Jump to content
longbeachlouise

another mydomainadvisor

Recommended Posts

Hi, Okay. After rebooting, I tried your suggestion again, deleting everything from the WER folder. One file remained, and seems to multiply, because now the fragmentation is worse than ever! View attached. Over a million fragments, and free space of only 24.3 G.

post-96106-0-49905400-1348979514.jpg

post-96106-0-28878600-1348979525.jpg

Share this post


Link to post
Share on other sites

Here is the DDS report. Appreciate if you can make something out of it! Thanx!

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2

Run by Carol at 0:35:00 on 2012-09-30

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\astsrv.exe

C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\WinTV\WinTV7\WinTVTray.exe

C:\Windows\System32\Macromed\Shockwave 10\SwHelper_1020023.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Defraggler\Defraggler.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe

C:\Windows\System32\mspaint.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\wermgr.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Carol\Desktop\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

uRun: [TClockEx] c:\program files\tclockex\TCLOCKEX.EXE

uRunOnce: [shockwave Updater] "c:\windows\system32\macromed\shockwave 10\SwHelper_1020023.exe" -Update -1020023 -iexplore.exe9.0

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"

mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe

mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzgyNDkzMzAzLVhPMTArMi1RSVgxKzQtRjEwTTEwRCsxLVgyMDEwKzItRkwxMCsxLUNJUCsyLUREVCs1MDYyNi1ERDEwRisxLVNUMTBGQVBQKzEtTDEwTSsxLUYxME0xMkFOKzIyLUYxME0xMkErMS1GMTBNMTJBQisxLVUxMCsxLVNUMTJGT0krMS1GMTBNMTJBVSsxLUVVTEErMS1TVDEyRkFQUCsxLVNURjEwTTEyQVVGKzE"&"prod=90"&"ver=2012.0.1831"&"mid=2f5e155032c547d6a51ed1572eb0a5f4-67a770033ab46c38be4f16cb6e0539da3b11bf91

uPolicies-explorer: NoInstrumentation = 1

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7}

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{5BDA6017-34CF-4407-A303-0315F31DBA14} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{AFF8AD68-D2A5-4A7C-BBF2-ED461B9A885C} : DhcpNameServer = 192.168.1.1

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\carol\appdata\roaming\mozilla\firefox\profiles\n1e4bns6.default\

FF - prefs.js: browser.startup.homepage - about:blank

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrl.1.0.20926.0.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? cpuz134;cpuz134

R? MozillaMaintenance;Mozilla Maintenance Service

R? MxL111SF_AVS_USB;Hauppauge WinTV-Aero-M

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? AdobeARMservice;Adobe Acrobat Update Service

S? FontCache;Windows Font Cache Service

S? HauppaugeTVServer;HauppaugeTVServer

S? MBAMProtector;MBAMProtector

S? MBAMScheduler;MBAMScheduler

S? MBAMService;MBAMService

S? TeamViewer7;TeamViewer 7

.

=============== Created Last 30 ================

.

2012-09-14 19:17:15 -------- d-----w- c:\users\carol\appdata\roaming\Keynote Systems

2012-09-14 18:30:36 -------- d-----w- c:\users\carol\61C5E499539F4A7E9C554844AA2E0654.TMP

2012-09-14 16:14:32 -------- d-----w- c:\users\carol\appdata\roaming\Keynote

2012-09-14 16:12:46 -------- d-----w- c:\program files\Keynote Systems

2012-09-05 05:04:05 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-08-31 22:20:10 -------- d-----w- c:\program files\Photoshop 6.01

2012-08-31 21:57:58 306688 ----a-w- c:\windows\IsUninst.exe

2012-08-31 18:54:43 -------- d-----w- c:\program files\Movie Maker 2.6

.

==================== Find3M ====================

.

2012-09-07 21:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-05 04:59:42 821736 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-08-29 21:55:20 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-29 21:55:20 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-29 19:18:09 746984 ----a-w- c:\windows\system32\deployJava1.dll

.

