Jump to content

Recommended Posts

  • Root Admin

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.
Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2

Run by Daniel at 8:16:11 on 2013-12-14

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2038.590 [GMT -5:00]

.

AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\authServer.exe

C:\Program Files\AVG\AVG2014\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

C:\Windows\system32\lxdxcoms.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Nero\Update\NASvc.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Apoint2K\Apoint.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe

C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files\Microsoft Device Center\itype.exe

C:\Program Files\Microsoft Device Center\ipoint.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Program Files\CE\CovenantEyes.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Logitech\Vid HD\Vid.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Garmin\Express Tray\ExpressTray.exe

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\CE\CovenantEyesHelper.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k HsfXAudioService

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com

mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html

mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com

mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll

TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [Google Update] "c:\users\daniel\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [GarminExpressTrayApp] "c:\program files\garmin\express tray\ExpressTray.exe"

uRun: [ROC_ROC_APR2013_AV] c:\users\daniel\appdata\roaming\avg april 2013 campaign\AVG-Secure-Search-Update.exe /PROMPT --mid c0d4991b4b0647d08092d157aa745380-dfbadb67cf3b080ee30d8d47c69b05751662eb3b --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013

uRun: [AVG-Secure-Search-Update_0913a] c:\users\daniel\appdata\roaming\avg 0913a campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid c0d4991b4b0647d08092d157aa745380-dfbadb67cf3b080ee30d8d47c69b05751662eb3b --CMPID 0913a

uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [lxdxmon.exe] "c:\program files\lexmark 3600-4600 series\lxdxmon.exe"

mRun: [lxdxamon] "c:\program files\lexmark 3600-4600 series\lxdxamon.exe"

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide

mRun: [NBAgent] "c:\program files\nero\nero 10\nero backitup\NBAgent.exe" /WinStart

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [intelliType Pro] "c:\program files\microsoft device center\itype.exe"

mRun: [intelliPoint] "c:\program files\microsoft device center\ipoint.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY

mRun: [NMSVC] c:\program files\ce\CovenantEyes.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\users\daniel\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\daniel\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\users\daniel\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE

uPolicies-Explorer: _NoDriveTypeAutoRun = dword:149

uPolicies-Explorer: NoDriveTypeAutoRun = dword:149

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

LSP: CESpy.dll

Trusted Zone: $talisma_url$

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

   If you wish to scan all of them, select the 'Force scan all domains' option.

.

TCP: NameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{11E0FDEF-086B-47EC-BA8B-CDE63273FF4A} : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{430DDBEB-B34F-424C-9B07-0B5D08CF7F73} : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{430DDBEB-B34F-424C-9B07-0B5D08CF7F73}\B465343434166656 : DHCPNameServer = 10.50.2.3 10.50.2.9

TCP: Interfaces\{430DDBEB-B34F-424C-9B07-0B5D08CF7F73}\B4653434B496E676845616C64786 : DHCPNameServer = 10.50.2.3 10.50.2.9

TCP: Interfaces\{430DDBEB-B34F-424C-9B07-0B5D08CF7F73}\D656469616C696E6B6 : DHCPNameServer = 209.18.47.61 209.18.47.62

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: aa3b12e2517 - c:\windows\system32\devmgr32.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\822\G2AWinLogon.dll

Notify: GoToAssist Express Customer - c:\program files\citrix\gotoassist express customer\136\g2ax_winlogon.dll

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

Hosts: 127.0.0.1  www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\daniel\appdata\roaming\mozilla\firefox\profiles\hcy2kz4m.default-1379639410700\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - ewtn.com

FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll

FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll

FF - plugin: c:\users\daniel\appdata\local\citrix\plugins\104\npappdetector.dll

FF - plugin: c:\users\daniel\appdata\local\google\update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: c:\users\daniel\appdata\roaming\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\users\daniel\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\daniel\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\users\daniel\appdata\roaming\mozilla\plugins\npo1d.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll

FF - ExtSQL: 2013-11-18 13:44; spam@trashmail.net; c:\users\daniel\appdata\roaming\mozilla\firefox\profiles\hcy2kz4m.default-1379639410700\extensions\spam@trashmail.net.xpi

FF - ExtSQL: !HIDDEN! 2012-03-15 00:40; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 147768]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]

R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 209176]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22840]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-10-31 176952]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]

R1 NEOFLTR_700_16499;Juniper Networks TDI Filter Driver (NEOFLTR_700_16499);c:\windows\system32\drivers\NEOFLTR_700_16499.SYS [2011-6-17 84336]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]

R2 Auth Service;Auth Service;c:\windows\system32\authServer.exe [2013-5-7 1633280]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]

R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-8 250712]

R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]

R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]

R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-11-25 687400]

R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2012-1-18 450848]

R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2012-3-15 227896]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-7-25 162672]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-12-11 108032]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-12-13 40776]

S3 rcmirror;rcmirror;c:\windows\system32\drivers\rcmirror.sys [2008-10-8 3328]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-15 1343400]

S4 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdxserv.exe [2010-1-10 94208]

.

=============== File Associations ===============

.

FileExt: .txt: Applications\WINWORD.EXE="c:\program files\microsoft office\office14\WINWORD.EXE" /n "%1" [userChoice] [default=edit - 'Open' doesn't exist]

.

=============== Created Last 30 ================

.

2013-12-13 22:15:24     26840 ----a-w-    c:\windows\system32\drivers\GEARAspiWDM.sys

2013-12-13 22:11:42     --------    d-----w-    c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-12-13 12:26:36     40776 ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys

2013-12-11 19:59:33     --------    d-----w-    c:\users\daniel\appdata\local\Apple

2013-12-11 19:59:01     --------    d-----w-    c:\users\daniel\appdata\local\Apple Computer

2013-12-11 09:32:30     9272200     ----a-w-    c:\windows\system32\FlashPlayerInstaller.exe

2013-12-11 08:04:24     12625408    ----a-w-    c:\windows\system32\wmploc.DLL

2013-12-11 08:04:23     164864      ----a-w-    c:\program files\windows media player\wmplayer.exe

2013-12-11 05:15:28     301568      ----a-w-    c:\windows\system32\msieftp.dll

2013-12-11 05:15:28     159232      ----a-w-    c:\windows\system32\imagehlp.dll

2013-12-11 05:15:27     163840      ----a-w-    c:\windows\system32\scrrun.dll

2013-12-11 05:15:27     141824      ----a-w-    c:\windows\system32\wscript.exe

2013-12-11 05:15:27     126976      ----a-w-    c:\windows\system32\cscript.exe

2013-12-11 05:15:27     121856      ----a-w-    c:\windows\system32\wshom.ocx

2013-12-11 05:15:26     417792      ----a-w-    c:\windows\system32\WMPhoto.dll

2013-12-11 05:15:24     2048  ----a-w-    c:\windows\system32\tzres.dll

2013-12-11 05:15:19     81408 ----a-w-    c:\windows\system32\drivers\drmk.sys

2013-12-11 05:15:19     2349056     ----a-w-    c:\windows\system32\win32k.sys

2013-12-11 05:15:19     177152      ----a-w-    c:\windows\system32\drivers\portcls.sys

2013-12-10 20:35:07     --------    d-----w-    c:\users\daniel\appdata\local\Adobe

2013-12-10 04:54:50     --------    d-----w-    c:\users\daniel\appdata\roaming\Malwarebytes

2013-12-10 04:54:24     --------    d-----w-    c:\programdata\Malwarebytes

2013-12-10 04:54:21     22856 ----a-w-    c:\windows\system32\drivers\mbam.sys

2013-12-10 04:54:21     --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware

2013-12-10 04:53:51     --------    d-----w-    c:\users\daniel\appdata\local\Programs

2013-12-03 11:44:59     97880 ----a-w-    c:\program files\internet explorer\pdmproxy100.dll

2013-11-21 21:59:52     --------    d-----w-    C:\$WINDOWS.~BT

.

