73728 ----a-r- C:\Users\MyName\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe 2012-07-31 01:40:37 -------- d-----w- C:\Users\MyName\AppData\Roaming\Alfa.NetSoft 2012-07-31 01:40:36 -------- d-----w- C:\Program Files (x86)\Alfa.NetSoft 2012-07-27 00:48:26 -------- d-----w- C:\ProgramData\restore 2012-07-25 11:51:59 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0 2012-07-24 17:37:43 -------- d-----w- C:\Users\MyName\AppData\Local\Nova Development 2012-07-24 15:35:50 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-07-24 13:10:12 -------- d-----w- C:\Program Files (x86)\WMR14 2012-07-24 12:56:34 -------- d-----w- C:\Users\MyName\AppData\Roaming\KastorAllVideoDownloader 2012-07-24 12:53:25 484352 ----a-w- C:\Windows\SysWow64\lame_enc.dll 2012-07-24 12:53:03 -------- d-----w- C:\Users\MyName\AppData\Roaming\KastorFreeVideoCatcher 2012-07-19 19:47:40 -------- d-----w- C:\Users\MyName\AppData\Roaming\EMBIRD_STUDIO_(64-bit) 2012-07-19 19:34:55 51866 ----a-w- C:\Windows\FdUninstall.exe 2012-07-19 19:31:05 -------- d-----w- C:\Program Files\EMBIRD64 2012-07-19 19:29:28 -------- d-----w- C:\Users\MyName\AppData\Roaming\EMBIRD64 2012-07-12 19:33:17 57344 ----a-r- C:\Users\MyName\AppData\Roaming\Microsoft\Installer\{57F95617-28F4-566C-885B-9530CAE60E71}\NewShortcut1_F3FECDDB618046699EBFBFAD3F0D5BC9.exe 2012-07-12 19:32:35 -------- d-----w- C:\ImageStorage 2012-07-11 07:15:53 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-10 23:02:21 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-10 23:02:20 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-07-10 23:02:20 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-07-10 23:02:18 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2012-07-10 23:02:18 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2012-07-10 23:02:18 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-07-10 23:02:00 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-07-10 22:31:58 -------- d-----w- C:\Program Files (x86)\Artensoft Photo Collage Maker 2012-07-10 19:39:01 -------- d-----w- C:\Program Files\Artensoft Photo Mosaic Wizard 2012-07-06 17:08:55 -------- d-----w- C:\Program Files (x86)\FileStream 2012-07-05 02:43:09 -------- d-----w- C:\Users\MyName\SANDSCOMPUTING . ==================== Find3M ==================== . 2012-07-31 20:05:25 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-31 20:05:25 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-12 20:59:44 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2012-07-12 20:59:43 80800 ----a-w- C:\Windows\System32\LMIinit.dll 2012-07-12 20:59:43 34720 ----a-w- C:\Windows\System32\LMIport.dll 2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-07-03 16:21:52 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr 2012-06-08 12:50:26 90960 ----a-w- C:\Windows\System32\drivers\uimx64.sys 2012-06-08 12:50:26 633296 ----a-w- C:\Windows\System32\drivers\Uim_IMx64.sys 2012-06-08 12:50:26 472144 ----a-w- C:\Windows\System32\drivers\UimFIO.sys 2012-06-08 12:50:24 389968 ----a-w- C:\Windows\System32\drivers\uim_vimx64.sys 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-04 16:00:14 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys 2012-06-04 16:00:05 1294432 ----a-w- C:\Windows\System32\drivers\tdrpman.sys 2012-06-04 16:00:01 994912 ----a-w- C:\Windows\System32\drivers\timntr.sys 2012-06-04 15:59:54 211552 ----a-w- C:\Windows\System32\drivers\vididr.sys 2012-06-04 15:59:52 146528 ----a-w- C:\Windows\System32\drivers\vsflt67.sys 2012-06-04 15:59:49 320096 ----a-w- C:\Windows\System32\drivers\snapman.sys 2012-06-04 15:59:48 137312 ----a-w- C:\Windows\System32\drivers\fltsrv.sys 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-22 01:46:29 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak 2012-05-09 16:21:41 476936 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-05-09 16:21:36 472840 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe . ============= FINISH: 13:01:06.26 =============== This was AFTER I did all the scans and removals, etc. ScanDisk Log I did a scan disk with repair bad sectors on boot, as well as a full updated Avast scan at boot. I did get errors with the scandisk. Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 1452288 file records processed. File verification completed. 