============= FINISH: 0:47:57.01 ===============

Attach09292012.7z

Share this post


Link to post
Share on other sites

Sometimes I attach more than one image, but only one image appears. Funny, when I ran a CCleaner before shutting down, instead of 50-250MB of temp files removed, its 49,232 MB removed - wow! View screen shot.

post-96106-0-55909700-1348984383.jpg

Share this post


Link to post
Share on other sites

Look at this! Waiting to hear from you, I, again, deleted the files in the ReportQueue and Report Archives THEN ran CCleaner and TFC. CCleaner removed some 57,000 G of files. Then I rebooted and this is what the analysis shows!

post-96106-0-18792400-1349086118.jpg

Share this post


Link to post
Share on other sites

It's MUCH better - thanx! We just had to figure out, I have to empty the recycle bin AND run a CCleaner to remove the files from the temp section.

Now, I'm going to run another defrag, though space has been freed up, and my laptop is blazingly fast . . .

This Vista operating system - I knew there is hope for it! When it reboots, it always restores everything perfectly. It must have been archiving too many of those RAM archives, for all the times I kept letting the battery run down.

My brother, Otto, says if the battery was hard to remove, it might be it was giving off gasses and already expanding in the holder, so I have to examine the seams if I remove it again. Can't believe how fast it is now, even to type these words!

post-96106-0-58521200-1349086411.jpg

Share this post


Link to post
Share on other sites

The last defrag took only 7 hours!!! Compared to 18-20 Defraggler defrags, that's blazing!

Did we "crack the code" on Windows Vista? Windows Vista stores the crash reports in WER. Every time I use the laptop on battery until it shuts down, it always boots up beautifully, bringing back the EXACT IE windows, including partially-filled out forms, etc., as well as any other programs. I like not having to start everything over!

The conclusion is: I have to empty the WER folders once in a while, to get the server to run faster! Is that right?

If only people knew: there is no issue with Vista. It's a GREAT operating system!

Here is today's analysis after removing the WER files . . . Only 5% fragmentation!!! Yay!!! Maybe that is as low as it will go, because of storing the RAM info, so it can reboot okay . . .

Thanx for everything! If you concur, I think we're done, and you may close the discussion. Is there anything else you want me to do?

Louise :)

post-96106-0-46919800-1349116286.jpg

Share this post


Link to post
Share on other sites

Hi,

Please post attach.txt from DDS directly into your reply instead of zipping it up and attaching it.

What we'll likely do, if the cause isn't obvious, is to disable what creates those folders. Gigabytes at a time for reports is unheard of. I imagine the DDS attach.txt log will show Event Viewer errors which may show the cause. So before we do anything else, please post attach.txt directly into your reply.

I wouldn't keep doing defrags so often; there's only so much that program can do, and with the space on your hard drive constantly filling up, it isn't worth all the time to keep doing defrags.

Share this post


Link to post
Share on other sites

Hi, Here is the zipped DDS file:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume1

Install Date: 5/4/2008 4:11:16 PM

System Uptime: 9/29/2012 11:13:10 PM (1 hours ago)

.

Motherboard: Quanta | | 30EA

Processor: AMD Athlon 64 X2 Dual-Core Processor TK-57 | Socket S1 | 800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 101 GiB total, 20.831 GiB free.

D: is FIXED (NTFS) - 11 GiB total, 1.876 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

7-Zip 9.20

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 11 ActiveX

Adobe Photoshop 6.0

Adobe Reader X (10.1.4)

Adobe Shockwave Player

AIM 6

Atheros Driver Installation Program

Cards_Calendar_OrderGift_DoMorePlugout

CCleaner

Cisco WebEx Meetings

Compatibility Pack for the 2007 Office system

Conexant HD Audio

Defraggler

DVD Suite

EPSON Scan

EPSON Stylus NX400 Series Printer Uninstall

GoToMeeting 4.1.0.366

Hauppauge WinTV 7

HDAUDIO Soft Data Fax Modem with SmartCP

Hewlett-Packard Active Check

Hewlett-Packard Asset Agent for Health Check

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Customer Experience Enhancements

