Jump to content


Photo

some subtle changes - Merged


  • This topic is locked This topic is locked
11 replies to this topic

#1 sherill

sherill

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 24 March 2011 - 03:46 PM

sorry - this is the wrong forum....

Attached Files


Edited by sherill, 24 March 2011 - 03:48 PM.


#2 sherill

sherill

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 24 March 2011 - 04:53 PM

HP Pavilion dv6883cl
Vista 64-bit
ESET Smart Security 4

Hello,

I'm a teacher and when the IT guy came by today, I remembered to mention to him that the touch feature on the SmartBoard in my classroom stopped working, even though all the drivers and program versions are current. He looked at it, did some diagnosing and identified that the problem is my laptop and not the SmartBoard. That's when it occurred to me that I might have a problem...

Thinking back, I had noticed maybe last week or so that my task manager started opening to just the applications running window with no tabs or buttons to even close it. I just thought it was odd, but not enough to stop and check on that. (although I had every intention of doing so) - perhaps this is a symptom? There are probably twice as many apps running now as there usually is. I try to stop them, they stop and then they pop back up. Right now, there are multiple instances of several apps running, like there are two explorer.exe's running. There are also 16 instances of svchost.exe.

When I open MyComputer, sometimes it takes well over a minute to load, sometimes it pops right open like it should.

I guess the only other thing is that quite a while ago - maybe 6 months or so, my computer would hang on the same file when doing the scandisk that is part of the Vista 64bit OS. My IT guy (same fellow) told me that my hard drive was failing. Sure enough, the day came when it wouldn't start. I did lots of research and ended up reseating (is that the word?) my hard drive. Worked like a charm! I still can't do the scandisk - still hangs on that same filename, but I do do the disk cleanup and defrag regularly.

I've got a little monitor app in my sidebar that I don't remember exactly what it does, but it measures usage of something important (sorry...!) When the computer starts up, that meter will always be over 50% - maybe 60%, but will slow down as the computer finishes loading. Sometimes, it seems randomly, it will spike to as high as 97%. It averages from 9% to maybe 25%.

I also always use a cooling fan, because it can get quite hot!

I ran my ESET Smart Security 4 and it found 4 threats:
C:\Users\mom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\3df62381-36285a6a multiple threats Delete
C:\Users\mom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\6d8f4316-22081248 multiple threats Delete
C:\Users\mom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\5d65b6d7-3d6063bf multiple threats Delete
C:\Users\mom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\7ebc7b8-2e126cad multiple threats Delete

It bothers me that these files are in the Java folder..... I try to keep that updated. I did delete them. I also have the log from my ESET scan.

SpyBot found some stuff, but nothing that alarmed me, so I "fixed" them. I have that list too, if needed.

I ran a hijackthis and have NEVER had a list so HUGE!!! I can usually manage to diagnose and fix from that, but this list is daunting.

Does this sound like I've got a bug, or maybe it's just my hard drive fixing to give up the ghost? I mentioned that I'm a teacher. I teach computer applications, so I do have an understanding of how the computer works and whatnot. I thought I was being religious about who uses my computer and what they do with it, but maybe not enough?

So, what next? Thank you SO much for any advice/information in advance!

sherill

EDIT: Most of our helpers will not download files that they did not specifically request... As you might guess, many malware criminals would love to infect their computers... We allow plenty of room in a post to copy/paste your logs, so please use it rather than attaching a file unless asked... Please read the instructions at the top of each forum and our FAQ... Also, please do not start a new topic, if you post in the wrong forum, we will move your topic... Thank you...

Edited by Budfred, 24 March 2011 - 10:37 PM.


#3 duckfeet

duckfeet

    Forum Deity

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,451 posts

Posted 27 March 2011 - 12:13 AM


I'm a teacher and when the IT guy came by today, I remembered to mention to him that the touch feature on the SmartBoard in my classroom stopped working, even though all the drivers and program versions are current. He looked at it, did some diagnosing and identified that the problem is my laptop and not the SmartBoard. That's when it occurred to me that I might have a problem...

Thinking back, I had noticed maybe last week or so that my task manager started opening to just the applications running window with no tabs or buttons to even close it. I just thought it was odd, but not enough to stop and check on that. (although I had every intention of doing so) - perhaps this is a symptom? There are probably twice as many apps running now as there usually is. I try to stop them, they stop and then they pop back up. Right now, there are multiple instances of several apps running, like there are two explorer.exe's running. There are also 16 instances of svchost.exe.

When I open MyComputer, sometimes it takes well over a minute to load, sometimes it pops right open like it should.

I guess the only other thing is that quite a while ago - maybe 6 months or so, my computer would hang on the same file when doing the scandisk that is part of the Vista 64bit OS. My IT guy (same fellow) told me that my hard drive was failing. Sure enough, the day came when it wouldn't start. I did lots of research and ended up reseating (is that the word?) my hard drive. Worked like a charm! I still can't do the scandisk - still hangs on that same filename, but I do do the disk cleanup and defrag regularly.

I've got a little monitor app in my sidebar that I don't remember exactly what it does, but it measures usage of something important (sorry...!) When the computer starts up, that meter will always be over 50% - maybe 60%, but will slow down as the computer finishes loading. Sometimes, it seems randomly, it will spike to as high as 97%. It averages from 9% to maybe 25%.

I also always use a cooling fan, because it can get quite hot!

I ran my ESET Smart Security 4 and it found 4 threats:
C:\Users\mom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\3df62381-36285a6a multiple threats Delete
C:\Users\mom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\6d8f4316-22081248 multiple threats Delete
C:\Users\mom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\5d65b6d7-3d6063bf multiple threats Delete
C:\Users\mom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\7ebc7b8-2e126cad multiple threats Delete

It bothers me that these files are in the Java folder..... I try to keep that updated. I did delete them. I also have the log from my ESET scan.

SpyBot found some stuff, but nothing that alarmed me, so I "fixed" them. I have that list too, if needed.

I ran a hijackthis and have NEVER had a list so HUGE!!! I can usually manage to diagnose and fix from that, but this list is daunting.

Does this sound like I've got a bug, or maybe it's just my hard drive fixing to give up the ghost? I mentioned that I'm a teacher. I teach computer applications, so I do have an understanding of how the computer works and whatnot. I thought I was being religious about who uses my computer and what they do with it, but maybe not enough?

So, what next? Thank you SO much for any advice/information in advance!



Hello and welcome to SWI. I'm duckfeet and I'll be helping you. I'll need some other logs to see what the problem is, and, as Budfred stated above, please copy/paste the logs directly in your post, as you see others have done, rather than upload and attach. I did glance at the HijackThis log, and there are some optionals and questionable programs that probably need removing. Then we can see. So please run these scans below, and post them in your next reply.


