Jump to content


Photo

Help! Files getting "corrupted" on my computer!

corrupted files home screen takeover

  • This topic is locked This topic is locked
25 replies to this topic

#1 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 04 August 2013 - 12:09 AM

I need your help. Files keep getting corrupted on my computer for no reason, then i can't use them. For example, my wife created several new Microsoft Word documents, but when she tried to open them several days later, the files were corrupted. The same thing happened in Movie Maker and Publisher. 

 

Here are my logs:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.03.06
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
Jeff :: HARPERHOUSE [administrator]
 
8/3/2013 9:04:30 PM
mbam-log-2013-08-03 (21-04-30).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 391128
Time elapsed: 20 minute(s), 33 second(s)
 
Memory Processes Detected: 2
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 2872 -> No action taken.
C:\Windows\System32\dmwu.exe (PUP.InstallBrain) -> 2248 -> No action taken.
 
Memory Modules Detected: 1
C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0\mgHelperGC.dll (PUP.Optional.SweetIM) -> No action taken.
 
Registry Keys Detected: 26
HKLM\SYSTEM\CurrentControlSet\Services\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> No action taken.
HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> No action taken.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\CLSID\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\Extension.ExtensionHelperObject.1 (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\Extension.ExtensionHelperObject (PUP.Optional.SweetPacks.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D} (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}_is1 (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (Adware.GameVance) -> Quarantined and deleted successfully.
 
Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data:  -> No action taken.
 
Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://start.sweetpa...06.10045&barid={7A963AAE-F3C3-11E2-B836-B8AC6FB52881}) Good: (http://www.google.com) -> Quarantined and repaired successfully.
 
Folders Detected: 16
C:\Users\Venessa\AppData\Local\TopArcadeHits (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Program Files\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale\en-US (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\skin (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\defaults (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\libraries (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\resources (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Users\Venessa\AppData\Local\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully.
 
Files Detected: 45
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0\mgHelperGC.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> No action taken.
C:\Program Files\Updater By SweetPacks\Extension32.dll (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\Shortcut_sweetpacks_dlcom_7172013.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\1374603266_3991503_509_4.tmp (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\ct3287375\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\ct3287375\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\ct3287375\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Jeff\Local Settings\Temporary Internet Files\Content.IE5\9OVUML5D\Vafmusic[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Jeff\Local Settings\Temporary Internet Files\Content.IE5\Q8UYKTUW\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Jeff\Local Settings\Temporary Internet Files\Content.IE5\SOLWE2DX\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Jeff\Local Settings\Temporary Internet Files\Content.IE5\SOLWE2DX\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Windows\Installer\3c0d9d.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Venessa\AppData\Local\TopArcadeHits\tah.config (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Users\Venessa\AppData\Local\TopArcadeHits\Toparcadehits.dll (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Users\Venessa\AppData\Local\TopArcadeHits\uninstaller.exe (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Users\Venessa\AppData\Local\TopArcadeHits\updater.exe (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Windows\Tasks\TopArcadeHits.job (PUP.Optional.TopArcadeHits.A) -> No action taken.
C:\Windows\System32\dmwu.exe (PUP.InstallBrain) -> No action taken.
C:\Program Files\Updater By SweetPacks\InstallerHelper.dll (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\unins000.dat (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\unins000.exe (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome.manifest (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\install.rdf (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.js.bak (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.xul (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources\localscript.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale\en-US\overlay.dtd (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\skin\overlay.css (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences\defaults.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By SweetPacks\resources\localscript.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Users\Jeff\AppData\Local\Temp\DIQM\quicktime_085\quicktime_V.161123635c.exe (Adware.DomaIQ) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\Local\TopArcadeHits\tah.config (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\Local\TopArcadeHits\Toparcadehits.dll (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\Local\TopArcadeHits\uninstaller.exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\Local\TopArcadeHits\updater.exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Play Toparcadehits Online.url (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Uninstall Toparcadehits.lnk (Adware.GameVance) -> Quarantined and deleted successfully.
 