HP Doc Viewer

HP DVD Play 3.6

HP Easy Setup - Frontend

HP Help and Support

HP Photosmart Essential 2.5

HP Quick Launch Buttons 6.40 B2

HP Smart Web Printing

HP Total Care Advisor

HP User Guides 0091

HP Wireless Assistant

HPNetworkAssistant

HPPhotoSmartDiscLabel_PaperLabel

HPPhotoSmartDiscLabel_PrintOnDisc

HPPhotoSmartDiscLabel_Tattoo

HPPhotoSmartDiscLabelContent1

hpphotosmartdisclabelplugin

HPPhotoSmartPhotobookHolidayPack1

HPPhotoSmartPhotobookModernPack1

HPPhotoSmartPhotobookPlayfulPack1

HPPhotoSmartPhotobookScrapbookPack1

HPPhotoSmartPhotobookWebPack1

Icon Restore 1.0

Java 7 Update 7

Java Auto Updater

JetMP3

Keynote Mobile Internet Testing Environment 3

LabelPrint

Malwarebytes Anti-Malware version 1.65.0.1400

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Professional Edition 2003

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Compact 3.5 Design Tools ENU

Microsoft SQL Server Compact 3.5 ENU

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual Basic 2008 Express Edition - ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework

Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32

Microsoft Works

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSDN Library for Microsoft Visual Studio 2008 Express Editions

MSVCRT Redists

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NetWaiting

NVIDIA Drivers

Power2Go

PowerDirector

PSSWCORE

QuickPlay SlingPlayer 0.4.6

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Synaptics Pointing Device Driver

TClockEx

TeamViewer 7

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC Runtimes MSI

VideoToolkit01

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Watchtower Library 2001 - English Edition

WeatherBug Gadget

Windows 7 Upgrade Advisor

Windows Movie Maker 2.6

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Here is the real DDS - thank you for your patience!

File 1

.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2

Run by Carol at 10:27:42 on 2012-10-03

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3262.1773 [GMT -4:00]

.

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\astsrv.exe

C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\WinTV\WinTV7\WinTVTray.exe

C:\Windows\System32\Macromed\Shockwave 10\SwHelper_1020023.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\wermgr.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

uRun: [TClockEx] c:\program files\tclockex\TCLOCKEX.EXE

uRunOnce: [shockwave Updater] "c:\windows\system32\macromed\shockwave 10\SwHelper_1020023.exe" -Update -1020023 -iexplore.exe9.0

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"

mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe

mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzgyNDkzMzAzLVhPMTArMi1RSVgxKzQtRjEwTTEwRCsxLVgyMDEwKzItRkwxMCsxLUNJUCsyLUREVCs1MDYyNi1ERDEwRisxLVNUMTBGQVBQKzEtTDEwTSsxLUYxME0xMkFOKzIyLUYxME0xMkErMS1GMTBNMTJBQisxLVUxMCsxLVNUMTJGT0krMS1GMTBNMTJBVSsxLUVVTEErMS1TVDEyRkFQUCsxLVNURjEwTTEyQVVGKzE"&"prod=90"&"ver=2012.0.1831"&"mid=2f5e155032c547d6a51ed1572eb0a5f4-67a770033ab46c38be4f16cb6e0539da3b11bf91

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autostart ir.lnk - c:\program files\wintv\Ir.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wintv recording status..lnk - c:\program files\wintv\wintv7\WinTVTray.exe

uPolicies-explorer: NoInstrumentation = 1

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7}

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{5BDA6017-34CF-4407-A303-0315F31DBA14} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{AFF8AD68-D2A5-4A7C-BBF2-ED461B9A885C} : DhcpNameServer = 192.168.1.1

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\carol\appdata\roaming\mozilla\firefox\profiles\n1e4bns6.default\

FF - prefs.js: browser.startup.homepage - about:blank

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrl.1.0.20926.0.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 HauppaugeTVServer;HauppaugeTVServer;c:\program files\wintv\tvserver\HauppaugeTVServer.exe [2011-12-16 562176]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-15 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-19 676936]

R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2011-11-29 2916736]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-19 22856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-7 113120]

