Dangerous Threats- Not all were removed

My computer has been running a little slower than normal for a few months, but it's getting old and the fan has been acting up. Got a laptop cooling tray - helps - need to baby it for now. I had major malware issues years ago and came here - since then have been very proficient at everything you guys taught me! Thanks - but there are crazy people out there too.
:cry

• I use AVG Free version 2013.0.3345 and have a scan scheduled 4 times a week.
• I use Zone Alarm Free Firewall 10.2.74.0
• Have used CCleaner since the last time, love it. Run it weekly & if having problems or adding or updating software, daily.

If I'm working at my computer when my scheduled scan starts, I stop the scan & then start a "whole computer scan" when I'm done, and tell it to shut down computer when it's done. It just happened that I needed to work late last night, so ran a scan earlier so was awake when it ended... guess I don't usually see this log that I've described below! It started on 4/20/2013 - and only pulls up the 'Potentially Dangerous Threats' when a Whole Computer Scan is done, as opposed to the Scheduled Scan (so there must be a different setting somewhere).

Ran whole computer scan on 6/24/13 at 8:02:55
Report states:
63 Potentially dangerous threats - Not all were removed
Examples of the threats are:

Locked file. Not Tested.
C:\Windows\bthservsdp.dat
result - infected
Type - file or directory

Locked file. Not Tested.
C:\Program Date\Favorites
result - infected
Type - directory

All 63 threats are Locked Files.
I performed your Read & Run Me First and I'm HOPEFULLY attaching the requested logs. As always, your assistance is appreciated, and my computer is profoundly grateful!
Cheryl

 

Thank you, and sorry for the delay after your prompt response!
:cool
I did a rerun of Hitman & fixed the issue.

My biggest concern at that moment was the report stating 63 potentially dangerous threats, and they were all as I state below & in my previous post.

So, when I do a scan using my AntiVirus software - should I be selecting "Scan Infectable Files Only" [which is what I use for my Scheduled Scans]? When I do a thorough scan, I use the settings, "Scan All File Types" & "Files Without Extensions" - this is only every few weeks. It's when I do this thorough scan that I'm getting the "Locked File. Not Tested. Infected". And that's what concerned me.
:confused
The reasons I ran the deeper scan several times in one week are multiple:
- my computer has been getting slow, but also overheating, like it's working too hard; even if I'm just running one app
- it's been taking a very long time to boot
- when I was online this week, several websites started acting strange - data disappearing, especially facebook

Other than that, after I did the clean, I did read ahead into How to Protect Yourself on the latest recommendations for programs and noticed that Zone Alarm is not in the favored list any longer and have gotten rid of it and now use PrivateFirewall.

Thanks for anything further you can provide.
Cheryl

 

Okay TimW,
That thing took one heck of a LONG time... and it found some things, but I don't know how important they are, so here's the log. Thanks again, and a LOT.
Cheryl

 

Hi,
Pretty much the same except I think the website site craziness was a fluke.

Now, when I ran the online scan - the instructions from http://forums.majorgeeks.com/showthread.php?t=149856 said to run the scan and when the scan completes, click List of found threats; Next click Export to text file and save the file to your desktop using a name such as ESETScan.txt. Attach this report to your next reply. Click the <<Back button then click Finish.

There were no instructions to REMOVE anything. Have I read this wrong, or am I supposed to do something different?

For example, does this thing, that was in the report, need to go away??
D:\RIKU-ACER\Backup Set 2010-08-16 102217\Backup Files 2012-08-15 024806\Backup files 18.zip a variant of WMA/TrojanDownloader.GetCodec.gen trojan

:cry Cheryl

 

Well I cleaned up the backup files on D drive anyway - some really old ones - then defragged - hope I didn't screw it up. :-o Doubt it.

After the cleanup, and then just daily doing my regular stuff, actually seemed like it 'might' be booting a little better, moving smoother. I used CCleaner to check what was opening on 'StartUp', etc also. And then several days ago, in between our last correspondence, I got a Blue Screen of Death. Well one time I didn't quite panic. Did a back up and went on. Then the other night - again. So I researched and they said to look at the software & hardware changes made... and then looked on this site and said run "WhoCrashed".

If you remember, I told you that I installed Privatefirewall last week and uninstalled ZoneAlarm, after reading on the Malware forum of the more highly rated firewalls. Since that time I've had 3 BSOD's. - whoops, just had a 4th! The particular details of these I'll list below. When I ran "WhoCrashed", I found out the driver & program that's causing it is the pwipf6.sys from Privacyware/PWI, Inc., or Privatefirewall. I'll attach the log. When I looked online it says that sometimes virus' hide as that particular file, but those were old threads.

The first 2 times I was moving several photo files from a camera SDcard to a flash drive and the computer crashed & blue screened. I made sure I scanned the drive & card and both were clean. I was online when the 2nd two happened, trying to research the problem on MajorGeeks & Google Search. Surprised me.

FROM "WhoCrashed"...
"3 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers: pwipf6.sys (pwipf6, Privacyware/PWI, Inc.)
~~ I checked and I'm running the latest version - no updates found.

:confused
I'm freakin a bit. Today I've got Private Firewall on, but I'm tempted to trash it! One of the posts I read said it was digitally stamped by Symantec - yuck. I also did some digging in the software forum here to update drivers since it said it could be a driver update problem, but I have Iobit's Driver Booster, ran it, and had 3 'ancient' drivers and updated them - they were audio related.

Somehow I don't think the computer having something called a "Blue Screen of DEATH" is good, lol....
:banghead Help... Please... Thanks...

 

Crashing Now regularly... Updates

UPDATE 7-3-13:

2 MORE crashes last night then shut down Privatefirewall. This morning shut it down {privatefirewall} and tried to perform same action and still had a crash. I cannot open a photo file on my laptop now without my computer crashing. NOW I'm freaking... lol. Newest "WhoCrashed" Report attached. My work requires I work with these files daily. I'm screwed.

Damn.... crashed again before I had a chance to send this. I'm operating in safe mode right now. I've deleted Private Firewall but there's still an issue. Please tell me what you need or if I need to go elsewhere in the forums. Thanks Tim!

Changed my mind... continuing on...
Okay, next... did some Windows troubleshooting in Safe Mode:
Control Panel\Problem Reports and Solutions
- Found 6 problems, reporting to Microsoft, No Solutions - love it!
Managed to figure out how to find them, lol. Attached a text report.

Two of them were a software I don't use and it wanted me to update it - removed it instead - unrelated. Another was a software to analyze drive that Majorgeeks recommended but that Windows doesn't recognize driver - ran the report & removed that now {attached it just in case}. so that leaves the 2 Windows issues that are the BSOD. Sent off to Windows. I created a dump report, but creates a file .dmp which doesn't look like you guys want.

Also, said to try same issues in Safe Mode for 'process of elimination'.

• I'm able to open photos on my computer in safe mode and manipulate in my photo program.
• It allowed me to cut & copy/paste photos from my SD card to my flash drive without crashing, in safe mode.

Cheryl Crying ... {don't worry, I cry a lot anyway}
:cry

 

Okay.
Thanks Tim!