Please download Malwarebytes' Anti-Malware from Here or
here.
Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

----


Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information.

Posted Image
Download DDS and save it to your desktop from here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two logs:
  • DDS.txt
  • Attach.txt
Save both reports to your desktop.

Please post the contents of the DDS.txt log in your next reply. We need it to diagnose and fix malware problems - we may ask for Attach.txt later.

----


Please download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.

----

Please post the requested logs in your next reply and let me know how your computer is running now.

Edited by duckfeet, 27 March 2011 - 12:18 AM.

My help is free. However, Donations in support of this website are always appreciated!

#4 sherill

sherill

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 28 March 2011 - 06:33 PM

After running these scans, my task manager still opens to just the programs list with not tabs and no way to close it (using escape). The list is just WAY more "programs" running than normal. "My Computer" also took about 30 seconds to load before it showed me my directory structure.
So, on to the logs:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org


Database version: 6160

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

3/28/2011 5:58:47 PM
mbam-log-2011-03-28 (17-58-47).txt

Scan type: Quick scan
Objects scanned: 170978
Time elapsed: 4 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\SOLWIN16.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\program files\SOLWINCB.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\program files\SOLWINGR.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.


DDS log
.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by mom at 18:10:42.63 on Mon 03/28/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4093.2090 [GMT -5:00]
.
AV: ESET Smart Security 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET Smart Security 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~2\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Aware.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Marker.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\mom\Desktop\dds.com
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
BHO: {b922d405-6d13-4a2b-ae89-08a030da4402} - pdfforge Toolbar
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} -
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Google Update] "C:\Users\mom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [SMART Board Service] C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe
mRun: [SMART SNMP Agent] C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Share-to-Web Namespace Daemon] "C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SMARTB~1.LNK - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} -
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [IAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
mRun-x64: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
mRun-x64: [RtHDVCpl] RAVCpl64.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\mom\AppData\Roaming\Mozilla\Firefox\Profiles\us8nf5aw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/|http://fwafatech.net/1011_7th.php|https://snapgrades.com/login/index.php
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - component: C:\Users\mom\AppData\Roaming\Mozilla\Firefox\Profiles\us8nf5aw.default\extensions\capturefoxmovie@advancity.net\components\capturefoxxpi_win32.dll
FF - component: C:\Users\mom\AppData\Roaming\Mozilla\Firefox\Profiles\us8nf5aw.default\extensions\ChunkIt@tigerlogic.com\components\TLChunkIt.dll
FF - component: C:\Users\mom\AppData\Roaming\Mozilla\Firefox\Profiles\us8nf5aw.default\extensions\ChunkIt@tigerlogic.com\components\TLPreferences.dll
FF - component: C:\Users\mom\AppData\Roaming\Mozilla\Firefox\Profiles\us8nf5aw.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\NPSibelius.dll
FF - plugin: C:\Program Files (x86)\Opera\program\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\Photosynth\npPhotosynthMozilla.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\mom\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\mom\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll
FF - plugin: C:\Users\mom\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: C:\Users\mom\AppData\Roaming\Mozilla\Firefox\Profiles\us8nf5aw.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: C:\Users\mom\AppData\Roaming\Mozilla\Firefox\Profiles\us8nf5aw.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: SMART Notebook Extension: {D6D05E6F-D5C1-4e03-8E33-73F92B05E262} - C:\Program Files (x86)\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Diigo Toolbar: {fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3} - %profile%\extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}
FF - Ext: Capture Fox: capturefoxmovie@advancity.net - %profile%\extensions\capturefoxmovie@advancity.net
FF - Ext: Link Evaluator: {2d4271b9-cc9f-4f37-8b1e-340293eacd5c} - %profile%\extensions\{2d4271b9-cc9f-4f37-8b1e-340293eacd5c}
FF - Ext: Right-Click-Link: {AA6F0803-145A-4200-8E5E-68898D02B5B3} - %profile%\extensions\{AA6F0803-145A-4200-8E5E-68898D02B5B3}
FF - Ext: Site Information Tool: siteinfo@wmtips - %profile%\extensions\siteinfo@wmtips
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Zotero: zotero@chnm.gmu.edu - %profile%\extensions\zotero@chnm.gmu.edu
FF - Ext: Cooliris: piclens@cooliris.com - %profile%\extensions\piclens@cooliris.com
FF - Ext: Zemanta: firefox@zemanta.com - %profile%\extensions\firefox@zemanta.com
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: TigerLogic yolink: ChunkIt@tigerlogic.com - %profile%\extensions\ChunkIt@tigerlogic.com
FF - Ext: Move Media Player: moveplayer@movenetworks.com - C:\Users\mom\AppData\Roaming\Move Networks
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2010-3-6 53488]
R1 ehdrv;ehdrv;C:\WINDOWS\System32\drivers\ehdrv.sys [2009-9-11 136584]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-9-11 735960]
R2 epfwwfp;epfwwfp;C:\WINDOWS\System32\drivers\epfwwfp.sys [2009-9-11 44944]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-7-24 118272]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\WINDOWS\System32\drivers\NETw5v64.sys [2008-11-17 4751360]