S3 MxL111SF_AVS_USB;Hauppauge WinTV-Aero-M;c:\windows\system32\drivers\hcwC6bda.sys [2011-12-16 85248]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-09-14 19:17:15 -------- d-----w- c:\users\carol\appdata\roaming\Keynote Systems

2012-09-14 18:30:36 -------- d-----w- c:\users\carol\61C5E499539F4A7E9C554844AA2E0654.TMP

2012-09-14 16:14:32 -------- d-----w- c:\users\carol\appdata\roaming\Keynote

2012-09-14 16:12:46 -------- d-----w- c:\program files\Keynote Systems

2012-09-05 05:04:05 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

==================== Find3M ====================

.

2012-09-07 21:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-05 04:59:42 821736 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-08-29 21:55:20 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-29 21:55:20 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-29 19:18:09 746984 ----a-w- c:\windows\system32\deployJava1.dll

.

============= FINISH: 10:28:19.12 ===============

File 2

.

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume1

Install Date: 5/4/2008 4:11:16 PM

System Uptime: 10/3/2012 9:50:22 AM (1 hours ago)

.

Motherboard: Quanta | | 30EA

Processor: AMD Athlon 64 X2 Dual-Core Processor TK-57 | Socket S1 | 800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 101 GiB total, 54.189 GiB free.

D: is FIXED (NTFS) - 11 GiB total, 1.876 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

7-Zip 9.20

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 11 ActiveX

Adobe Photoshop 6.0

Adobe Reader X (10.1.4)

Adobe Shockwave Player

AIM 6

Atheros Driver Installation Program

Cards_Calendar_OrderGift_DoMorePlugout

CCleaner

Cisco WebEx Meetings

Compatibility Pack for the 2007 Office system

Conexant HD Audio

Defraggler

DVD Suite

EPSON Scan

EPSON Stylus NX400 Series Printer Uninstall

GoToMeeting 4.1.0.366

Hauppauge WinTV 7

HDAUDIO Soft Data Fax Modem with SmartCP

Hewlett-Packard Active Check

Hewlett-Packard Asset Agent for Health Check

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Customer Experience Enhancements

HP Doc Viewer

HP DVD Play 3.6

HP Easy Setup - Frontend

HP Help and Support

HP Photosmart Essential 2.5

HP Quick Launch Buttons 6.40 B2

HP Smart Web Printing

HP Total Care Advisor

HP User Guides 0091

HP Wireless Assistant

HPNetworkAssistant

HPPhotoSmartDiscLabel_PaperLabel

HPPhotoSmartDiscLabel_PrintOnDisc

HPPhotoSmartDiscLabel_Tattoo

HPPhotoSmartDiscLabelContent1

hpphotosmartdisclabelplugin

HPPhotoSmartPhotobookHolidayPack1

HPPhotoSmartPhotobookModernPack1

HPPhotoSmartPhotobookPlayfulPack1

HPPhotoSmartPhotobookScrapbookPack1

HPPhotoSmartPhotobookWebPack1

Icon Restore 1.0

Java 7 Update 7

Java Auto Updater

JetMP3

Keynote Mobile Internet Testing Environment 3

LabelPrint

Malwarebytes Anti-Malware version 1.65.0.1400

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Professional Edition 2003

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Compact 3.5 Design Tools ENU

Microsoft SQL Server Compact 3.5 ENU

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual Basic 2008 Express Edition - ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework

Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32

Microsoft Works

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSDN Library for Microsoft Visual Studio 2008 Express Editions

MSVCRT Redists

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NetWaiting

NVIDIA Drivers

Power2Go

PowerDirector

PSSWCORE

QuickPlay SlingPlayer 0.4.6

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Synaptics Pointing Device Driver

TClockEx

TeamViewer 7

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC Runtimes MSI

VideoToolkit01

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Watchtower Library 2001 - English Edition

WeatherBug Gadget

Windows 7 Upgrade Advisor

Windows Movie Maker 2.6

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hmmm that didn't show what I was hoping.

Let's try disabling WER and see if that stops the issue.

Click Start --> Control Panel --> Classic View --> Problem Reports and Solutions --> Change Settings --> Advanced Settings --> Click the button next to Off. --> OK --> OK.

