Jump to content

ginakra

Members
  • Posts

    12
  • Joined

  • Last visited

Posts posted by ginakra

  1. 9 minutes ago, aqw409 said:

    Restart yuor computer and look at teh update package for version number 3803 Then restart the PC.

    EDITED TO ADD: Nevermind! Its back to normal now without a system restart. Im on update 3803. Seems to be doing fine now. Guess it updated in the background somehow.

    ///////////////////

    Don't understand. Why restart the PC if the update hasnt been received? Look where for the update package? 

  2. Oh, and I will consider the reformat. I just didn't want to spend all the time and effort if the hard drive is failing anyway. I have also been looking at new laptops too, I need something bigger than this little tablet pc for normal work. I will be letting my husband use it mostly, which would need a format/reinstall anyway, so that's why I was putting it off. But you're right, it would help troubleshoot.

    Thanks!!!!

  3. I rebooted today and the boot up time was normal. (For now) Yay!!

    Yeah, I know I have a lot of crap on the computer. I have health issues that make it difficult or impossible to spend much time on the computer. I don't have enough computer time for fun/necessary stuff, so I tend to get behind on maintenance. The last few days, I've been paying the price for being on the pc more than I should. :wacko:

    I am going to keep an eye on the hard drive for sure. I have a couple of diagnostics on the comp now.

    I still have to decide what to do with the quarentine/chest stuff. But it can wait until I recouperate. Thanks a ton for your help :) I might pop back in after a few days if something arises. Will be taking a break until then. :) Thanks screen317! I really appreciate your time and assistance.

  4. Hi, I had already rebooted my machine before your reply, and it took all the rest of the day, evening, and next morning for my computer to boot with the boot scans I had scheduled. :)

    I am now typing on the machine that had problems, and not my husband's. Which is a good start I think. It booted up seemingly fine after the scandisk. I need to reboot after I type this, both into safe and normal modes, and see if it seems normal. In the meantime, I wanted to let you know what's up. Thanks for sticking with me on this. :) After all the repairwork yesterday, this is first boot. So far the computer seems to be running okay. It could be temporary, and I need to reboot again to see if my boot time is back to normal instead of a loop, and that I can get into safe mode (before I couldn't).

    ======================================

    What I did yesterday, that I recall (TIRED!!!)

    ======================================

    Ok, I did a lot yesterday.

    I did uninstall all the software from the "known good" date to the "went south" date. Except for SQL/system type updates and such.

    I took a lot of stuff out of my start up that I knew didn't need to run, but I have a lot more work to do.

    I went looking around in my Event viewer and I had LOTS of errors for the Disk, starting after the electric went out, that said:

    The driver detected a controller error on \Device\Harddisk0\DR0.

    I have not received any today after the reboot (after the scandisk at boot, and Avast at boot). I tried to look up the error, but still not sure what it is.

    I also ran Kapersky TDSSKiller (nothing found).

    I did notice everytime I turned on my wifi the computer would slow down badly, but figured out it was Sugar Sync trying to upload 6GB of crap I moved over to a syncing folder. Turned off Sugar Sync and it immproved drastically.

    I did a Quick scan in Malwarewarebytes in normal mode first. Then a full scan in normal mode. I was afraid I would not be able to boot again if I tried safemode. Here are the two logs, Quickscan found nothing. I did notice it paused for a long time on bootstat.dat, which ended up having bad clusters when I did my scandisk scheduled on boot.

    ==================================

    Scan Results

    ===================================

    Here is Malwarebytes FullScan Log

    Malwarebytes Anti-Malware (Trial) 1.62.0.1300
    www.malwarebytes.org

    Database version: v2012.07.26.16

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421


    Protection: Enabled

    7/31/2012 3:33:36 AM
    mbam-log-2012-07-31 (10-06-28).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 1194021
    Time elapsed: 6 hour(s), 32 minute(s), 13 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 5
    C:\Users\MyName\Desktop\Floor_Comp\Games\SeaWar2\CD_Gif.dll (AdWare.Cydoor) -> No action taken.
    C:\Users\MyName\Desktop\Floor_Comp\Graphics Software\SWiSH v2.0\Downloaded SWI\part2\fr08_final\64k.exe (Malware.Packer.Krunchy) -> No action taken.
    C:\Users\MyName\Desktop\Floor_Comp\Graphics Software\SWiSH v2.0\Downloaded SWI\part2\part2\fr08_final\64k.exe (Malware.Packer.Krunchy) -> No action taken.
    C:\Users\MyName\Desktop\Floor_Comp\Program Files\WEBSVR\SYSTEM\KEYGEN.EXE (Riskware.Tool.CK) -> No action taken.
    C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\SYSTEM\CD_Gif.dll (AdWare.Cydoor) -> No action taken.