R3 SMARTMouseFilterx64;HID-compliant mouse;C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [2010-11-19 13168]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device;C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [2010-11-19 16368]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC;C:\WINDOWS\System32\drivers\SMARTVTabletPCx64.sys [2010-11-19 24432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-6 135664]
S3 NETw4v64;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit;C:\WINDOWS\System32\drivers\NETw4v64.sys [2007-10-31 3197440]
S3 PerfHost;Performance Counter DLL Host;C:\WINDOWS\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-6-13 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-03-25 13:26:36 8424784 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{BE629F84-2AFA-4F90-9413-8758F1489CF9}\mpengine.dll
2011-03-24 22:49:01 -------- d-----w- C:\Users\mom\scanLogs
2011-03-24 21:21:05 -------- d-----w- C:\Users\mom\AppData\Roaming\Malwarebytes
2011-03-24 21:20:55 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-24 21:20:54 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-24 21:20:51 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-03-24 21:20:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-23 18:35:19 1149440 ----a-w- C:\Windows\System32\FntCache.dll
2011-03-23 18:35:18 479744 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-03-23 18:35:18 288768 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-03-23 18:35:18 1555968 ----a-w- C:\Windows\System32\DWrite.dll
2011-03-23 18:35:18 1068544 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-03-19 20:55:28 -------- d-----w- C:\Users\mom\AppData\Local\{2C641E63-212A-4DC6-B6F9-74D8FBEBB0CD}
2011-03-19 20:55:28 -------- d-----w- C:\Users\mom\AppData\Local\{08FE6C23-0CDD-4456-82CC-90FEC277DEFA}
2011-03-09 14:16:32 2425344 ----a-w- C:\Windows\System32\mstscax.dll
2011-03-09 14:16:31 731136 ----a-w- C:\Windows\System32\mstsc.exe
2011-03-09 14:16:31 677888 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-03-09 14:16:31 2067968 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-03-09 14:16:30 559616 ----a-w- C:\Windows\System32\EncDec.dll
2011-03-09 14:16:30 429056 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-03-09 14:16:30 416768 ----a-w- C:\Windows\System32\sbe.dll
2011-03-09 14:16:29 322560 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-03-09 14:16:29 226816 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-03-09 14:16:29 210944 ----a-w- C:\Windows\System32\sbeio.dll
2011-03-09 14:16:29 177664 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-03-09 14:16:29 153088 ----a-w- C:\Windows\SysWow64\sbeio.dll
2011-03-01 20:15:45 -------- d-----w- C:\Users\mom\dwhelper
.
==================== Find3M ====================
.
2011-02-02 23:11:20 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-01-20 16:46:10 900480 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-20 16:17:15 366592 ----a-w- C:\Windows\System32\winspool.drv
2011-01-20 16:17:03 625152 ----a-w- C:\Windows\System32\dxgi.dll
2011-01-20 16:16:53 287232 ----a-w- C:\Windows\System32\d3d10core.dll
2011-01-20 16:16:52 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-01-20 16:16:52 196096 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-01-20 16:16:52 1268224 ----a-w- C:\Windows\System32\d3d10.dll
2011-01-20 16:16:47 748544 ----a-w- C:\Windows\System32\stobject.dll
2011-01-20 16:16:40 47104 ----a-w- C:\Windows\System32\cdd.dll
2011-01-20 16:16:10 3548672 ----a-w- C:\Windows\System32\mf.dll
2011-01-20 16:16:08 35840 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll
2011-01-20 16:14:49 278528 ----a-w- C:\Windows\System32\mfplat.dll
2011-01-20 16:14:49 195072 ----a-w- C:\Windows\System32\mfps.dll
2011-01-20 16:08:16 478720 ----a-w- C:\Windows\SysWow64\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- C:\Windows\SysWow64\d3d10.dll
2011-01-20 16:07:42 258048 ----a-w- C:\Windows\SysWow64\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- C:\Windows\SysWow64\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- C:\Windows\SysWow64\mf.dll
2011-01-20 16:04:54 98816 ----a-w- C:\Windows\SysWow64\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- C:\Windows\SysWow64\mfplat.dll
2011-01-20 15:01:50 3068416 ----a-w- C:\Windows\System32\xpsservices.dll
2011-01-20 15:01:09 1653760 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-20 14:59:59 1032192 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe
2011-01-20 14:58:38 1461760 ----a-w- C:\Windows\System32\OpcServices.dll
2011-01-20 14:57:28 231936 ----a-w- C:\Windows\System32\XpsRasterService.dll
2011-01-20 14:42:00 1257984 ----a-w- C:\Windows\System32\MFH264Dec.dll
2011-01-20 14:41:29 428544 ----a-w- C:\Windows\System32\MFHEAACdec.dll
2011-01-20 14:40:17 345088 ----a-w- C:\Windows\System32\mfreadwrite.dll
2011-01-20 14:40:14 34304 ----a-w- C:\Windows\System32\mfpmp.exe
2011-01-20 14:40:11 377344 ----a-w- C:\Windows\System32\mfmp4src.dll
2011-01-20 14:37:06 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll
2011-01-20 14:35:30 566272 ----a-w- C:\Windows\System32\d3d10level9.dll
2011-01-20 14:28:38 1554432 ----a-w- C:\Windows\SysWow64\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-20 14:25:25 847360 ----a-w- C:\Windows\SysWow64\OpcServices.dll
2011-01-20 14:24:26 135680 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- C:\Windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- C:\Windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- C:\Windows\SysWow64\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2011-01-20 14:06:15 834048 ----a-w- C:\Windows\System32\d2d1.dll
2011-01-20 13:47:51 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-01-08 09:03:01 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-08 08:47:50 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-08 06:45:51 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-08 06:28:49 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-12-31 14:16:41 2757632 ----a-w- C:\Windows\System32\win32k.sys
2008-10-09 01:28:43 1308216 ----a-w- C:\Program Files (x86)\HijackThis_61608.exe
1998-11-13 16:22:42 1032208 ----a-w- C:\Program Files\SOLWIN.EXE
1997-02-26 15:26:24 132640 ----a-w- C:\Program Files\EREGUI16.DLL
1997-02-26 14:57:42 20192 ----a-w- C:\Program Files\REG.EXE
1996-08-13 15:04:52 75696 ----a-w- C:\Program Files\EREG1601.DLL
1996-07-01 13:07:34 128 ----a-w- C:\Program Files\EREG.BIN
.
============= FINISH: 18:12:37.11 ===============