Reboot.

Delete the WER folder. Empty the Recycle Bin.

Reboot once more.

Open Defraggler. Click Analyze. Take a screenshot of the report. Sort by file size and not number of fragments.

Post the screenshot(s) here. Run a defragment. Reboot. Do another analysis and post the report here.

Share this post


Link to post
Share on other sites

It usually shows a recent summary of the Event Viewer logs.

Then again, it sort of makes sense since we've been deleting the error logs. Proceed with the instructions above. :)

Share this post


Link to post
Share on other sites

These are the people:

FTC Takes Aim at Tech Support Scareware Scams

By Jeffrey Burt

The agency puts a halt to six such tech support cons, part of a larger effort to stop phony tech support companies from scamming consumers.

The Federal Trade Commission is expanding its efforts against online scammers who aim to con people into buying unneeded antivirus software and services by falsely telling them that their PCs are infected with malware.

The FTC has filed charges against six companies involved in tech support scams; they allegedly ran “scareware” schemes on tens of thousands of victims, and a U.S. District Court judge—at the agency’s request—ordered a stop to the scams and froze the assets of the companies involved in the scams. The orders against the companies—most of them based in India—come a day after the final defendant in another scareware case was ordered to pay $163 million in restitution.

Though unrelated, the companies involved in the cases ran familiar scams: Using either telemarketing calls or online ads, the companies would falsely convince victims that their computers were riddled with malware. The scammers would then trick the victims to buying antivirus software to get rid of the nonexistent malware.

In the most recent investigation, the FTC said Oct. 3 that it targeted 14 companies and 17 individual defendants. Among those targeted were Pecon Software, Finmaestros, Zeal IT Solutions, Virtual PC Solutions, Lakshmi Infosoul Services and PCCare247, along with individual defendants in each case.

According to the federal agency, five of the scammers would contact victims through telemarketing calls, with the sixth using Google ads that would appear when consumers searched the Web looking for the tech support phone numbers of their computer companies.

The scammers, once they had the consumers on the phone, would say they were with such legitimate tech companies as Dell, Microsoft, McAfee and Norton, and that they had detected malware on their systems. They then would charge the victims hundreds of dollars, saying they would remotely access the computers and fix them.

They targeted consumers in English-speaking countries, including the United States, the U.K., Canada, Australia and Ireland.

FTC Chairman Jon Leibowitz said in a statement that the agency has been aggressive in pursuing such tech support scam cases, and that the latest companies “have taken scareware to a whole other level of virtual mayhem.”

In those tech support cons, the scammers would point victims to a utility area of their computer, telling them that that indicated the presence of malware in the systems. They then would offer to rid the systems of the viruses for fees of $49 to $450. Once the consumers agreed, they were directed to a Website to enter a code or download software that enabled the scammers to remotely access the systems, according to the FTC.

Once inside the computer, they acted as though they were removing malware and then downloaded what would otherwise be free programs.

According to the FTC, the scammers tried to avoid detection by using virtual offices that turned out to be mail-forwarding operations, and by using 80 disparate domain names and 130 different phone numbers.

The companies were charged with violating the FTC Act through deceptive commercial practices. They also were charged with violating the Telemarketing Sales Rule and illegally calling numbers listed on the Do Not Call Registry.

According to Bloomberg, the court froze $180,000 in assets.

The day before, a federal court issued a judgment of $163 million against a person involved with another tech support scareware scam from a case dating back to 2008. FTC officials said that scam involved more than a million consumers who were tricked into buying software to remove malware that was not on their computers.

The scammers used online ads that showed consumers a system scan that supposedly indicated there were malicious files on their computers. The scans would prompt the victims to buy the scammers’ antivirus software for $40 to $60 to get rid of the malware.

A U.S. District Court in Maryland ordered a halt to the scheme in 2008, and through a settlement in 2011, a father and son were ordered to pay $8.2 million in restitution. Two other defendants settled the charges against them, and default judgments were issued against three others.