(end)
 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Jeff at 21:41:57 on 2013-08-03
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3071.1357 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Paragon Software\HFS+ for Windows  8.0\apmwinsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\BPowMon\BPowMon.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Windows\system32\dmwu.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Dantz\Retrospect Express HD\RetroExpress.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Windows\System32\jmdp\stij.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Logitech\LWS\LU\LULnchr.exe
C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe
C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\vssvc.exe
C:\Program Files\Dantz\Retrospect Express HD\retrospect.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={7A963AAE-F3C3-11E2-B836-B8AC6FB52881}
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - 
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - c:\program files\updater by sweetpacks\Extension32.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\jeff\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [Akamai NetSession Interface] "c:\users\jeff\appdata\local\akamai\netsession_win.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [chromium] c:\users\jeff\appdata\local\google\chrome\application\chrome.exe --no-startup-window
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RetroExpress] c:\progra~1\dantz\retros~1\RetroExpress.exe /h
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [NetFxUpdate_v1.1.4322] "c:\windows\microsoft.net\framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [USBToolTip] c:\progra~1\pinnacle\shared~1\programs\usbtip\USBTip.exe
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [WinCast] f:\cdsetup\setup.exe -leng
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{4AD1DB34-5391-4D54-8064-46758E08C149} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5F702368-0CF8-497E-BC14-04E033096CD2} : DHCPNameServer = 198.224.169.135 198.224.170.135
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 apmwin;apmwin;c:\windows\system32\drivers\apmwin.sys [2011-8-7 41168]
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 39224]
R0 gpt_loader;GUID Partition table support driver;c:\windows\system32\drivers\gpt_loader.sys [2011-8-7 42320]
R0 mounthlp;Mounter helper driver for HFS volumes;c:\windows\system32\drivers\mounthlp.sys [2011-8-7 31440]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 26984]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2010-5-31 81920]
R2 apmwinsrv;Paragon APM service;c:\program files\paragon software\hfs+ for windows  8.0\apmwinsrv.exe [2010-12-16 63568]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2011-2-24 152576]
R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2011-2-24 49152]
R2 BPowMon;Broadcom Power monitoring service;c:\program files\broadcom\bpowmon\BPowMon.exe [2009-8-17 79168]
R2 Carbonite-Mirror-Image-Svc;Carbonite Mirror Image Service;c:\program files\carbonite\carbonite mirror image\CarboniteMirrorImage.exe [2012-10-17 4110336]
R2 HfsplusRec;HfsplusRec;c:\windows\system32\drivers\hfsplusrec.sys [2011-8-7 13904]
R2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe [2013-7-23 1341744]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2012-1-18 450848]
R2 Updater By SweetPacks;Updater By SweetPacks;c:\program files\updater by sweetpacks\ExtensionUpdaterService.exe [2013-7-23 188760]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-10-15 711112]
R3 Hfsplus;Hfsplus;c:\windows\system32\drivers\hfsplus.sys [2011-8-7 158800]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2010-5-31 273960]
R3 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2011-2-24 247320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2012-1-18 22176]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-22 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\drivers\hcwhdpvr.sys [2011-10-20 152576]
S3 ICDUSB2;Sony IC Recorder (ST);c:\windows\system32\drivers\IcdUsb2.sys [2011-3-1 39048]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
S3 PlextorTV402U;Plextor ConvertX TV402U A/V Capture;c:\windows\system32\drivers\TVXstream.sys [2005-12-5 150808]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-1 52224]
S3 TVXLoader;PLEXTOR EZ-USB FX2 FIRMWARE LOADER (TVXLoader.sys);c:\windows\system32\drivers\TVXLoader.sys [2005-12-5 18200]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-5 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
ShellExec: DigitalTheatre.exe: open="c:\program files\arcsoft\totalmedia extreme\digital theatre\uDTStart.exe" "%1"
.
=============== Created Last 30 ================
.
2013-07-23 18:15:51 -------- d-----w- c:\program files\AVN Products
2013-07-23 18:14:29 -------- d-----w- c:\program files\Updater By SweetPacks
2013-07-23 18:14:05 -------- d-----w- c:\program files\SweetIM
2013-07-23 18:13:19 -------- d-----w- c:\windows\system32\jmdp
2013-07-23 18:13:10 -------- d-----w- c:\windows\system32\ARFC
2013-07-23 18:13:07 27136 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-07-23 18:13:07 1341744 ----a-w- c:\windows\system32\dmwu.exe
2013-07-23 18:13:05 -------- d-----w- c:\windows\system32\WNLT
2013-07-23 18:01:01 -------- d-----w- c:\programdata\YTD Video Downloader
2013-07-20 08:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 08:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 08:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 08:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-11 04:04:50 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 04:04:46 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 04:04:44 509440 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 04:04:43 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 04:04:40 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2013-07-11 04:04:40 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2013-07-11 04:04:40 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-07-11 04:04:40 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2013-07-11 04:04:27 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
2013-07-11 04:04:27 392704 ----a-w- c:\program files\windows defender\MpClient.dll
2013-07-11 04:04:26 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
2013-07-10 08:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
==================== Find3M  ====================
.
2013-06-23 15:01:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-23 15:01:27 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-23 15:01:27 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-12 02:55:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 02:55:05 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll
2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-09-19 19:58:46 4096000 ----a-w- c:\program files\GUT23F7.tmp
.
============= FINISH: 21:53:59.85 ===============
 