    (end)

    I put the files above in quarentine. These files are actually from a copied backup of another hard drive I have in an enclosure, It was from an old computer. I took the hard drive out of the tower and put in a usb enclosure, then copied the entire drive contents my my current computer.

    Okay, here's DDs.txt


    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33
    Run by MyName at 12:58:58 on 2012-08-01
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8095.5190 [GMT -4:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_10227f8c486f7892\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\Hpservice.exe
    C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\vcsFPService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\Common Files\Chameleon Manager\monitor.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_10227f8c486f7892\AESTSr64.exe
    C:\Program Files (x86)\Common Files\Chameleon Manager\proc64.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
    C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
    C:\Windows\system32\crypserv.exe
    C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
    C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
    C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
    C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
    C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
    C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    C:\Program Files (x86)\BERNINA\UCS\UniversalCommunicationServer.exe
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
    C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
    C:\Program Files\DigitalPersona\Bin\DPAgent.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Pantone\huey\hueyTray.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uSearch Bar = hxxp://www.google.com/ie
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll
    mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: DigitalPersona Personal Extension: {395610ae-c624-4f58-b89e-23733ea00f9a} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
    BHO: PodcastBHO Class: {65134fdf-f8a5-4b3d-91d9-cdf273cfd578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll
    BHO: NXIECatcher Class: {83b80a9c-d91a-4f22-8dcf-ea7204039f79} - C:\Program Files (x86)\Xi\NetXfer\NXIEHelper.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} - C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll
    TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: NetXfer: {c16cbaac-a75c-4db5-a0dd-cdf5cafcdd3a} - C:\Program Files (x86)\Xi\NetXfer\NXToolBar.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [Power2GoExpress]
    uRun: [SysResources Manager] "C:\Program Files (x86)\SysResources Manager\SysResManager.exe"
    uRun: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe
    uRun: [AdobeBridge]
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
    mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [<NO NAME>]
    mRun: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    mRun: [Persistence] C:\Windows\system32\igfxpers.exe
    mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\hueyTray.lnk - C:\Program Files (x86)\Pantone\huey\hueyTray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: EnableLinkedConnections = 1 (0x1)
    IE:
    IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
    IE: Download all by NetXfer - C:\Program Files (x86)\Xi\NetXfer\NXAddList.html
    IE: Download by NetXfer - C:\Program Files (x86)\Xi\NetXfer\NXAddLink.html
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
    IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{B075D54C-D331-4524-9A26-3FE5F571D419} : DhcpNameServer = 192.168.1.1
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    LSA: Notification Packages = scecli DPPWDFLT
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    mASetup: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe
    BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO-X64: 0x1 - No File
    BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO-X64: HP Print Enhancer - No File
    BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: DigitalPersona Personal Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
    BHO-X64: DigitalPersona Personal Extension - No File
    BHO-X64: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
    BHO-X64: dTPodcastBHO - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll
    BHO-X64: Zynga - No File
    BHO-X64: NXIECatcher Class: {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files (x86)\Xi\NetXfer\NXIEHelper.dll
    BHO-X64: NetXfer - No File
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO-X64: SmartSelect - No File
    BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    BHO-X64: HP Smart BHO Class - No File
    TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    TB-X64: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll
    TB-X64: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
    TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB-X64: NetXfer: {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files (x86)\Xi\NetXfer\NXToolBar.dll
    TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun-x64: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
    mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun-x64: [(Default)]
    mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
    mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\
    FF - component: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext\components\dpffcli.dll
    FF - component: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
    FF - plugin: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
    FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\MyName\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll
    FF - plugin: C:\Users\MyName\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
    FF - plugin: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
    FF - plugin: C:\Users\MyName\AppData\Roaming\Mozilla\Firefox\Profiles\ddd1fr9o.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    FF - plugin: C:\Windows\SysWOW64\Npplg80n.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 fltsrv;Acronis Storage Filter Management;C:\Windows\system32\DRIVERS\fltsrv.sys --> C:\Windows\system32\DRIVERS\fltsrv.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R0 vididr;Acronis Virtual Disk;C:\Windows\system32\DRIVERS\vididr.sys --> C:\Windows\system32\DRIVERS\vididr.sys [?]
    R0 vidsflt67;Acronis Disk Storage Filter (67);C:\Windows\system32\DRIVERS\vsflt67.sys --> C:\Windows\system32\DRIVERS\vsflt67.sys [?]
    R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\system32\Drivers\uim_vimx64.sys --> C:\Windows\system32\Drivers\uim_vimx64.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
    R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-10-25 37280]
    R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_10227f8c486f7892\AESTSr64.exe [2009-3-3 89600]
    R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-6-4 3459024]
    R2 AHDDC2;Ashampoo HDD Control 2 Service;C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-7-31 1517976]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-8 44808]
    R2 BotkindSyncService;Botkind Service;C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe service --> C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe service [?]
    R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2009-10-15 22072]
    R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-5 296808]
    R2 FreemakeVideoCapture;FreemakeVideoCapture;C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-5-23 8704]
    R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
    R2 iPodDrv;iPodDrv;\??\C:\Windows\system32\drivers\iPodDrv.sys --> C:\Windows\system32\drivers\iPodDrv.sys [?]
    R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375208]
    R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-3-20 655944]
    R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-1-24 25824]
    R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
    R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
    R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-6-15 548264]
    R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504]
    R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-4-27 5914912]
    R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-10-26 5790064]
    R2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2012-4-6 7515000]
    R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-5-31 2666880]
    R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-10-26 487280]
    R2 TouchServiceWacom;Wacom Professional Touch Service;C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe [2012-4-6 552312]
    R2 UniversalCommunicationServer;Universal Communication Server;C:\Program Files (x86)\BERNINA\UCS\UniversalCommunicationServer.exe [2012-1-16 90112]
    R2 USBSafelyRemoveService;USB Safely Remove Assistant;C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [2012-6-16 1473920]
    R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2009-7-13 1656112]
    R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys --> C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [?]
    R3 bbcap;bb_capture_driver;C:\Windows\system32\DRIVERS\bbcap.sys --> C:\Windows\system32\DRIVERS\bbcap.sys [?]
    R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-1-12 227896]
    R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
    R3 RRNetCapMP;RRNetCapMP;C:\Windows\system32\DRIVERS\rrnetcap.sys --> C:\Windows\system32\DRIVERS\rrnetcap.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-6 135664]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-18 250056]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
    S3 busbcrw;USB Card Reader Writer driver;C:\Windows\system32\Drivers\bucrw64.sys --> C:\Windows\system32\Drivers\bucrw64.sys [?]
    S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?]
    S3 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [2012-7-31 544768]
    S3 fdrawcmd;Low-level Floppy Driver;\??\C:\Windows\system32\drivers\fdrawcmd.sys --> C:\Windows\system32\drivers\fdrawcmd.sys [?]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-6 135664]
    S3 MEMSWEEP2;MEMSWEEP2;\??\C:\Windows\system32\7273.tmp --> C:\Windows\system32\7273.tmp [?]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 113120]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
    S3 rcmirror;rcmirror;C:\Windows\system32\DRIVERS\rcmirror.sys --> C:\Windows\system32\DRIVERS\rcmirror.sys [?]