Checkup
Results of screen317's Security Check version 0.99.10
Windows Vista (UAC is disabled!)
Out of date service pack!!
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner
Java™ 6 Update 23
Out of date Java installed!
Adobe Flash Player 10.2.152.32
Adobe Reader 9.4.2
Out of date Adobe Reader installed!
Mozilla Thunderbird (3.1.9)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSASCui.exe
Windows Defender MSASCui.exe
``````````End of Log````````````


A note, I plan to update the Java once these scans are read. I usually do that as soon as there is an update available! The last time I updated Adobe Reader, it installed some sort of tablet feature that I don't need - it was interacting with the touch feature on my SmartBoard in my class room, so I haven't updated Reader since then.

Thanks!

sherill

#5 duckfeet

duckfeet

    Forum Deity

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,451 posts

Posted 29 March 2011 - 01:52 AM

After running these scans, my task manager still opens to just the programs list with not tabs and no way to close it (using escape). The list is just WAY more "programs" running than normal. "My Computer" also took about 30 seconds to load before it showed me my directory structure.
<snip>
A note, I plan to update the Java once these scans are read. I usually do that as soon as there is an update available! The last time I updated Adobe Reader, it installed some sort of tablet feature that I don't need - it was interacting with the touch feature on my SmartBoard in my class room, so I haven't updated Reader since then.


Well, there can be lots of programs running, but in any case, you do have malware: we'll get rid of that, and then I'll have some suggestions for getting rid of unneeded programs and speeding things up. You're only one update behind in Java: that's not bad, and I'll give you a link for the latest Adobe Reader at the end, and just disregard the junk they offer along with it. First things first.

I see you have Viewpoint installed...
Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". I suggest you remove the program now. Navigate to Start --> Control Panel --> Programs and uninstall the following programs if present.
  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player
  • Viewpoint Toolbar
Let me know if you decided to uninstall it.

----

Although some consider it optional, many view Pdfforge and it's components as spyware, this spyware is installed by PDFCreator...see: wikipedia and SystemLookup for more information. If you wish to remove them, please go to Start > Control Panel > Programs and uninstall these programs, if found:
  • Pdfforge Toolbar
  • SearchSettings
  • Widgi Toolbar

----

Please download ComboFix.exe. Visit this webpage for download links, and instructions for running the tool:
how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review, and let me know how your computer is running now.
My help is free. However, Donations in support of this website are always appreciated!

#6 sherill

sherill

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 03 April 2011 - 10:59 AM

Hello duckfeet..... I hope you're still there!

I spent some time unistalling a lot of programs in addition to the Viewpoint and Pdfforge that you suggested. In the report here it shows that Google Updater is still there, but I'm pretty sure I uninstalled it.... (add/remove programs in control panel). In any case.....

ComboFix 11-04-02.05 - mom 04/03/2011 10:28:40.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4093.2366 [GMT -5:00]
Running from: c:\users\mom\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET Personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\mom\g2mdlhlpx.exe
c:\users\mom\gs864w64.exe
c:\windows\system32\AutoRun.inf
c:\windows\SysWow64\KBL.LOG
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WMPNetworkSvc
.
.
((((((((((((((((((((((((( Files Created from 2011-03-03 to 2011-04-03 )))))))))))))))))))))))))))))))
.
.
2011-04-01 19:14 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D06146E3-587C-49C6-8728-52420488B18A}\mpengine.dll
2011-03-24 22:49 . 2011-03-24 22:49 -------- d-----w- c:\users\mom\scanLogs
2011-03-24 21:21 . 2011-03-24 21:21 -------- d-----w- c:\users\mom\AppData\Roaming\Malwarebytes
2011-03-24 21:20 . 2010-12-20 23:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-24 21:20 . 2011-03-24 21:20 -------- d-----w- c:\programdata\Malwarebytes
2011-03-24 21:20 . 2011-03-24 21:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-24 21:20 . 2010-12-20 23:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-23 18:35 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 18:35 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 18:35 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-23 18:35 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 18:35 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-19 20:55 . 2011-03-19 20:55 -------- d-----w- c:\users\mom\AppData\Local\{2C641E63-212A-4DC6-B6F9-74D8FBEBB0CD}
2011-03-19 20:55 . 2011-03-19 20:55 -------- d-----w- c:\users\mom\AppData\Local\{08FE6C23-0CDD-4456-82CC-90FEC277DEFA}
2011-03-09 14:16 . 2010-12-17 17:34 2425344 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 14:16 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-09 14:16 . 2010-12-17 15:41 731136 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 14:16 . 2010-12-17 13:54 677888 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-03-09 14:16 . 2010-12-29 19:01 416768 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 14:16 . 2010-12-29 19:01 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 14:16 . 2010-12-29 18:28 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-09 14:16 . 2010-12-29 19:01 210944 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 14:16 . 2010-12-29 18:59 226816 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 14:16 . 2010-12-29 18:28 322560 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-09 14:16 . 2010-12-29 18:28 153088 ----a-w- c:\windows\SysWow64\sbeio.dll
2011-03-09 14:16 . 2010-12-29 18:26 177664 ----a-w- c:\windows\SysWow64\mpg2splt.ax
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-03 15:40 . 2010-06-24 17:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 23:11 . 2009-10-03 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:46 . 2011-02-08 20:12 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:17 . 2011-02-08 20:12 366592 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:17 . 2011-02-08 20:12 625152 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:16 . 2011-02-08 20:12 287232 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:16 . 2011-02-08 20:12 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:16 . 2011-02-08 20:12 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:16 . 2011-02-08 20:12 1268224 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:16 . 2011-02-08 20:12 748544 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:16 . 2011-02-08 20:12 47104 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:16 . 2011-02-08 20:12 3548672 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:16 . 2011-02-08 20:12 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:14 . 2011-02-08 20:12 278528 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:14 . 2011-02-08 20:12 195072 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:08 . 2011-02-08 20:12 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
2011-01-20 16:08 . 2011-02-08 20:12 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-08 20:12 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-01-20 16:08 . 2011-02-08 20:12 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
2011-01-20 16:08 . 2011-02-08 20:12 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
2011-01-20 16:07 . 2011-02-08 20:12 258048 ----a-w- c:\windows\SysWow64\winspool.drv
2011-01-20 16:07 . 2011-02-08 20:12 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2011-01-20 16:06 . 2011-02-08 20:12 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2011-01-20 16:04 . 2011-02-08 20:12 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2011-01-20 16:04 . 2011-02-08 20:12 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2011-01-20 15:01 . 2011-02-08 20:12 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 15:01 . 2011-02-08 20:12 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:59 . 2011-02-08 20:12 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:58 . 2011-02-08 20:12 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:57 . 2011-02-08 20:12 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:42 . 2011-02-08 20:12 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:41 . 2011-02-08 20:12 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:40 . 2011-02-08 20:12 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:40 . 2011-02-08 20:12 34304 ----a-w- c:\windows\system32\mfpmp.exe
2011-01-20 14:40 . 2011-02-08 20:12 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:37 . 2011-02-08 20:12 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:35 . 2011-02-08 20:12 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 14:28 . 2011-02-08 20:12 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
2011-01-20 14:27 . 2011-02-08 20:12 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-20 14:25 . 2011-02-08 20:12 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2011-01-20 14:24 . 2011-02-08 20:12 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-08 20:12 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-08 20:12 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-08 20:12 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2011-01-20 14:14 . 2011-02-08 20:12 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-08 20:12 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2011-01-20 14:11 . 2011-02-08 20:12 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2011-01-20 14:06 . 2011-02-08 20:12 834048 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:47 . 2011-02-08 20:12 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-01-08 09:03 . 2011-02-08 20:11 48128 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 08:47 . 2011-02-08 20:11 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-08 06:45 . 2011-02-08 20:11 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-01-08 06:28 . 2011-02-08 20:11 292352 ----a-w- c:\windows\SysWow64\atmfd.dll
2008-10-09 01:28 . 2008-10-09 01:43 1308216 ----a-w- c:\program files (x86)\HijackThis_61608.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\mom\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\mom\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\mom\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"Google Update"="c:\users\mom\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-02-26 135664]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WD Drive Manager"="c:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2008-07-24 479744]
"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe" [2010-11-20 5419376]
"SMART SNMP Agent"="c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe" [2010-11-20 1664368]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Share-to-Web Namespace Daemon"="c:\program files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
SMART Board Tools.lnk - c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe [2010-11-19 13310832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"SearchSettings"="c:\program files (x86)\pdfforge Toolbar\SearchSettings.exe"
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
R3 NETw4v64;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw4v64.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-09-11 735960]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-07-24 118272]
S3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-12-07 05:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-06 19:42]