 Results of screen317's Security Check version 0.99.71  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2013   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 25  
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Reader XI  
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
 AVG avgrsx.exe 
 AVG avgnsx.exe 
 AVG avgemc.exe 
 Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 

 



#2 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 04 August 2013 - 12:13 AM

One more thing. My home screen keeps getting take over and redirected to "start.sweetpacks.com" I would like to default back to google. thank you



#3 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 04 August 2013 - 03:57 PM

Hello jeffh8511.

 

Please run Malwarebytes Anti-Malware (MBAM) again and this time let it get rid of all the junk.  Although it's not likely to be the cause of your problem it will be good to have it out of the way.

  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Post the new log.

Then please give me more details. 

  • How long has the file corruption been happening? Did it start suddenly? If so, approximately when?
  • Could it be a memory problem?  See http://www.techsuppo...ane-267698.html for an assortment of possibilities.

Then run the  SFC   /SCANNOW    command. This will check and repair if necessary any critical Windows system files.

Click on Start/All programs/Accessories  then 
Right click on Command Prompt option and select 'Run as administrator'.
(or "Safe Mode" open a Command prompt)
At the command prompt enter:  SFC  /SCANNOW

 

Once that has finished please run ChkDsk.

Click on Start/All programs/Accessories  then 
Right click on Command Prompt option and select 'Run as administrator'.

At the command prompt enter CHKDSK  /F  (this will run after a reboot).

 

Let me know if anything was found to correct.


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#4 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 04 August 2013 - 05:06 PM

HI,

I re-ran malwarebytes and deleted all the problem files. The log is posted below.

 

Here are the answers per your request:

  • How long has the file corruption been happening? Did it start suddenly? If so, approximately when?

response: The corrupted files started in about March 2013 when my wife would create a schedule in Microsoft Word, then go to open the file a few days later and the file would be corrupted and useless. The same thing happened when she created a flyer in Microsoft Publisher. The file was corrupted the next day when she tried to open it again. Recently, I helped her create a file in moviemaker and the file was corrupted the next day. 

response: I am not sure if it is a memory problem and don't know how to tell if that is the problem. Any suggestions?

 

Then run the  SFC   /SCANNOW    command. This will check and repair if necessary any critical Windows system files.

I am running this now... I will respond once completed. Thank you for now. 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.03.06
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
Jeff :: HARPERHOUSE [administrator]
 
8/4/2013 2:22:27 PM
mbam-log-2013-08-04 (14-22-27).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 390392
Time elapsed: 19 minute(s), 3 second(s)
 
Memory Processes Detected: 2
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 2924 -> Delete on reboot.
C:\Windows\System32\dmwu.exe (PUP.InstallBrain) -> 2228 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 18
HKLM\SYSTEM\CurrentControlSet\Services\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
HKCR\CLSID\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\Extension.ExtensionHelperObject.1 (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\Extension.ExtensionHelperObject (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D} (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}_is1 (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data:  -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 13
C:\Program Files\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\Program Files\Updater By SweetPacks\Firefox (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale\en-US (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\skin (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\libraries (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\resources (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
 
Files Detected: 33
C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Extension32.dll (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\Shortcut_sweetpacks_dlcom_7172013.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\1374603266_3991503_509_4.tmp (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3287375\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3287375\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3287375\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\Local Settings\Temporary Internet Files\Content.IE5\9OVUML5D\Vafmusic[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\Local Settings\Temporary Internet Files\Content.IE5\Q8UYKTUW\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Users\Jeff\Local Settings\Temporary Internet Files\Content.IE5\SOLWE2DX\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\Local Settings\Temporary Internet Files\Content.IE5\SOLWE2DX\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\3c0d9d.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Windows\Tasks\TopArcadeHits.job (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Windows\System32\dmwu.exe (PUP.InstallBrain) -> Delete on reboot.
C:\Program Files\Updater By SweetPacks\InstallerHelper.dll (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\unins000.dat (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\unins000.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome.manifest (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\install.rdf (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.js.bak (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\main.xul (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources\localscript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale\en-US\overlay.dtd (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\chrome\skin\overlay.css (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences\defaults.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files\Updater By SweetPacks\resources\localscript.js (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
 
(end)


#5 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 04 August 2013 - 05:39 PM

I ran the first command prompt:  SFC  /SCANNOW

 

Result: all okay... 