    S3 RRNetCap;RRNetCap Service;C:\Windows\system32\DRIVERS\rrnetcap.sys --> C:\Windows\system32\DRIVERS\rrnetcap.sys [?]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Moo0\SystemMonitor 1.64\WinRing0x64.sys [2011-11-28 14544]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-08-01 16:50:36 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{33291609-9A23-4223-8308-BCCCE324DCCD}\mpengine.dll
    2012-07-31 20:49:48 34304 ----a-w- C:\Windows\System32\DfSdkBt.exe
    2012-07-31 20:46:13 -------- d-----w- C:\Program Files (x86)\CrystalDiskInfo
    2012-07-31 20:34:09 -------- d-----w- C:\Program Files (x86)\DiskCheckup
    2012-07-31 18:37:09 -------- d-----w- C:\ProgramData\Sophos
    2012-07-31 18:33:19 73728 ----a-r- C:\Users\MyName\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
    2012-07-31 18:33:19 73728 ----a-r- C:\Users\MyName\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
    2012-07-31 18:33:18 73728 ----a-r- C:\Users\MyName\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
    2012-07-31 01:40:37 -------- d-----w- C:\Users\MyName\AppData\Roaming\Alfa.NetSoft
    2012-07-31 01:40:36 -------- d-----w- C:\Program Files (x86)\Alfa.NetSoft
    2012-07-27 00:48:26 -------- d-----w- C:\ProgramData\restore
    2012-07-25 11:51:59 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
    2012-07-24 17:37:43 -------- d-----w- C:\Users\MyName\AppData\Local\Nova Development
    2012-07-24 15:35:50 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
    2012-07-24 13:10:12 -------- d-----w- C:\Program Files (x86)\WMR14
    2012-07-24 12:56:34 -------- d-----w- C:\Users\MyName\AppData\Roaming\KastorAllVideoDownloader
    2012-07-24 12:53:25 484352 ----a-w- C:\Windows\SysWow64\lame_enc.dll
    2012-07-24 12:53:03 -------- d-----w- C:\Users\MyName\AppData\Roaming\KastorFreeVideoCatcher
    2012-07-19 19:47:40 -------- d-----w- C:\Users\MyName\AppData\Roaming\EMBIRD_STUDIO_(64-bit)
    2012-07-19 19:34:55 51866 ----a-w- C:\Windows\FdUninstall.exe
    2012-07-19 19:31:05 -------- d-----w- C:\Program Files\EMBIRD64
    2012-07-19 19:29:28 -------- d-----w- C:\Users\MyName\AppData\Roaming\EMBIRD64
    2012-07-12 19:33:17 57344 ----a-r- C:\Users\MyName\AppData\Roaming\Microsoft\Installer\{57F95617-28F4-566C-885B-9530CAE60E71}\NewShortcut1_F3FECDDB618046699EBFBFAD3F0D5BC9.exe
    2012-07-12 19:32:35 -------- d-----w- C:\ImageStorage
    2012-07-11 07:15:53 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-07-10 23:02:21 2004480 ----a-w- C:\Windows\System32\msxml6.dll
    2012-07-10 23:02:20 1881600 ----a-w- C:\Windows\System32\msxml3.dll
    2012-07-10 23:02:20 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-07-10 23:02:18 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
    2012-07-10 23:02:18 2048 ----a-w- C:\Windows\System32\msxml3r.dll
    2012-07-10 23:02:18 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2012-07-10 23:02:00 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
    2012-07-10 22:31:58 -------- d-----w- C:\Program Files (x86)\Artensoft Photo Collage Maker
    2012-07-10 19:39:01 -------- d-----w- C:\Program Files\Artensoft Photo Mosaic Wizard
    2012-07-06 17:08:55 -------- d-----w- C:\Program Files (x86)\FileStream
    2012-07-05 02:43:09 -------- d-----w- C:\Users\MyName\SANDSCOMPUTING
    .
    ==================== Find3M ====================
    .
    2012-07-31 20:05:25 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-07-31 20:05:25 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-07-12 20:59:44 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
    2012-07-12 20:59:43 80800 ----a-w- C:\Windows\System32\LMIinit.dll
    2012-07-12 20:59:43 34720 ----a-w- C:\Windows\System32\LMIport.dll
    2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2012-07-03 16:21:52 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr
    2012-06-08 12:50:26 90960 ----a-w- C:\Windows\System32\drivers\uimx64.sys
    2012-06-08 12:50:26 633296 ----a-w- C:\Windows\System32\drivers\Uim_IMx64.sys
    2012-06-08 12:50:26 472144 ----a-w- C:\Windows\System32\drivers\UimFIO.sys
    2012-06-08 12:50:24 389968 ----a-w- C:\Windows\System32\drivers\uim_vimx64.sys
    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
    2012-06-04 16:00:14 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys
    2012-06-04 16:00:05 1294432 ----a-w- C:\Windows\System32\drivers\tdrpman.sys
    2012-06-04 16:00:01 994912 ----a-w- C:\Windows\System32\drivers\timntr.sys
    2012-06-04 15:59:54 211552 ----a-w- C:\Windows\System32\drivers\vididr.sys
    2012-06-04 15:59:52 146528 ----a-w- C:\Windows\System32\drivers\vsflt67.sys
    2012-06-04 15:59:49 320096 ----a-w- C:\Windows\System32\drivers\snapman.sys
    2012-06-04 15:59:48 137312 ----a-w- C:\Windows\System32\drivers\fltsrv.sys
    2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
    2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
    2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
    2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2012-05-22 01:46:29 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak
    2012-05-09 16:21:41 476936 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-05-09 16:21:36 472840 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    .
    ============= FINISH: 13:01:06.26 ===============