3376 large file records processed. 0 bad file records processed. 0 EA records processed. 76 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... The object id index entry in file 0x19 points to file 0x3d1e1 but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x243ac but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x3d1ec but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x29244 but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x28402 but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x27a18 but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x189bc but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x2a777 but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x2c81a but the file has no object id in it. Deleting an index entry from index $O of file 25. The object id index entry in file 0x19 points to file 0x3466c but the file has no object id in it. Deleting an index entry from index $O of file 25. 1643878 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 1452288 file SDs/SIDs processed. CHKDSK is compacting the security descriptor stream Cleaning up 4449 unused security descriptors. 95796 data files processed. CHKDSK is verifying Usn Journal... 35875312 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... Read failure with status 0xc0000185 at offset 0x6819000 for 0x10000 bytes. Read failure with status 0xc0000185 at offset 0x6819000 for 0x1000 bytes. Windows replaced bad clusters in file 28495 of name \Windows\bootstat.dat. Read failure with status 0xc0000185 at offset 0x36fcd000 for 0x10000 bytes. Read failure with status 0xc0000185 at offset 0x36fcf000 for 0x1000 bytes. Read failure with status 0xc0000185 at offset 0x36fd0000 for 0xd000 bytes. Read failure with status 0xc0000185 at offset 0x36fd0000 for 0x1000 bytes. Read failure with status 0xc0000185 at offset 0x36fd1000 for 0xc000 bytes. Read failure with status 0xc0000185 at offset 0x36fd1000 for 0x1000 bytes. Read failure with status 0xc0000185 at offset 0x36fd2000 for 0xb000 bytes. Read failure with status 0xc0000185 at offset 0x36fd2000 for 0x1000 bytes. Read failure with status 0xc0000185 at offset 0x36fd3000 for 0xa000 bytes. Read failure with status 0xc0000185 at offset 0x36fd3000 for 0x1000 bytes. Read failure with status 0xc0000185 at offset 0x36fd4000 for 0x9000 bytes. Read failure with status 0xc0000185 at offset 0x36fd4000 for 0x1000 bytes. Read failure with status 0xc0000185 at offset 0x36fd5000 for 0x8000 bytes. Read failure with status 0xc0000185 at offset 0x36fd5000 for 0x1000 bytes. Read failure with status 0xc0000185 at offset 0x36fd6000 for 0x7000 bytes. Read failure with status 0xc0000185 at offset 0x36fd6000 for 0x1000 bytes. Read failure with status 0xc0000185 at offset 0x36fd7000 for 0x6000 bytes. Read failure with status 0xc0000185 at offset 0x36fd7000 for 0x1000 bytes. Windows replaced bad clusters in file 849542 of name \Windows\ServiceProfiles\LOCALS~1\AppData\Roaming\PEERNE~1\F7F840~1.HOM\246E31~1\grouping\edb.log. 1452272 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 36272182 free clusters processed. Free space verification is complete. Adding 10 bad clusters to the Bad Clusters File. CHKDSK discovered free space marked as allocated in the master file table (MFT) bitmap. Correcting errors in the Volume Bitmap. Windows has made corrections to the file system. 470078463 KB total disk space. 322998660 KB in 948498 files. 421188 KB in 95799 indexes. 40 KB in bad sectors. 1569843 KB in use by the system. 65536 KB occupied by the log file. 145088732 KB available on disk. 4096 bytes in each allocation unit. 117519615 total allocation units on disk. 36272183 allocation units available on disk. Internal Info: 00 29 16 00 52 ef 0f 00 98 e0 1a 00 00 00 00 00 .)..R........... 63 79 00 00 4c 00 00 00 00 00 00 00 00 00 00 00 cy..L........... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Windows has finished checking your disk. Please wait while your computer restarts. Avast boot scan Log: 08/31/2011 09:09 Scan of all local drives File C:\HP\Bin\EndProcess.exe is infected by Win32:KillApp-W [PUP] Scanning aborted Number of searched folders: 22548 Number of tested files: 698693 Number of infected files: 1 [b]+++++++I ignored this, I think it is a process used by HP on their computers for shut down. I googled it and many people had problems after chesting it or repairing it and had to download another. However, the answer still seems unclear. I chose to leave it alone for now.