==================== Find3M  ====================

.

2013-12-11 09:32:33     71048 ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl

2013-12-11 09:32:33     692616      ----a-w-    c:\windows\system32\FlashPlayerApp.exe

2013-12-03 11:44:59     13312 ----a-w-    c:\windows\system32\mshta.exe

2013-12-03 11:44:58     61952 ----a-w-    c:\windows\system32\MshtmlDac.dll

2013-12-03 11:44:57     36352 ----a-w-    c:\windows\system32\imgutil.dll

2013-12-03 11:44:57     111616      ----a-w-    c:\windows\system32\IEAdvpack.dll

2013-12-03 11:44:56     86016 ----a-w-    c:\windows\system32\iesysprep.dll

2013-12-03 11:44:56     74240 ----a-w-    c:\windows\system32\SetIEInstalledDate.exe

2013-12-03 11:44:56     48640 ----a-w-    c:\windows\system32\mshtmler.dll

2013-11-26 09:23:02     2724864     ----a-w-    c:\windows\system32\mshtml.tlb

2013-11-26 09:22:11     4096  ----a-w-    c:\windows\system32\ieetwcollectorres.dll

2013-11-26 08:53:56     61952 ----a-w-    c:\windows\system32\iesetup.dll

2013-11-26 08:52:26     51200 ----a-w-    c:\windows\system32\ieetwproxystub.dll

2013-11-26 08:29:55     112128      ----a-w-    c:\windows\system32\ieUnatt.exe

2013-11-26 08:29:52     108032      ----a-w-    c:\windows\system32\ieetwcollector.exe

2013-11-26 08:28:16     553472      ----a-w-    c:\windows\system32\jscript9diag.dll

2013-11-26 08:16:12     4243968     ----a-w-    c:\windows\system32\jscript9.dll

2013-11-26 07:32:06     1928192     ----a-w-    c:\windows\system32\inetcpl.cpl

2013-11-26 06:33:33     1820160     ----a-w-    c:\windows\system32\wininet.dll

2013-11-06 02:50:48     120600      ----a-w-    c:\windows\system32\drivers\avgdiskx.sys

2013-11-05 02:57:30     209176      ----a-w-    c:\windows\system32\drivers\avgidsdriverx.sys

2013-11-01 04:00:28     176952      ----a-w-    c:\windows\system32\drivers\avgldx86.sys

2013-11-01 03:30:08     222520      ----a-w-    c:\windows\system32\drivers\avglogx.sys

2013-10-25 03:28:32     147768      ----a-w-    c:\windows\system32\drivers\avgidshx.sys

2013-10-12 02:03:08     656896      ----a-w-    c:\windows\system32\nshwfp.dll

2013-10-12 02:01:41     679424      ----a-w-    c:\windows\system32\IKEEXT.DLL

2013-10-12 02:01:25     216576      ----a-w-    c:\windows\system32\FWPUCLNT.DLL

2013-10-08 11:50:41     94632 ----a-w-    c:\windows\system32\WindowsAccessBridge.dll

2013-10-05 19:57:25     1168384     ----a-w-    c:\windows\system32\crypt32.dll

2013-10-04 01:58:50     152576      ----a-w-      c:\windows\system32\SmartcardCredentialProvider.dll

2013-10-04 01:56:25     168960      ----a-w-    c:\windows\system32\credui.dll

2013-10-04 01:56:00     1796096     ----a-w-    c:\windows\system32\authui.dll

2013-10-03 01:58:07     305152      ----a-w-    c:\windows\system32\gdi32.dll

2013-09-25 02:01:08     136640      ----a-w-    c:\windows\system32\drivers\ksecpkg.sys