    This was AFTER I did all the scans and removals, etc.

    ScanDisk Log

    I did a scan disk with repair bad sectors on boot, as well as a full updated Avast scan at boot. I did get errors with the scandisk.



    Checking file system on C:
    The type of the file system is NTFS.
    A disk check has been scheduled.
    Windows will now check the disk.

    CHKDSK is verifying files (stage 1 of 5)...
    1452288 file records processed. File verification completed.
    3376 large file records processed. 0 bad file records processed. 0 EA records processed. 76 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)...
    The object id index entry in file 0x19 points to file 0x3d1e1
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x243ac
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x3d1ec
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x29244
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x28402
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x27a18
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x189bc
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x2a777
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x2c81a
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    The object id index entry in file 0x19 points to file 0x3466c
    but the file has no object id in it.
    Deleting an index entry from index $O of file 25.
    1643878 index entries processed. Index verification completed.
    0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)...
    1452288 file SDs/SIDs processed. CHKDSK is compacting the security descriptor stream
    Cleaning up 4449 unused security descriptors.
    95796 data files processed. CHKDSK is verifying Usn Journal...
    35875312 USN bytes processed. Usn Journal verification completed.
    CHKDSK is verifying file data (stage 4 of 5)...
    Read failure with status 0xc0000185 at offset 0x6819000 for 0x10000 bytes.
    Read failure with status 0xc0000185 at offset 0x6819000 for 0x1000 bytes.
    Windows replaced bad clusters in file 28495
    of name \Windows\bootstat.dat.
    Read failure with status 0xc0000185 at offset 0x36fcd000 for 0x10000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fcf000 for 0x1000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd0000 for 0xd000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd0000 for 0x1000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd1000 for 0xc000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd1000 for 0x1000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd2000 for 0xb000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd2000 for 0x1000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd3000 for 0xa000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd3000 for 0x1000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd4000 for 0x9000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd4000 for 0x1000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd5000 for 0x8000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd5000 for 0x1000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd6000 for 0x7000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd6000 for 0x1000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd7000 for 0x6000 bytes.
    Read failure with status 0xc0000185 at offset 0x36fd7000 for 0x1000 bytes.
    Windows replaced bad clusters in file 849542
    of name \Windows\ServiceProfiles\LOCALS~1\AppData\Roaming\PEERNE~1\F7F840~1.HOM\246E31~1\grouping\edb.log.
    1452272 files processed. File data verification completed.
    CHKDSK is verifying free space (stage 5 of 5)...
    36272182 free clusters processed. Free space verification is complete.
    Adding 10 bad clusters to the Bad Clusters File.
    CHKDSK discovered free space marked as allocated in the
    master file table (MFT) bitmap.
    Correcting errors in the Volume Bitmap.
    Windows has made corrections to the file system.
    470078463 KB total disk space.
    322998660 KB in 948498 files.
    421188 KB in 95799 indexes.
    40 KB in bad sectors.
    1569843 KB in use by the system.
    65536 KB occupied by the log file.
    145088732 KB available on disk.

    4096 bytes in each allocation unit.
    117519615 total allocation units on disk.
    36272183 allocation units available on disk.
    Internal Info:
    00 29 16 00 52 ef 0f 00 98 e0 1a 00 00 00 00 00 .)..R...........
    63 79 00 00 4c 00 00 00 00 00 00 00 00 00 00 00 cy..L...........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

    Windows has finished checking your disk.
    Please wait while your computer restarts.

    Avast boot scan Log:


    08/31/2011 09:09
    Scan of all local drives

    File C:\HP\Bin\EndProcess.exe is infected by Win32:KillApp-W [PUP]

    Scanning aborted
    Number of searched folders: 22548
    Number of tested files: 698693
    Number of infected files: 1

    [b]+++++++I ignored this, I think it is a process used by HP on their computers for shut down. I googled it and many people had problems after chesting it or repairing it and had to download another. However, the answer still seems unclear. I chose to leave it alone for now.+++++++++[/b] What are your thoughts?

    ----------------------------------------
    11/14/2011 13:00
    Scan of all local drives