+++++++++[/b] What are your thoughts? ---------------------------------------- 11/14/2011 13:00 Scan of all local drives File C:\HP\Bin\EndProcess.exe is infected by Win32:KillApp-W [PUP] File C:\Users\MyName\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00ad96|>Designs\SimB.exe Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\AppData\Local\Microsoft\Windows Live Mail\Gmail (MyNamekra)\MyName@atypic 7a7\44EF00ED-0000A1C9.eml|>65001wachovia summons.html#1936426293 is infected by JS:Redirector-DU [Trj], Moved to chest File C:\Users\MyName\AppData\Local\Microsoft\Windows Live Mail\Gmail (MyNamekra)\[Gmail]\All Mail\3A271AD9-00058E8A.eml|>65001wachovia summons.html#1936426293 is infected by JS:Redirector-DU [Trj], Moved to chest File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\Glocker.class is infected by Java:Agent-ZY [Expl], Moved to chest File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\zalux$1.class is infected by Java:Agent-ZX [Expl], Moved to chest File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\zalux$zordo.class is infected by Java:Agent-TB [Expl], Moved to chest File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\zalux.class is infected by Java:Agent-WY [Expl], Moved to chest File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\Zo666.class is infected by Java:Agent-ZZ [Expl], Moved to chest File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\Zom.class is infected by Java:Agent-ZW [Expl], Moved to chest File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\473a5bc4-5138820d|>glass\mumux.class is infected by Java:Agent-WY [Expl], Moved to chest File C:\Users\MyName\Documents\Gmail Backup\2010_09_20100917-202158-supertankerf55@rofgam_com-Vuong-1.eml|>65001wachovia summons.html#1936426293 is infected by JS:Redirector-DU [Trj], Moved to chest File C:\Users\MyName\Documents\Web Site Backups\AtypFem\backup-3.11.2010_09-39-46_afblog.tar.gz|>backup-3.11.2010_09-39-46_afblog.tar|>backup-3.11.2010_09-39-46_afblog\homedir.tar|>.\public_html\wordpress\wp-content\plugins\widgets\Bryce5FreeVersionPC.zip|>Bryce5FreeVersionPC\data\billboardold.dat Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Documents\Web Site Backups\AtypFem\backup-3.11.2010_09-39-46_afblog.tar.gz|>backup-3.11.2010_09-39-46_afblog.tar|>backup-3.11.2010_09-39-46_afblog\homedir.tar|>.\mail\atypfem.com\MyName\cur\1221638478.H654914P8662.cpanel63.gzo.com:2,S|>Penguin.Panic.zip#3057990864|>Penguin.Panic.exe is infected by Win32:Trojan-gen ---------------------------------------- 07/31/2012 22:01 Scan of all local drives File C:\HP\Bin\EndProcess.exe.vir is infected by Win32:KillApp-W [PUP] File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\Zom2.class is infected by Java:Agent-ATN [Expl], Moved to chest File C:\Users\MyName\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\quarantine.db|>data Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\downloads\files\exposhownew.zip|>Pets.ppt|>Pictures Error 42144 {OLE archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\downloads\files\exposhownew.zip|>Pets.ppt|>PowerPoint Document Error 42144 {OLE archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\downloads\files\exposhownew.zip|>Pets.ppt Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\online site\public_html\downloads\files\exposhownew.zip|>Pets.ppt|>Pictures Error 42144 {OLE archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\online site\public_html\downloads\files\exposhownew.zip|>Pets.ppt|>PowerPoint Document Error 42144 {OLE archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\online site\public_html\downloads\files\exposhownew.zip|>Pets.ppt Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\WIN386.SWP is infected by Win32:Webhancer-C [PUP], Move to chest: Error 0xC000007F {An operation failed because the disk was full.}, Repair: Error 42060 {The file was not repaired.}, Move to chest: Error 0xC000007F {An operation failed because the disk was full.