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-06 19:42]
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3671318887-2154002036-3500123629-1000Core.job
- c:\users\mom\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-06 14:47]
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3671318887-2154002036-3500123629-1000UA.job
- c:\users\mom\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-06 14:47]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\mom\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\mom\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\mom\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
"combofix"="c:\combofix\CF20695.cfxxe" [X]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-04 186904]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-05-05 1702400]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2716216]
"RtHDVCpl"="RAVCpl64.exe" [2007-03-09 5021696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} -
FF - ProfilePath - c:\users\mom\AppData\Roaming\Mozilla\Firefox\Profiles\us8nf5aw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/|http://fwafatech.net/1011_7th.php|https://snapgrades.com/login/index.php
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: SMART Notebook Extension: {D6D05E6F-D5C1-4e03-8E33-73F92B05E262} - c:\program files (x86)\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Diigo Toolbar: {fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3} - %profile%\extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}
FF - Ext: Capture Fox: capturefoxmovie@advancity.net - %profile%\extensions\capturefoxmovie@advancity.net
FF - Ext: Link Evaluator: {2d4271b9-cc9f-4f37-8b1e-340293eacd5c} - %profile%\extensions\{2d4271b9-cc9f-4f37-8b1e-340293eacd5c}
FF - Ext: Right-Click-Link: {AA6F0803-145A-4200-8E5E-68898D02B5B3} - %profile%\extensions\{AA6F0803-145A-4200-8E5E-68898D02B5B3}
FF - Ext: Site Information Tool: siteinfo@wmtips - %profile%\extensions\siteinfo@wmtips
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Zotero: zotero@chnm.gmu.edu - %profile%\extensions\zotero@chnm.gmu.edu
FF - Ext: Cooliris: piclens@cooliris.com - %profile%\extensions\piclens@cooliris.com
FF - Ext: Zemanta: firefox@zemanta.com - %profile%\extensions\firefox@zemanta.com
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: TigerLogic yolink: ChunkIt@tigerlogic.com - %profile%\extensions\ChunkIt@tigerlogic.com
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Yahoo! Mail - c:\windows\system32\regsvr32
AddRemove-StudioWorks - c:\windows\system32\javaws.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Flip Video\FlipShare\FlipShareService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files (x86)\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\progra~2\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
c:\program files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\program files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files (x86)\SMART Technologies\SMART Product Drivers\Aware.exe
c:\program files (x86)\SMART Technologies\SMART Product Drivers\Marker.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Completion time: 2011-04-03 10:50:03 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-03 15:50
.
Pre-Run: 121,050,378,240 bytes free
Post-Run: 121,353,129,984 bytes free
.
- - End Of File - - 4C77AED18F717CF6F18412816CD9D515


Thank you so much!

Sherill

#7 duckfeet

duckfeet

    Forum Deity

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,451 posts

Posted 03 April 2011 - 08:19 PM

I spent some time unistalling a lot of programs in addition to the Viewpoint and Pdfforge that you suggested. In the report here it shows that Google Updater is still there, but I'm pretty sure I uninstalled it.... (add/remove programs in control panel). In any case.....

Google Updater seems to come back. It's safe :). I'm glad you started getting rid of excess programs. That is an *excellent* and recommended step when a computer starts slowing down. Please also look at this page, and look at your startups as you also mentioned a slow startup:
Slow Computer?

----


Please run the following scan:
ESET OnlineScan

-->> Click the Posted Image button.
-->> For alternate browsers only: (Microsoft Internet Explorer users can skip these 2 steps)
  • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Make sure that the option Remove found threats is unchecked, and the option Scan unwanted applications is checked
  • Accept any security warnings from your browser.
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

My help is free. However, Donations in support of this website are always appreciated!

#8 sherill

sherill

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 05 April 2011 - 01:01 PM

Hi duckfeet,

The online ESET scan wouldn't load a- error 100. I did run a scan though using the ESET Smart Security 4.0467.0. I've included that log. The final analysis said that there were no threats detected. Let me know if this doesn't give you the information you need....

Scan Log
Version of virus signature database: 6011 (20110403)
Date: 4/5/2011 Time: 10:26:46 AM
Scanned disks, folders and files: Operating memory;C:\Boot sector;D:\Boot sector;C:\;D:\
C:\pagefile.sys - error opening [4]
C:\HP\BIN\BlockTracker.py » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » PROCESS_LIBRARY.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » HIRING_REQUISITION_CUSTOMIZED.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » HIRING_REQUISITION.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » TRACK_ISSUES.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » POLICIES.FDT » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\3ivx\3ivx MPEG-4 5.0.3\ReadMe.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\AMP Font Viewer\uninstall.exe » NSIS - bad archive
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht1 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht2 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht11 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht21 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht5 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht6 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht7 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht8 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht9 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht01 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht12 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht13 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht14 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht15 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht16 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht17 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht18 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht19 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht20 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht3 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht22 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht23 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht10 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\LS_HSI.msi » MSI » Data1.cab » CAB » getting_started.mht4 » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\ara\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\chs\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\cht\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\csy\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\dan\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\deu\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\ell\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\enu\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\esn\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\fin\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\fra\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\heb\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\ita\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\jpn\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\kor\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\nld\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\nor\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\plk\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\ptb\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\ptg\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\rus\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\sky\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\sve\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\LightScribe\Content\trk\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Common Files\Windows Live\.cache\6e5213e41cb9cc444\BingbarPackage.cab » CAB » OEM\Packages\default\SearchEnhancementPackSetup.EXE » CAB » SearchEnhancementPack.msi » MSI » SEP.cab » CAB » SHff_chrome_manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\genius_maxfighter_f16u.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\logitech_attack3.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\logitech_extreme_3d.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\logitech_force_3d.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\logitech_freedom.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\saitek_cyborg_evo.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\saitek_x52.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\speed_link_black_hawk.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\speed_link_black_widow.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\speed_link_cougar_flightstick.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\speed_link_dark_tornado.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\client\res\flightsim\controller\xbox_360.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\genius_maxfighter_f16u.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\logitech_attack3.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\logitech_extreme_3d.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\logitech_force_3d.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\logitech_freedom.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\saitek_cyborg_evo.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\saitek_x52.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\speed_link_black_hawk.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\speed_link_black_widow.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\speed_link_cougar_flightstick.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\speed_link_dark_tornado.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Google\Google Earth\plugin\res\flightsim\controller\xbox_360.ini » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\aol-usdia00039hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\earthlindia00013hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\junodia00002hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\msn-usdia00021hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\netzero-dia00003hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\HPQ\Lightscribe\PSG Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\compiler\visitor.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\msilib\schema.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\lxml\sax.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\add_newdocs.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\matlib.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\core\defchararray.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\core\tests\test_defmatrix.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\core\tests\test_multiarray.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\core\tests\test_numeric.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\core\tests\test_regression.