    File C:\HP\Bin\EndProcess.exe is infected by Win32:KillApp-W [PUP]
    File C:\Users\MyName\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00ad96|>Designs\SimB.exe Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\AppData\Local\Microsoft\Windows Live Mail\Gmail (MyNamekra)\MyName@atypic 7a7\44EF00ED-0000A1C9.eml|>65001wachovia summons.html#1936426293 is infected by JS:Redirector-DU [Trj], Moved to chest
    File C:\Users\MyName\AppData\Local\Microsoft\Windows Live Mail\Gmail (MyNamekra)\[Gmail]\All Mail\3A271AD9-00058E8A.eml|>65001wachovia summons.html#1936426293 is infected by JS:Redirector-DU [Trj], Moved to chest
    File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\Glocker.class is infected by Java:Agent-ZY [Expl], Moved to chest
    File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\zalux$1.class is infected by Java:Agent-ZX [Expl], Moved to chest
    File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\zalux$zordo.class is infected by Java:Agent-TB [Expl], Moved to chest
    File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\zalux.class is infected by Java:Agent-WY [Expl], Moved to chest
    File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\Zo666.class is infected by Java:Agent-ZZ [Expl], Moved to chest
    File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\Zom.class is infected by Java:Agent-ZW [Expl], Moved to chest
    File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\473a5bc4-5138820d|>glass\mumux.class is infected by Java:Agent-WY [Expl], Moved to chest
    File C:\Users\MyName\Documents\Gmail Backup\2010_09_20100917-202158-supertankerf55@rofgam_com-Vuong-1.eml|>65001wachovia summons.html#1936426293 is infected by JS:Redirector-DU [Trj], Moved to chest
    File C:\Users\MyName\Documents\Web Site Backups\AtypFem\backup-3.11.2010_09-39-46_afblog.tar.gz|>backup-3.11.2010_09-39-46_afblog.tar|>backup-3.11.2010_09-39-46_afblog\homedir.tar|>.\public_html\wordpress\wp-content\plugins\widgets\Bryce5FreeVersionPC.zip|>Bryce5FreeVersionPC\data\billboardold.dat Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Documents\Web Site Backups\AtypFem\backup-3.11.2010_09-39-46_afblog.tar.gz|>backup-3.11.2010_09-39-46_afblog.tar|>backup-3.11.2010_09-39-46_afblog\homedir.tar|>.\mail\atypfem.com\MyName\cur\1221638478.H654914P8662.cpanel63.gzo.com:2,S|>Penguin.Panic.zip#3057990864|>Penguin.Panic.exe is infected by Win32:Trojan-gen
    ----------------------------------------
    07/31/2012 22:01
    Scan of all local drives

    File C:\HP\Bin\EndProcess.exe.vir is infected by Win32:KillApp-W [PUP]
    File C:\Users\MyName\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\50d70395-31a1ba4a|>rotor\Zom2.class is infected by Java:Agent-ATN [Expl], Moved to chest
    File C:\Users\MyName\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\quarantine.db|>data Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\downloads\files\exposhownew.zip|>Pets.ppt|>Pictures Error 42144 {OLE archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\downloads\files\exposhownew.zip|>Pets.ppt|>PowerPoint Document Error 42144 {OLE archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\downloads\files\exposhownew.zip|>Pets.ppt Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\online site\public_html\downloads\files\exposhownew.zip|>Pets.ppt|>Pictures Error 42144 {OLE archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\online site\public_html\downloads\files\exposhownew.zip|>Pets.ppt|>PowerPoint Document Error 42144 {OLE archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\Local Sites\PAPocket\online site\public_html\downloads\files\exposhownew.zip|>Pets.ppt Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\WIN386.SWP is infected by Win32:Webhancer-C [PUP], Move to chest: Error 0xC000007F {An operation failed because the disk was full.}, Repair: Error 42060 {The file was not repaired.}, Move to chest: Error 0xC000007F {An operation failed because the disk was full.}, Move to chest: Error 0xC000007F {An operation failed because the disk was full.}, Deleted
    File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\OPTIONS\CABS\OLS\AT&T\ATTKIT.EXE|>Wise0003.bin|>Wise0051.bin Error 42145 {Installer archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\SYSTEM\EB5ST000.DAT|>\LPT_t\Ebplpt.dll Error 42127 {CAB archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\9STUDEOP\Gag[1].zip|>GAGGERS_.TTF Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\GTE7CPAR\win_jb35foundation[1].zip|>foundation\install.exe Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\JVKVLOIC\jb_art_large[1].dat|>toolbar.gif Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\JVKVLOIC\pocoemal[1].zip|>pocosetup.exe Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Desktop\Floor_Comp\WINDOWS\Temporary Internet Files\Content.IE5\QFKLA7AV\EC4000Demo[1].EXE|>Wise0001.bin Error 42145 {Installer archive is corrupted.}
    File C:\Users\MyName\Documents\Web Site Backups\Mecca\public_html\guestbook\phpinfo1.php.vir is infected by HTML:Iframe-DF [Trj], Moved to chest
    File C:\Users\MyName\Documents\Web Site Backups\Mecca\public_html\public_html\guestbook\phpinfo1.php.vir is infected by HTML:Iframe-DF [Trj], Moved to chest
    File C:\Users\MyName\Downloads\Install\ScreenRecorders\Encoder_en.exe|>Setup\EnComn.cab|>Vex.SDK.Samples.TemplatesModifiedSL3Standard.MediaPlayerTemplate.xap|>MediaPlayer.dll Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Downloads\Install\ScreenRecorders\Encoder_en.exe|>Setup\EnComn.cab|>Vex.SDK.Samples.TemplatesModifiedSL3Standard.SmoothStreaming.xap|>SmoothStreaming.dll Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Downloads\Install\ScreenRecorders\Encoder_en.exe|>Setup\EnComn.cab|>Vex.SDK.SamplesVB.TemplatesModifiedSL3Standard.MediaPlayerTemplate.xap|>MediaPlayer.dll Error 42125 {ZIP archive is corrupted.}
    File C:\Users\MyName\Downloads\Install\ScreenRecorders\Encoder_en.exe|>Setup\EnComn.cab|>Vex.SDK.SamplesVB.TemplatesModifiedSL3Standard.SmoothStreaming.xap|>SmoothStreaming.dll Error 42125 {ZIP archive is corrupted.}
    File C:\Windows\SoftwareDistribution\Download\2bf7e032374dbf4620037dfec6242dba\BIT5559.tmp|>WdfCoInstaller01009.dll Error 42127 {CAB archive is corrupted.}
    File C:\Windows\SoftwareDistribution\Download\a568738027b9278d7681fca958f664fb\BITD336.tmp|>silverlight.7z Error 42127 {CAB archive is corrupted.}
    Number of searched folders: 95803
    Number of tested files: 4001036
    Number of infected files: 5