}, Move to chest: Error 0xC000007F {An operation failed because the disk was full.}, Deleted File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\OPTIONS\CABS\OLS\AT&T\ATTKIT.EXE|>Wise0003.bin|>Wise0051.bin Error 42145 {Installer archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\SYSTEM\EB5ST000.DAT|>\LPT_t\Ebplpt.dll Error 42127 {CAB archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\9STUDEOP\Gag[1].zip|>GAGGERS_.TTF Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\GTE7CPAR\win_jb35foundation[1].zip|>foundation\install.exe Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\JVKVLOIC\jb_art_large[1].dat|>toolbar.gif Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\JVKVLOIC\pocoemal[1].zip|>pocosetup.exe Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\QFKLA7AV\EC4000Demo[1].EXE|>Wise0001.bin Error 42145 {Installer archive is corrupted.} File C:\Users\MyName\Documents\Web Site Backups\Mecca\public_html\guestbook\phpinfo1.php.vir is infected by HTML:Iframe-DF [Trj], Moved to chest File C:\Users\MyName\Documents\Web Site Backups\Mecca\public_html\public_html\guestbook\phpinfo1.php.vir is infected by HTML:Iframe-DF [Trj], Moved to chest File C:\Users\MyName\Downloads\Install\ScreenRecorders\Encoder_en.exe|>Setup\EnComn.cab|>Vex.SDK.Samples.TemplatesModifiedSL3Standard.MediaPlayerTemplate.xap|>MediaPlayer.dll Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Downloads\Install\ScreenRecorders\Encoder_en.exe|>Setup\EnComn.cab|>Vex.SDK.Samples.TemplatesModifiedSL3Standard.SmoothStreaming.xap|>SmoothStreaming.dll Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Downloads\Install\ScreenRecorders\Encoder_en.exe|>Setup\EnComn.cab|>Vex.SDK.SamplesVB.TemplatesModifiedSL3Standard.MediaPlayerTemplate.xap|>MediaPlayer.dll Error 42125 {ZIP archive is corrupted.} File C:\Users\MyName\Downloads\Install\ScreenRecorders\Encoder_en.exe|>Setup\EnComn.cab|>Vex.SDK.SamplesVB.TemplatesModifiedSL3Standard.SmoothStreaming.xap|>SmoothStreaming.dll Error 42125 {ZIP archive is corrupted.} File C:\Windows\SoftwareDistribution\Download\2bf7e032374dbf4620037dfec6242dba\BIT5559.tmp|>WdfCoInstaller01009.dll Error 42127 {CAB archive is corrupted.} File C:\Windows\SoftwareDistribution\Download\a568738027b9278d7681fca958f664fb\BITD336.tmp|>silverlight.7z Error 42127 {CAB archive is corrupted.} Number of searched folders: 95803 Number of tested files: 4001036 Number of infected files: 5 Phew! Thanks so much for looking at these. Let me know if you see anything out of the ordinary. As I said, most things are in chests and quarentines. I'm going to chill for a bit and do something else than look at this screen, then reboot and see how it goes. :) Regards, Gina
  8. My laptop just booted after a prayer to Jesus and an exorcism. Really, this Christian gal ain't kidding. I haven't seen my desktop since, like Wednesday last week I think. I am running Malwarebytes scan on it now. It took a looooooong time to boot. A good 15 minutes. Any suggestions on what else to do before I try restarting it again? If this is a hard drive failure, how can I tell? My plans are to uninstall the crap I installed right before it went south, do a complete virus scan with Avast, a complete malware scan with Malwarebytes, and maybe another data backup, as well as a rootkit finder, and a scandisk. Reboot. Pray again. Anything else I should do? Will let you know on the results of malware scan.
  9. Thank you for responding I ran chkdsk on the computer. I have not been in the command prompt for a looong time. Want to make sure I did it correctly. I entered the command prompt by choosing Repair Your Computer after using the F8 key to get to the disk menu. I was presented with X:\windows\system32> I entered C: at prompt, hit return. Then I had C:\> I entered chkdsk The last two lines don't look relevent to me. They are 43650 allocations available on disk. Failed to transfer logged messages to the event log with status 50. So I will type everything I got. If I try to run chkdsk /f /r C: I get a message that chkdsk cannot run because the volume is in use by another process. I have to unmount the disk before it can run, and that all opened handles to this volume would then be invalid. Would I like to force a dismount on this volume yes or no.