 

I ran the second command prompt: CHKDSK /F

 

 

This is the error message I got:

 

The type of the file system is NTFS.

Cannot lock current drive.

 

chkdsk cannot run because he volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? (Y/N)

 

I selected "Y", but the next time my system rebooted, nothing happened. Let me know if you have any suggestions. Thank you



#6 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 04 August 2013 - 05:54 PM

I don't spot any signs of malware but let's check just in case. 

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For altenate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button..

Hardware memory or hard disk problems are unlikely for your particular problem

 

From your answer it appears that the corruptions are all in Microsoft Office files.  Office itself can be corrupt.
 
First find your Office Product Key in case you need to reinstall.  How to find the key.
Before you try uninstalling and reinstalling, try repairing your Office installation.  Repair Office programs


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#7 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 08 August 2013 - 10:46 AM

Are you still with me?


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#8 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 09 August 2013 - 08:52 PM

HI,

Yes, i'm still with you. I will be working on this over the weekend. Thank you for your help.. .



#9 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 09 August 2013 - 10:18 PM

No hurry at all - just thought you might have forgotten...


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#10 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 11 August 2013 - 09:39 PM

Hello,

For some reason, the ESET online scan keeps getting stuck at 99%. I ran it twice this weekend, only to have it hang at 99% for hours and hours. Any ideas? The software found hundreds of threats, but I was not able to delete them since the scan process did not finish. 

 

However, after the ESET online scan, my FREE AVG virus scanning software detected several Trogans, so I deleted them using the AVG software. 

 

Let me know if you have any ideas regarding the ESET online scan hanging up at 99%. Thank you



#11 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 11 August 2013 - 09:51 PM

OK.  Kill it and go ahead and do this:

 

It does seem as though your Office is corrupt since all the corrupt files you mention are Office files.

First find your Office Product Key in case you need to reinstall.  How to find the key.
Before you try uninstalling and reinstalling, try repairing your Office installation.  Repair Office programs

 

ESET probably got stuck on a corrupt file.


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#12 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 17 August 2013 - 11:23 AM

Are you still with me?


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#13 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 19 August 2013 - 11:52 PM

Yes I am... I will be working on this over the weekend. Thank you for all your help so far!

#14 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 28 August 2013 - 11:00 AM

Due to the lack of feedback this Topic is closed.

[Reopened]

This applies only to the original topic starter. Everyone else please begin a New Topic.


Edited by cnm, 30 August 2013 - 11:39 AM.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#15 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 30 August 2013 - 11:38 AM

Reopened at request of topic owner.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#16 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 30 August 2013 - 11:47 AM

i ran the "fix" program for microsoft office, but my files are still getting corrupted, so i need to reinstall Microsoft Office. Working on that now. 



#17 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 01 September 2013 - 11:53 AM

OK, good.  Let me know how it goes.


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#18 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 03 September 2013 - 08:03 PM

I'm having a challenge finding my original software. I have the key on my computer because it came preloaded. If I can't find it by tomorrow, I will close out this inquiry so I don't hold you up. I will let you know... Thanks

#19 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 03 September 2013 - 08:11 PM

No problem keeping this thread open for you..


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#20 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 03 September 2013 - 09:14 PM

Consider LibreOffice

I believe it will let you read (but not write) Microsoft Office files.  It will write them in its own format.

Give it a try.


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#21 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 06 September 2013 - 11:04 PM

Thank you. I will try it tomorrow.

#22 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 07 September 2013 - 12:22 PM

Good news. My computer is working fine now. Thank you for your help!!!! :O)



#23 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 07 September 2013 - 12:24 PM

Good news indeed, but what did you do?  What worked?


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#24 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 07 September 2013 - 12:56 PM

It seems it worked when i followed these instructions from your earlier post:

 

"Before you try uninstalling and reinstalling, try repairing your Office installation.  Repair Office programs"

 

As it turns out, I had some updates that were behind, so the combination of running the repair option and installing 3 updates enabled me to open previously corrupted files. 



#25 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 07 September 2013 - 12:58 PM

Terrific.  So glad you managed it.  Good to hear the files were OK and not corrupt at all.


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#26 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,218 posts

Posted 14 September 2013 - 02:30 PM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button