    Phew! Thanks so much for looking at these. Let me know if you see anything out of the ordinary. As I said, most things are in chests and quarentines. I'm going to chill for a bit and do something else than look at this screen, then reboot and see how it goes. :) :)

    Regards,

    Gina

  5. My laptop just booted after a prayer to Jesus and an exorcism. Really, this Christian gal ain't kidding. I haven't seen my desktop since, like Wednesday last week I think. I am running Malwarebytes scan on it now. It took a looooooong time to boot. A good 15 minutes. Any suggestions on what else to do before I try restarting it again? If this is a hard drive failure, how can I tell?

    My plans are to uninstall the crap I installed right before it went south, do a complete virus scan with Avast, a complete malware scan with Malwarebytes, and maybe another data backup, as well as a rootkit finder, and a scandisk. Reboot. Pray again.

    Anything else I should do? Will let you know on the results of malware scan.

  6. Thank you for responding :)

    I ran chkdsk on the computer. I have not been in the command prompt for a looong time. Want to make sure I did it correctly. I entered the command prompt by choosing Repair Your Computer after using the F8 key to get to the disk menu. I was presented with X:\windows\system32>

    I entered C: at prompt, hit return.

    Then I had C:\>

    I entered chkdsk

    The last two lines don't look relevent to me. They are 43650 allocations available on disk. Failed to transfer logged messages to the event log with status 50.

    So I will type everything I got.

    The type of file system is NTFS.

    The volume is in use by another process. Chkdsk might report errors when no corruption is present.

    Volume label is SYSTEM

    WARNING! F parameter not specified

    Running CHKDSK in read only mode.

    CHKDSK verifying files......(edited)

    File verificartion complete.

    0 large file records processed

    0 bad file records processed

    0 EA records processed

    0 reparse records processed

    CHKDSK is verifiying indexes.....

    330 index entries processed

    Index Verification completed.

    0 unindexed files scanned.

    0 unindexed files recovered.

    CHKDSK is verifying security descriptors

    256 file SDs/SIDs processed

    Security descriptor verification completed.

    38 data files processedCHKDSK verifying Usn Journal

    97624 USN bytes processed

    Usn Journal verification completed.

    Windows has checked the file system and found no problems

    203775 KB total disk space

    26096 KB in 43 files

    28 KB in 39 indexed

    0 KB in bad sectors

    3051 KB in use by the system

    2048 KB occupied by the log file

    17400KB available on disk

    4096 bytes in each allocation unit

    50943 total alllocation units on disk

    Failed to transfer logged messages to the event log with status 50.

    If I try to run chkdsk /f /r C: I get a message that chkdsk cannot run because the volume is in use by another process. I have to unmount the disk before it can run, and that all opened handles to this volume would then be invalid. Would I like to force a dismount on this volume yes or no.

  7. Hello :)

    Firstly, thanks for your support here.

    I have been using Malwarebytes free for some time. I didn't even know there was a pro version until I was frantically trying to fix my PC, but I'm ahead of myself. ;) I am currently experiencing an inability to boot, either in safe mode or normal. Due to what happened to my PC, I could have a software issue, a hardware issue, or Malware/virus. I'm starting with antiviral, but I'm getting mixed signals from my PC. Is there a way to run MB if I can't boot? I can get to a command line.