Kristy Ross was the last of the defendants in the case, and along with the $163 million judgment, the court also prohibited her from selling security software or any other software that interferes with consumers using their computers. She also was banned from any form of deceptive marketing.

- http://www.eweek.com/security/ftc-takes-aim-at-tech-support-scareware-scams/

US, Australia, Ireland - that is what I concluded on research!

Share this post


Link to post
Share on other sites

@ Chris, If I have Notepad open with text I didn't save, if I am signed into Gmail, if I have a form halfway filled out in a browser window, it all comes back EXACTLY the way I had it. I'm still signed into gmail; the text I didn't save is still there; the form halfway filled out, I don't have to start over. That is, when the laptop crashes or goes into sleep mode.

40 IE9 browser windows; Photoshop, KeynoteMite, Windows Taskbar, one documents folder. It's all back, because this is Vista operating system. I like it this way.

When you or other people have to reboot from crash, you have to start all over, opening up browser windows. Anything started but not saved, like on Photoshop, or a text document, doesn't come back . . .

We cracked the Vista code! I coudn't have done it without you. Defraggler likely takes double the time - 7 hours, instead of 3 1/2 - but that's no big deal . . . Run it over night!

My laptop is fast and fierce right now. When I run the battery down daily, which I must, everything comes back beautifully!

Thank you very much! You helped me not only get rid of malware and adware, but helped me pinpoint what is making my computer run slow! I praised you to the skies with my support reps at Fluid! They are the ones who told me about Malwarebytes!

You don't know what it's like to be poor. I have to run the battery down - can't afford another! However, I will visit Malwarebytes first and purchase a malwarebytes as soon as I am able - thanx! :D

Share this post


Link to post
Share on other sites

Louise,

When you run your battery down, it's going into Sleep or Hibernate mode. This isn't "crashing;" this is normal behavior that all operating systems do to protect themselves from damage..

I posted instructions in Post #166. Please follow them..

Share this post


Link to post
Share on other sites

My laptop is running great: fast, accurate, everything accurately restored in case of sleep mode or the battery runs down. My computer before this was not dual core, and had only 1GB of RAM, plus it was noisy - had to wear earplugs! So, this laptop - now that I deleted gigs of programs and files that are on the borrowed laptop, and got rid of the adware and malware on account of you, and figured out the WER, is a major improvement over my last harddrive! Plus, it runs quiet.

Hmmm that didn't show what I was hoping.

Let's try disabling WER and see if that stops the issue.

The WER isn't the set of files that allows everything to appear exactly as on before sleep mode, or crash mode, Including files I didn't save myself? I like that feature!

Click Start --> Control Panel --> Classic View --> Problem Reports and Solutions --> Change Settings --> Advanced Settings --> Click the button next to Off. --> OK --> OK.

Reboot.

Delete the WER folder. Empty the Recycle Bin.

I could delete ALL the files in ReportQueue, EXCEPT one, while the laptop is running. Therefore, I don't think I can delete the folder, ReportQueue, or the WER folder . . . Does the WER folder contain the files of what I was working on, saved and unsaved? I like that feature - I don't want to lose it indefinitely, if I delete the WER folder.

But, I trust you you're not just running an experiment on my laptop to satisfy your curiosity, at risk of losing the ability to RESTORE ALL PROGRAMS AND FILES TO EXACTLY WHERE THEY WERE BEFORE LOSS OF POWER, which feature I like.

Reboot once more.

Open Defraggler. Click Analyze. Take a screenshot of the report. Sort by file size and not number of fragments.

Post the screenshot(s) here. Run a defragment. Reboot. Do another analysis and post the report here.

Here goes nothing!

Share this post


Link to post
Share on other sites

Hi Louise,

No, WER has nothing to do with your computer resuming from standby.

If you're happy with how things are, then there's no real point in doing anything more. :)

Let me know if there's anything else I can help you with.

Share this post


Link to post
Share on other sites

Hi Chris, You've done alot - thanx so much! This thread must take the record for length, time, and # of posts! :)

As a matter of fact, I just ran an analysis on Defraggler, and this is the result [screenshot].

post-96106-0-15492300-1350387282.jpg

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.