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\core\tests\test_scalarmath.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\core\tests\test_umath.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\distutils\command\egg_info.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\distutils\command\install_data.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\distutils\command\sdist.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\distutils\tests\test_fcompiler_gnu.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\f2py\lib\parser\test_Fortran2003.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\lib\convdtype.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\lib\setup.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\lib\__init__.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\lib\tests\test_index_tricks.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\lib\tests\test_shape_base.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\numarray\setup.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\numarray\util.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\numarray\__init__.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\random\setup.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\tests\test_ctypeslib.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Java\jre6\lib\resources.jar » ZIP » com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Java\jre6\lib\resources.jar » ZIP » com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Java\jre6\lib\resources.jar » ZIP » javax/xml/bind/Messages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Java\jre6\lib\deploy\ffjcext.zip » ZIP » {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}/chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ff\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition - Customized.fdt » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition.fdt » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\POLICIES.FDT » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Process Library.fdt » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Track Issues.fdt » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\chrome\comm.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\chrome\pippki.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Thunderbird\chrome\gloda.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Thunderbird\chrome\newsblog.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Mozilla Thunderbird\chrome\pippki.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\compiler\visitor.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\MultiStatusBar.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\OutputWindow.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\Percolator.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\ReplaceDialog.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\ScrolledList.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\SearchDialog.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\SearchDialogBase.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\WidgetRedirector.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\idlelib\WindowList.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\lib\lib-old\whatsound.py » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\libs\tools\antiword\Docs\antiword.old.php » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\libs\tools\antiword\Docs\Emacs » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\libs\tools\antiword\Docs\Exmh » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\libs\tools\antiword\Docs\Mutt » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\libs\tools\antiword\Docs\Netscape » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Scribus 1.3.3.13\share\fonts\Vera\README.TXT » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\default.spl » ZIP » Library.xml - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\default.spl » ZIP » Property.xml - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\default.spl » ZIP » slingcentral.tif - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » abc-family.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » abc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » ae.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » altitude.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » amc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » american-life.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » animal-planet.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » bbc-america.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » bet.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » biography.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » bloomberg.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » boomerang.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » bravo.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » c-span-2.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » c-span.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » canal-sur.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cartoon-network.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cbs.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » church-hannel.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cine-latino.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cinemax.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cmt.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cnbc-world.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cnbc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cnn-espanol.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cnn-headline-news.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cnn.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » colours.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » comcast-sportsnet.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » comedy-central.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » court-tv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » cstv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » current.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » discovery-espanol.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » discovery-health.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » discovery-home.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » discovery-kids.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » discovery-times.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » discovery.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » dish-cd.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » disney-2.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » disney.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » diy.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » dmx-music.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » e.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » encore-actiion.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » encore-drama.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » encore-love.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » encore-mystery.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » encore-wam.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » encore-west.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » encore-westerns.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » encore.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » espn-2.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » espn-classic.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » espn-news.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » espn-u.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » espn.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » ewtn-espanol.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » ewtn.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » extreme-sports-channel.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fashion-tv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fine-living.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fit-tv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » flix.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » food.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fox-movies.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fox-news.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fox-reality.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fox-soccer.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fox-sports-espanol.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fox-sports.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fox.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fstv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fuel-tv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fuse.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » fx.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » g4.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » gac.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » galavision.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » gol-tv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » golf-channel.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » gsn.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » hbo-family.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » hbo-plus.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » hbo-signature.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » hbo.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » hgtv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » history-intl.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » history.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » home-shopping-network.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » htv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » ifc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » inspiration.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » Library.xml - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » lifetime-movie-network.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » lifetime.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » military.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » msnbc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » mtv-2.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » mtv-espanol.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » mtv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » mun2.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » music-choice-classic-rock.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » music-choice-jazz.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » music-choice.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » national-geographic.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » nba-tv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » nbc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » nesn.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » nfl-network.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » nick-at-nite.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » nickelodeon.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » nicktoons.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » noggin.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » oln.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » outdoor-channel.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » oxygen.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » pbs-kids.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » pbs.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » phoenix-tv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » playboy.