    I am here for help because my dodgy slow computer started acting fine when I updated MB and it offered to let me try Pro. I enabled that, and (by coincidence or not) my computer ran like nothing happened to it. So, I'm suspicious I might have an infection.

    Okay, some backstory:

    I have a win7 64bit laptop. That morning, the pc was fine. The day before, I had to turn off my Avast free and User Account Controls to install a trusted software. I forgot to turn back on UAC, and possibly the Avast too, leaving my computer wide the hell open. (Stupid) The next day, I did a lot to my pc before the problems started. I downloaded a couple of "video downloaders" (yes, I know), installed a couple of retail programs (Hallmark Card Studio 2012 for example), and then before rebooting, my electric went out while I was in the shower. :P I didn't get to my pc until the power saving mode had put it into sleep mode. When I brought it out, it was a mess. When I tried to do anything it took forever, Explorer kept shutting down, and I couldn't run Task Manager or Control Panel, etc. I had to basically turn it off. I had to reboot/turn off a couple of times.

    So I have have three possiblilites: a software issue, a virus/malware issue, or a hardware issue due to the electric outage.

    I am here because of something that happened when I was trying to figure out the problem and starting with possible virus. I got my computer to boot even though it took 20 minutes, but it ran really really slow and dodgy until I updated Malwarebytes free in order to do a scan, and when it offered to let me try the Pro and I enabled it, suddenly my system ran fine. I backed up some data, ran SuperAntispyware, which found only tracking cookies, and decided I would boot into safe mode to run Malwarebytes due to that being recommended. Well, that was a mistake, because now I cannot even boot into safe mode, normal mode, etc. I just have a boot loop.

    So how can I run Malwarebytes if I cannot boot? :(

    This is what I have done:

    1. Run Avira Rescue CD - False positives, but cleaned

    2. Run AVG Rescue CD - False positives mostly, but cleaned

    After they found nothing, I started trying to use the stuff I could get to, my HP recovery/diagnostics, and the Windows Recovery stuff.

    3. HP Diagnostics passed on my Memory and Smart Check, but my Short DST failed, which is some kind of hard drive test. Start Up test failed. (Gee, ya think?!, lol)

    4. Chkdsk was in read only mode in HP diagnostics and could not finish, it said there were errors, but I want to recheck my data copy and make sure it's good before I exercise the disk anymore, it was running pretty hot.

    3 and 4 lead me to believe that the hard disk either has errors or is failing, but I don't know at this point I am so confused :P

    5. Tried starting with Last Known Good. Failed.

    6. Tried Start Up Repair. Failed.

    I have some errors and stuff, but not sure how much you want/need.

    I'm starting to wonder if I have a virus/malware at all, but it was weird that live protection from Malwarebytes Pro turned it around instantly.

    I do have Paragon backup, and am this close to just doing a restore, but I am afraid to check my data backups in my external drives in my husband's computer, in fear of giving him whatever I had on my pc, as the external drive was attached at the time. Can you help me figure out if this is a virus/malware and help me remove it?

    Hhheeeelllpppppp!

    Thanks :)

  8. Hi all,

    My question is how do I run Malwarebytes if I can't boot, but I have to put in some back story to see if anyone can help.

    I have a win7 64bit laptop. That morning, the pc was fine. The day before, I had to turn off my Avast free and User Account Controls to install a trusted software. I forgot to turn back on UAC, and possibly the Avast too, leaving my computer wide the hell open. The next day, I did a lot to my pc before the problems started. I downloaded a couple of "video downloaders" (yes, I know), installed a couple of retail programs, and then my electric went out while I was in the shower. :P I didn't get to my pc until the power saving mode had put it into sleep mode. When I brought it out, it was a mess.

    So I have have three possiblilites: a software issue, a virus/malware issue, or a hardware issue due to the electric outage. I am here because of something that happened when I was trying to figure out the problem and starting with possible virus. I got my computer to boot, but it ran really slow until I updated Malwarebytes free, and when it offered to let me try the Pro and I enabled it, suddenly my system ran fine. I backed up some data, ran SuperAntispyware, which found only tracking cookies, and decided I would boot into safe mode to run Malwarebytes due to that being recommended. Well, that was a mistake, because now I cannot even boot into safe mode, normal mode, etc. I just have a boot loop.

    So how can I run Malwarebytes if I cannot boot? :(

    I have run Avira Rescue CD, and AVG Rescue CD to scan the pc, but they really found nothing but false positives. I'm starting to wonder if I have a virus/malware at all, but it was weird that live protection from Malwarebytes Pro turned it around instantly.

    Help?

    Thanks :)

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.