  10. Hello Firstly, thanks for your support here. I have been using Malwarebytes free for some time. I didn't even know there was a pro version until I was frantically trying to fix my PC, but I'm ahead of myself. I am currently experiencing an inability to boot, either in safe mode or normal. Due to what happened to my PC, I could have a software issue, a hardware issue, or Malware/virus. I'm starting with antiviral, but I'm getting mixed signals from my PC. Is there a way to run MB if I can't boot? I can get to a command line. I am here for help because my dodgy slow computer started acting fine when I updated MB and it offered to let me try Pro. I enabled that, and (by coincidence or not) my computer ran like nothing happened to it. So, I'm suspicious I might have an infection. Okay, some backstory: I have a win7 64bit laptop. That morning, the pc was fine. The day before, I had to turn off my Avast free and User Account Controls to install a trusted software. I forgot to turn back on UAC, and possibly the Avast too, leaving my computer wide the hell open. (Stupid) The next day, I did a lot to my pc before the problems started. I downloaded a couple of "video downloaders" (yes, I know), installed a couple of retail programs (Hallmark Card Studio 2012 for example), and then before rebooting, my electric went out while I was in the shower. I didn't get to my pc until the power saving mode had put it into sleep mode. When I brought it out, it was a mess. When I tried to do anything it took forever, Explorer kept shutting down, and I couldn't run Task Manager or Control Panel, etc. I had to basically turn it off. I had to reboot/turn off a couple of times. So I have have three possiblilites: a software issue, a virus/malware issue, or a hardware issue due to the electric outage. I am here because of something that happened when I was trying to figure out the problem and starting with possible virus. I got my computer to boot even though it took 20 minutes, but it ran really really slow and dodgy until I updated Malwarebytes free in order to do a scan, and when it offered to let me try the Pro and I enabled it, suddenly my system ran fine. I backed up some data, ran SuperAntispyware, which found only tracking cookies, and decided I would boot into safe mode to run Malwarebytes due to that being recommended. Well, that was a mistake, because now I cannot even boot into safe mode, normal mode, etc. I just have a boot loop. So how can I run Malwarebytes if I cannot boot? This is what I have done: 1. Run Avira Rescue CD - False positives, but cleaned 2. Run AVG Rescue CD - False positives mostly, but cleaned After they found nothing, I started trying to use the stuff I could get to, my HP recovery/diagnostics, and the Windows Recovery stuff. 3. HP Diagnostics passed on my Memory and Smart Check, but my Short DST failed, which is some kind of hard drive test. Start Up test failed. (Gee, ya think?!, lol) 4. Chkdsk was in read only mode in HP diagnostics and could not finish, it said there were errors, but I want to recheck my data copy and make sure it's good before I exercise the disk anymore, it was running pretty hot. 3 and 4 lead me to believe that the hard disk either has errors or is failing, but I don't know at this point I am so confused 5. Tried starting with Last Known Good. Failed. 6. Tried Start Up Repair. Failed. I have some errors and stuff, but not sure how much you want/need. I'm starting to wonder if I have a virus/malware at all, but it was weird that live protection from Malwarebytes Pro turned it around instantly. I do have Paragon backup, and am this close to just doing a restore, but I am afraid to check my data backups in my external drives in my husband's computer, in fear of giving him whatever I had on my pc, as the external drive was attached at the time. Can you help me figure out if this is a virus/malware and help me remove it? Hhheeeelllpppppp! Thanks
  11. Thank you Will be posting in the forum. I will become a paying user of Pro, but I don't want to use any credit card numbers right now, in case of infection. I appreciate the direction
  12. Hi all, My question is how do I run Malwarebytes if I can't boot, but I have to put in some back story to see if anyone can help. I have a win7 64bit laptop. That morning, the pc was fine. The day before, I had to turn off my Avast free and User Account Controls to install a trusted software. I forgot to turn back on UAC, and possibly the Avast too, leaving my computer wide the hell open. The next day, I did a lot to my pc before the problems started. I downloaded a couple of "video downloaders" (yes, I know), installed a couple of retail programs, and then my electric went out while I was in the shower. I didn't get to my pc until the power saving mode had put it into sleep mode. When I brought it out, it was a mess. So I have have three possiblilites: a software issue, a virus/malware issue, or a hardware issue due to the electric outage. I am here because of something that happened when I was trying to figure out the problem and starting with possible virus. I got my computer to boot, but it ran really slow until I updated Malwarebytes free, and when it offered to let me try the Pro and I enabled it, suddenly my system ran fine. I backed up some data, ran SuperAntispyware, which found only tracking cookies, and decided I would boot into safe mode to run Malwarebytes due to that being recommended. Well, that was a mistake, because now I cannot even boot into safe mode, normal mode, etc. I just have a boot loop. So how can I run Malwarebytes if I cannot boot? I have run Avira Rescue CD, and AVG Rescue CD to scan the pc, but they really found nothing but false positives. I'm starting to wonder if I have a virus/malware at all, but it was weird that live protection from Malwarebytes Pro turned it around instantly. Help? Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.