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » Property.xml - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » qvc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » sci-fi.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » showtime-east.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » showtime-extreme.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » showtime-too.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » showtime.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » shwtime-west.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » si-tv.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » sirius.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » soapnet.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » speed-channel.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » spike.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » starz-edge.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » starz-in-black.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » starz-west.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » sundance.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » sunshine-network.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » tbs.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » tcm.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » telefutura.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » the-wb.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » tlc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » tmc-xtra-west.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » tmc.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » tnt.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » travel-channel.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » turner-south.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » tv-land.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » univision.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » upn.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » usa.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » vh1.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » videoland.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » weather-channel.png - error - password-protected file
C:\Program Files (x86)\Sling Media\SlingPlayer\Library\us.spl » ZIP » yes-network.png - error - password-protected file
C:\Program Files (x86)\SMART Technologies\SMART Notebook\smartnotebook.xpi » ZIP » chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\SMART Technologies\SMART Notebook\WebInterface\chrome\toolkit.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Sony Setup\Vegas Movie Studio 9.0\main.cab » CAB » Vegas_Movie_Studio_9_ShuttlePRO_v2.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Sony Setup\Vegas Movie Studio 9.0\main.cab » CAB » Vegas_Movie_Studio_9_ShuttlePRO.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Sony Setup\Vegas Movie Studio 9.0\main.cab » CAB » Vegas_Movie_Studio_9_ShuttleXpress.mht » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Western Digital\MY Passport Elite Tools\MioNet\MioNet Program Files\jvm\lib\resources.jar » ZIP » com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Western Digital\MY Passport Elite Tools\MioNet\MioNet Program Files\jvm\lib\resources.jar » ZIP » com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Western Digital\MY Passport Elite Tools\MioNet\MioNet Program Files\jvm\lib\resources.jar » ZIP » javax/xml/bind/Messages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files (x86)\Western Digital\MY Passport Elite Tools\MioNet\MioNet Program Files\jvm\lib\deploy\ffjcext.zip » ZIP » {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}/chrome.manifest » MIME - is OK (internal scanning not performed)
C:\ProgramData\Flip Video\FlipShare\Updates\SoftwareExec_All_en-US_5.10.25.102259\highlander_d25_102259_ufpv.zip_ » ZIP » Start FlipShare.app/Contents/Resources/FlipShare.mpkg/Contents/Packages/FlipShare.pkg - archive damaged
C:\ProgramData\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\aol-usdia00039hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\ProgramData\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\earthlindia00013hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\ProgramData\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\junodia00002hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\ProgramData\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\msn-usdia00021hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\ProgramData\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\en_us\content\netzero-dia00003hpd23\content.mht » MIME - is OK (internal scanning not performed)
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5b9bbfa9b933797c096a618f1931f018_607b0586-88da-4f7b-9d1a-bdb0e2653148 - error opening [4]
C:\ProgramData\Pure Digital Technologies\FlipShare\Updates\SoftwareExec_All_en-US_4.5.0.39816\Beetleshack_D19_US_UpdateFromPreviousVersion.zip » ZIP » FlipShare.msi » MSI - archive damaged - the file could not be extracted.
C:\ProgramData\Pure Digital Technologies\FlipShare\Updates\SoftwareExec_All_en-US_5.0.5.52727\caddyshack_d34_US_UFPV.zip » ZIP » FlipShare.msi » MSI » contents.cab » CAB » Windows_3ivx_Installer.exe » NSIS » ReadMe.mht » MIME - is OK (internal scanning not performed)
C:\ProgramData\Spybot - Search & Destroy\Recovery\FunWebProducts.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\FunWebProducts.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\FunWebProducts1.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\FunWebProducts1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch5.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch5.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch6.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch6.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch7.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch7.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch8.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch8.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch9.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch9.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWebSearch.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWebSearch.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWebSearch1.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWebSearch1.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWebSearch2.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWebSearch2.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWebSearch3.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWebSearch3.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\Opachkiru.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\ProgramData\Spybot - Search & Destroy\Recovery\Opachkiru.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\SWSetup\AOLIMS\Vwpt.exe » NSIS - unpack error
C:\SWSetup\CyberDVD\Stage1\PDIR\PowerDirector.msi » MSI » ISSetupFile.SetupFile24 » MIME - is OK (internal scanning not performed)
C:\SWSetup\CyberDVD\Stage1\PDIR\PowerDirector.msi » MSI » ISSetupFile.SetupFile25 » MIME - is OK (internal scanning not performed)
C:\SWSetup\CyberDVD\Stage2\PDIR\PowerDirector.msi » MSI » ISSetupFile.SetupFile24 » MIME - is OK (internal scanning not performed)
C:\SWSetup\CyberDVD\Stage2\PDIR\PowerDirector.msi » MSI » ISSetupFile.SetupFile25 » MIME - is OK (internal scanning not performed)
C:\SWSetup\Drivers\Chipset\Lang\CHIP\ESP\license.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Drivers\Chipset\Lang\CHIP\ITA\license.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Drivers\Chipset\Lang\CHIP\PTB\license.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Drivers\Chipset\Lang\CHIP\PTG\license.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Drivers\ITM\Lang\Storage\ESP\license.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Drivers\ITM\Lang\Storage\ITA\license.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Drivers\ITM\Lang\Storage\PTB\license.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Drivers\ITM\Lang\Storage\PTG\license.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Inetsec\Support\LUpdate\WLUEX\0c01\EULA.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Inetsec\Support\LUpdate\WLUEX\1001\EULA.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\Inetsec\Support\LUpdate\WLUEX\1601\EULA.txt » MIME - is OK (internal scanning not performed)
C:\SWSetup\LSHSI\LS_HSI.msi » MSI » Data1.cab » CAB » Getting_Started.mht.94516D55_6406_464D_9270_8D4D33342AE2 » MIME - is OK (internal scanning not performed)
C:\SWSetup\LSHSI\LS_HSI.msi » MSI » Data1.cab » CAB » Getting_Started.mht.A1FFBB52_4F2E_44F1_8614_5D66C2EF43F0 » MIME - is OK (internal scanning not performed)
C:\

#9 duckfeet

duckfeet

    Forum Deity

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,451 posts

Posted 05 April 2011 - 05:33 PM

The online ESET scan wouldn't load a- error 100. I did run a scan though using the ESET Smart Security 4.0467.0. I've included that log. The final analysis said that there were no threats detected. Let me know if this doesn't give you the information you need....

Yes: that's fine, your logs appear clean. Just some stuff in quarantine we'll remove in cleanup.
Please clean out your Java Cache, by going to Start -> Control Panel-> Programs Double-click on the Java Icon, which will open up the Java Control Panel.
  • Click Settings under Temporary Internet Files.
  • The Temporary Files dialog box appears.
  • Click on Delete Files
  • The Delete Temporary Files dialog box appears.
  • Make sure all are checked.
  • Click OK twice.
See
Clear Java Cache if you have problems.

----


>> Please clear the caches of your browsers (If you have these browsers)


  • Internet Explorer cache: - Open IE8 and from the "Safety" menu in the upper right, click "Delete Browsing History..." . - Uncheck "Preserve Favorites website data", - Check "Temporary Internet files", "Cookies", and "History". - Click on the "Delete" button.
  • Firefox : - Open FF and from the "Tools" menu in the upper right, select "Clear Recent History..." . - From the "Time range to clear" drop-down menu, select the desired range. To clear your entire cache, select "Everything". - Click the down arrow next to "Details" to choose what history elements to clear (e.g., check Cookies to clear cookies). Click Clear Now.
  • Chrome: - Open Chrome and from the "Tools" menu in the upper right, select "Options". Posted Image - From the Under the Hood tab, click "Clear browsing data..." . - Select the items you want to clear (Clear browsing history, Clear download history...), and then click "Clear browsing data".
----



How is your computer running now? I do see a lot of stuff in startup that you could probably take out. Did you go to this page, and go through it?Slow Computer? It will help you speed up your computer. Now that you have removed unwanted programs, make sure you only have what is needed in startup. It's a bit tedious doing it, but using the StartupLite tool, and also Msconfig to find what is slowing you down is very helpful. Let me know.





My help is free. However, Donations in support of this website are always appreciated!

#10 sherill

sherill

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 07 April 2011 - 02:03 PM

Done! I checked out that webpage about speeding up my computer, deleted temp files, emptied all my caches and histories, updated CCleaner and did some more uninstalling, made some changes in my programs start up list, did a disk cleanup and defrag, and a final ESET scan. I think it's running as it should now, considering its age and the amount of data I've stored.

You mentioned that you saw things in my startup that didn't need to be there - would you tell me more about that? I'll post a hiJackthis log so you can check...