2013-09-25 02:01:06     67520 ----a-w-    c:\windows\system32\drivers\ksecdd.sys

2013-09-25 01:57:46     99840 ----a-w-    c:\windows\system32\sspicli.dll

2013-09-25 01:57:26     22016 ----a-w-    c:\windows\system32\secur32.dll

2013-09-25 01:57:24     247808      ----a-w-    c:\windows\system32\schannel.dll

2013-09-25 01:56:42     220160      ----a-w-    c:\windows\system32\ncrypt.dll

2013-09-25 01:56:02     1038848     ----a-w-    c:\windows\system32\lsasrv.dll

2013-09-25 00:49:20     22016 ----a-w-    c:\windows\system32\lsass.exe

2013-09-25 00:49:18     15872 ----a-w-    c:\windows\system32\sspisrv.dll

2013-09-17 05:57:26     22840 ----a-w-    c:\windows\system32\drivers\avgidsshimx.sys

.

============= FINISH:  8:18:14.84 ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/15/2012 1:34:44 AM
System Uptime: 12/14/2013 7:57:20 AM (1 hours ago)
.
Motherboard: Hewlett-Packard |  | 30D9
Processor: Intel® Pentium® Dual  CPU  T2390  @ 1.86GHz | CPU | 1867/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 138 GiB total, 40.164 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.997 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP290: 11/14/2013 3:00:36 AM - Windows Update
RP292: 11/18/2013 12:23:57 PM - Revo Uninstaller's restore point - Google Chrome
RP293: 11/21/2013 5:10:04 PM - Windows Update
RP294: 11/24/2013 8:58:01 PM - Garmin Express
RP295: 11/24/2013 9:01:15 PM - Garmin Express
RP296: 12/2/2013 12:25:00 PM - Scheduled Checkpoint
RP297: 12/3/2013 3:00:16 AM - Windows Update
RP298: 12/3/2013 6:42:40 AM - Windows Update
RP299: 12/10/2013 8:55:12 AM - Scheduled Checkpoint
RP300: 12/11/2013 3:00:54 AM - Windows Update
.
==== Installed Programs ======================
.
3D Tropical Fish Aquarium Screensaver
7-Zip 9.20
ABBYY FineReader 6.0 Sprint
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.2)
Adobe Reader XI (11.0.05)
Adobe Shockwave Player
Adobe Shockwave Player 11.6
Amazon MP3 Downloader 1.0.17
Animated Aquarium2 Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
Atheros Driver Installation Program
Audible Download Manager
AudibleManager
AVG 2014
Bonjour
CameraHelperMsi
Cards_Calendar_OrderGift_DoMorePlugout
Choice Guard
Citrix Online Launcher
Conexant HD Audio
Cosmo Player 2.1.1
Coupon Printer for Windows
Covenant Eyes
DaliSkin
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox
DVD Suite
EasyBits GO
Elevated Installer
erLT
Facebook Plug-In
Garmin City Navigator North America NT 2013.10 Update
Garmin Communicator Plugin
Garmin Express
Garmin Express Tray
Garmin MapInstall
Garmin POI Loader
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
GoToAssist Corporate
GoToMeeting 6.0.0.1259
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
High-Definition Video Playback
High-Definition Video Playback 10
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP DVD Play 3.6
HP Easy Setup - Frontend
HP Help and Support
HP Photosmart Essential 2.5
HP Quick Launch Buttons
HP Smart Web Printing 4.60
HP Update
HP User Guides 0093
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
Inspiration 9
Inspiration 9 PDF Driver (novaPDF 7.0 printer)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Intel® TV Wizard
iTunes
Java 7 Update 45
Java Auto Updater
Java 6 Update 2
Java 6 Update 29
Juniper Networks Secure Application Manager
Juniper Networks Setup Client
Lexmark 3600-4600 Series
Lexmark Fax Solutions
Lexmark Toolbar
Lexmark Tools for Office
LG PC Suite
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Compact Framework 2.0
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office XP Web Components
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
MobileMe Control Panel
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero Audio Pack 1
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscCopy Gadget 10
Nero DiscCopyGadget 10 Help (CHM)
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero Kwik Media
Nero MediaHub 10 Help (CHM)
Nero Multimedia Suite 10
Nero Recode 10
Nero Recode 10 Help (CHM)
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero SoundTrax 10
Nero SoundTrax 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Vision 10
Nero Vision 10 Help (CHM)
Nero WaveEditor 10
Nero WaveEditor 10 Help (CHM)
NeroKwikMedia Help (CHM)
NetWaiting
OGA Notifier 2.0.0048.0
Power2Go
PowerDirector
PSSWCORE
QLBCASL
QoS Scanner
QuickPlay SlingPlayer 0.4.6
QuickTime
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
Realtek USB 2.0 Card Reader
Revo Uninstaller 1.95
sdunload
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call
Skype™ 5.5
Skype™ 6.7
smARTupdate
SmartWebPrinting
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
SpywareBlaster 5.0
SUPERAntiSpyware
swMSM
TI Connect 1.6
TI NoteFolio Creator
TI StudyCards Creator
Touch Pad Driver
TouchNotes
Unlocker 1.8.8
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
USB Driver
VideoToolkit01
Visual CE Runtime 10.4
Visual Studio 2012 x86 Redistributables
WeatherBug Gadget
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
Windows Installer Clean Up
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Player Firefox Plugin
Yahoo! Autosync
.
==== Event Viewer Messages From Past Week ========
.
12/9/2013 7:39:43 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
12/7/2013 12:06:46 AM, Error: Microsoft-Windows-HAL [12]  - The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.
12/10/2013 6:39:11 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the hpqwmiex service to connect.
12/10/2013 6:39:11 AM, Error: Service Control Manager [7000]  - The hpqwmiex service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/10/2013 6:39:11 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service hpqwmiex with arguments "-Service" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}
12/10/2013 3:28:52 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
.
==== End Of File ===========================

Link to post
Share on other sites

I'm not sure how to set up exculsions in AVG but I don't think that's the issue I did run a full scan once without freezing  when I first downloaded it but now it freezes my computer about 2 hours in to the scan and I have to shut off the lap top to get in back on.  I'm also not sure what you mean by run a full disk check on the drive do you mean with AVG if so then yes I have and I their was no results from AVG

Link to post
Share on other sites

While Ron returns.... He meant to run a disk check on your hard drive....

 

Check your hard disk for errors
Applies to Windows Vista

 

You can help solve some computer problems and improve the performance of your computer by making sure that your hard disk has no errors.

  1. Open Computer by clicking the Start button 4f6cbd09-148c-4dd8-b1f2-48f232a2fd33_47., and then clicking Computer.

  2. Right-click the hard disk drive that you want to check, and then click Properties.

  3. Click the Tools tab, and then, under Error-checking, click Check Now. 18abb370-ac1e-4b6b-b663-e028a75bf05b_41. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

    To automatically repair problems with files and folders that the scan detects, select Automatically fix file system errors. Otherwise, the disk check will simply report problems but not fix them.

    To perform a thorough disk check, select Scan for and attempt recovery of bad sectors. This scan attempts to find and repair physical errors on the hard disk itself, and it can take much longer to complete.

    To check for both file errors and physical errors, select both Automatically fix file system errors and Scan for and attempt recovery of bad sectors.

  4. Click Start.

Depending upon the size of your hard disk, this may take several minutes. For best results, don't use your computer for any other tasks while it's checking for errors.

 

Link to post
Share on other sites

I'm not sure why I got the message windows can't check disk while its in use when I check both boxes or just check the box that said automatically fix file system errors, but anyways it did run Scan for and attempt recovery of bad sectors but anyway it just completed and said no problems were found what do I do next?