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:00:45 PM, on 4/7/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\SMART Technologies\SMART Product

Drivers\SMARTBoardTools.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\SMART Technologies\SMART Product

Drivers\SMARTBoardService.exe
C:\Program Files (x86)\SMART Technologies\SMART Product

Drivers\SMARTSNMPAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Aware.exe
C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Marker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\protection\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://ie.redirect.hp.com/svs/rdr?

TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program

Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -

C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-

5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9}

- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive

Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-

Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SMART Board Service] C:\Program Files (x86)\SMART

Technologies\SMART Product Drivers\SMARTBoardService.exe
O4 - HKLM\..\Run: [SMART SNMP Agent] C:\Program Files (x86)\SMART

Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

/autoRun
O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files (x86)\SMART

Technologies\SMART Product Drivers\SMARTBoardTools.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2

\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-

5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} -

(no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)

\bonjour\mdnsnsp.dll' missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\CDS300

\__CDS2.dll (file missing)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -

C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files

(x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-

11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common

Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner -

C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)

\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program

Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32

\DFSR.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET

Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart

Security\x86\ekrn.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip

Video\FlipShare\FlipShareService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)

\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. -

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files

(x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program

Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel

Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage

Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation

- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32

\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)

\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32

\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service

(LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common

Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32

\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown

owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)

\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner -

C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) -

Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown

owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner -

C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown

owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner -

C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner -

C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner

- C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner -

C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown

owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -

C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -

C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation -

c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36

\bin\mysqld.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program

Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -

Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9705 bytes


I know you put a lot of time into this as did I. My IT person at work kept telling me that sometimes you just have to let things go - he advised to wipe it clean and upgrade to Windows 7. This old laptop is pretty long in the tooth though and I don't want to spend money on a new OS when I'll probably be buying a new laptop pretty soon! I appreciate your help VERY much!


Sherill

#11 duckfeet

duckfeet

    Forum Deity

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,451 posts

Posted 07 April 2011 - 09:23 PM

Done! I checked out that webpage about speeding up my computer, deleted temp files, emptied all my caches and histories, updated CCleaner and did some more uninstalling, made some changes in my programs start up list, did a disk cleanup and defrag, and a final ESET scan. I think it's running as it should now, considering its age and the amount of data I've stored.
You mentioned that you saw things in my startup that didn't need to be there - would you tell me more about that? I'll post a hiJackthis log so you can check...
<snip>
I know you put a lot of time into this as did I. My IT person at work kept telling me that sometimes you just have to let things go - he advised to wipe it clean and upgrade to Windows 7. This old laptop is pretty long in the tooth though and I don't want to spend money on a new OS when I'll probably be buying a new laptop pretty soon! I appreciate your help VERY much!

You're welcome, and older computers are good for all kinds of reasons, one of which that by upgrading and messing with them, one can learn a lot. I learned most on my older computer because I took more chances with it: I backed everything up, made a mirror copy, and then I could try different things.

---

On Stuff in your Startup that doesn't need to be there: It's more of an 'atitude' thing than anything else: unless I need it for the operating system to run, I generally *don't*want it in Startup. I use ccleaner to keep an eye on Startup entries, as I generally run ccleaner about every two weeks: cleanup, keep track of cookies, and then go to 'Tools' and check out Programs and Startup. If I find programs I no longer need, I generally switch to Revo at this point, and remove them thoroughly with Revo, then I go to StartUp and see if there are programs I want to keep, and use, but don't need in Startup.

In Ccleaner, I set them--one at a time--to 'Disable.' Then I reboot. If all is well, then I remove the program from Startup. I never use 'Disable' permanently. It's just msconfig, and one only uses 'Disable' for diagnostic purposes, not for a permanent solution. I can also google any programs I'm not sure about, and see if they are vital to running my OS. I only have *3* programs showing in ccleaner/Startup. My antivirus, my firewall, and Dropbox. I have all icons showing in bottom right, and those are all that show there, other than volume and Network. Any other programs I need, I can just click on and run. Startup for me, is just for vital stuff. Also, keep Desktop clean. Only have a few icons that you use regularly.

In your case, I'd just look at what is in Startup, and ask yourself if you need it running right away, of if you can access it when you need it. You might look at any other programs you have running, but I can't really tell you what to take off, as it's sort of a slow process to sort through all that, but generally, I don't need hardly any programs running in Startup: no photos, no microsoft office, no cd burners, no Apple/Quicktime/itunes updaters, no printers, no cams... What's the SMART need to be at startup for?

Again, just disable it and reboot, and see if you miss having it right way. But you will have to do it, I can't decide, as it's a personal decision. "Less is More," is my motto, but you'll have to see what you need. Some do it with msconfig, like that 'Slow computer' page shows you how to do...I've taken hours going over this with friends, trying to speed up their computers....you learn a lot doing it, though, about what is slowing down your computer.

----

The following will implement some cleanup procedures as well as reset System Restore points:

  • Click START then Run (If you don't see the Run command, type Run in the search box, it will bring it up under Programs)
  • Now copy/paste Combofix /Uninstall into the runbox and click OK. (Note the space between the ..x and the /U, it needs to be there.)
-----

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

------

Please enable Automatic Updates under Start > All Programs > Windows Update See: Windows Update Vista
It's important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer and will include the very important Critical Updates.

-------

Make sure to re-enable your security programs. You already have ESET antivirus running: ESET includes protection against viruses, spyware and other forms of malicious software. You always want to have one--but only one!--antivirus and antispyware program running in real-time mode. Most reputable antivirus programs now also have some form of antispyware protection, so it is important to ensure no other antivirus/antispyware programs are running real-time protection at the same time as this can cause conflicts, false positives, and lessen the effectiveness of each.

The free edition of MBAM is also a passive protector and can be used to regularly scan the computer.

----

Make sure your programs are up to date - because older versions may contain Security Leaks.
To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Adobe: Earlier versions have vulnerabilites!

The latest Adobe Reader (Adobe Reader X) is available here.

Note: I recommend you uncheck any optional installs (Free McAfee Security Scan or Free Google Toolbar).

----

To prevent the automatic running of programs when you insert a USB/flash drive I suggest downloading and installing Panda USB Vaccine or Flash Disinfector by sUBs Please see USB Flash Drive Safety for information and downloads.

----

Malware steals passwords! If you haven't changed all your passwords yet, I strongly recommend you do it now. Please create strong passwords and use a different one for every site. You can store all passwords in a KeePass.

----

Routers get infected too. To prevent this see:
How to Secure a Wireless Router
Every router is different, so to get more details and tutorials for your own router, just use google to find the info.
For example, if you have a linksys router, google: How to secure a linksys router.

----

Be very careful of 'rogue' and 'scareware' programs. These are fake security programs that mimic legitimate ones. Whether it is a popup saying you have malware, or a real infection that has a bogus 'antivirus' or 'security' name attached, these are simply attempts by online criminals to get your money. There are endless variations on these schemes. Don't click *anywhere* on security popups that you did not install yourself. If you are unsure--or have been infected--close your browser, and seek help in a security forum you trust.
See: Fake infection warnings

--------

For much more useful information see:
Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help. :)

Edited by duckfeet, 07 April 2011 - 09:27 PM.

My help is free. However, Donations in support of this website are always appreciated!

#12 duckfeet

duckfeet

    Forum Deity

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,451 posts

Posted 13 April 2011 - 12:35 PM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
My help is free. However, Donations in support of this website are always appreciated!




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button