Link to post
Share on other sites

As you can tell, yes those steps will work with Windows 7. You can not run check disk when windows is running, this is way it should ask you to reboot, and then it performs a check disk before windows loads up.

Once the check disk is complete, try running a MBAM quick scan once more.

Link to post
Share on other sites

it said do you want to check for hard disk errors next time you start your computer so I click shecdule disk check and the window closed i hope that means it will check the hard disk next time I start my computer the MBAM quick scan always works its the full scan that causes my computer to freeze around 2 hours in

Link to post
Share on other sites

  • Root Admin

Running a disk check without a reboot and telling it to fix it is of no value.

 

Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.

On Windows 7 the disk check log is in the Event Logs under Application with a heading source of  Wininit

How to Run Disk Check in Windows 7

How to Read the Event Viewer Log for Check Disk (chkdsk) in Vista, Windows 7, and Windows 8
 

Please reboot and let it run and then copy/paste back the results from the Event Logs.

 

 

Then run the following.

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

Restart the computer again and try running a Full Scan with MBAM again and let me know how it goes.

Link to post
Share on other sites

TimeCreated : 12/15/2013 11:40:20 AM

Message     :

             

              Checking file system on C:

              The type of the file system is NTFS.

             

              A disk check has been scheduled.

              Windows will now check the disk.                        

             

              CHKDSK is verifying files (stage 1 of 5)...

                302080 file records processed.                                

                     

              File verification completed.

                1814 large file records processed.                            

                   

                0 bad file records processed.                                 

                

                0 EA records processed.                                       

                

                44 reparse records processed.                                 

                 

              CHKDSK is verifying indexes (stage 2 of 5)...

                368438 index entries processed.                               

                     

              Index verification completed.

                0 unindexed files scanned.                                    

                

                0 unindexed files recovered.                                  

                

              CHKDSK is verifying security descriptors (stage 3 of 5)...

                302080 file SDs/SIDs processed.                               

                     

              Cleaning up 14191 unused index entries from index $SII of file 0x

              9.

              Cleaning up 14191 unused index entries from index $SDH of file 0x

              9.

              Cleaning up 14191 unused security descriptors.

              CHKDSK is compacting the security descriptor stream

                33180 data files processed.                                   

                    

              CHKDSK is verifying Usn Journal...

                35256936 USN bytes processed.                                 

                       

              Usn Journal verification completed.

              CHKDSK is verifying file data (stage 4 of 5)...

                302064 files processed.                                       

                     

              File data verification completed.

              CHKDSK is verifying free space (stage 5 of 5)...

                9086510 free clusters processed.                              

                      

              Free space verification is complete.

              CHKDSK discovered free space marked as allocated in the

              master file table (MFT) bitmap.

              Correcting errors in the Volume Bitmap.

              Windows has made corrections to the file system.

             

               144263668 KB total disk space.

               107384684 KB in 221017 files.

                  124880 KB in 33183 indexes.

                       0 KB in bad sectors.

                  408064 KB in use by the system.

                   65536 KB occupied by the log file.

                36346040 KB available on disk.

             

                    4096 bytes in each allocation unit.

                36065917 total allocation units on disk.

                 9086510 allocation units available on disk.

             

              Internal Info:

              00 9c 04 00 01 e1 03 00 3f c8 06 00 00 00 00 00  ........?.......

              81 8b 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  ....,...........

              c8 8f 1a 00 50 01 19 00 e8 1c 19 00 00 00 19 00  ....P...........

             

              Windows has finished checking your disk.

              Please wait while your computer restarts.

Link to post
Share on other sites

Since malwarebytes has froze up my computer three times today, and I have provided all of the logs I can possibly image and I am unable to restart it other than manually rebooting, does this forum have any one have any suggestions I haven't really done anything to fix the problem other then providing logs and running TFC cleaner and then rebooting

Link to post
Share on other sites

  • Root Admin

Just hold on.  I've been out all day.

 

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.


 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.