Various Problems With My Laptop

[djayz]

I have a couple of different problems with my laptop and have finally gotten around to asking for help in solving these.

Problem # 1: I cannot upload files or photos using my hotmail account. I can upload to facebook, but not to hotmail.

Problem # 2: I cannot download files, photos or software. For example: I just tried to download CCleaner today but could not. When I click on "download" a new window (download) opens but closes again within a second - before I have time to click on "download/save as": It's the same for every photo, file or software I try to download.

Problem # 3: When I'm online, the tabs are constantly "connecting". I'll be in the middle of writing/reading an e-mail for example, and the tab will reconnect. This usually only happens when I use hotmail or facebook (occassionally when I use online banking, but very seldom).

I didn't always have these problems - they just "crept" in with time. The laptop is about 4 - 5 years old and I'm using Windows XP. I don't download games or anything like that, but I do want to download the odd programme (eg. CCleaner) or upload the odd file (e.g my curriculum vitae). I currently use BitDefender Antivirus and Firewall. I cannot determine if this is causing the upload/download problem as described in problem # 2.

What is wrong and how can I fix these problems?

Thanking you all in advance for any advice or help you might be able to give me.

Best regards

Edited August 15, 2010 by djayz

[filingaccount]

Start by temporarily disabling BitDefender, and try to download/upload again.

[sulasno]

try clearing the browser's cache

[Pib]

Start by temporarily disabling BitDefender, and try to download/upload again.

This would be my first step. Could easily be firewall/antivirus settings.

[djayz]

try clearing the browser's cache

How do I do that? I'm not very computer savy... as you might have already guessed.

[Jiu-Jitsu]

Rather than messing around with it, I would suggest that you run a clean install. Copy your important data elsewhere and start again.

What is the make and model of your laptop?

[djayz]

Rather than messing around with it, I would suggest that you run a clean install. Copy your important data elsewhere and start again.

What is the make and model of your laptop?

Do you mean start from scratch? Unfortunately I don't have the MS XP software any more.

I have an acer - Aspire 5100. I've been very satisified with it - in general it's not a bad laptop even though many speak badly about acer.

Thanks again for any info.

[siamect]

First thing.... Do you have a backup of your data?

You should take a backup before you do anything else.

After that you can basically do anything you like, but I would probably do a clean install as suggestedbefore in this thread. You computer cannot be trusted.

The last thing I would do in this case is to disable any antivirus or firwall as someone suggested. There is a chance that this problem is caused by some malware and there is a huge chance that that malware is not the only malware you have. By disabling anything you give this malware full potential to infect, spread or cause other problems....

Martin

Now, let's see how long time it takes before anyone say I' wrong....

Edited August 15, 2010 by siamect

[Pib]

Not too long.

If the firewall/antivirus didn't catch stop/catch a virus while turned on then turning it off temporarily (a few minutes) to see if things work right probably ain't going to hurt anything based on how the OP decribed the type of problem he's having. I haven't had any issues with my Norton 360 causing any problems like the OP has, but I have had other firewall/antivirus programs in the past which did...somehow the firewall/antivirus (usually the firewall) settings just prevented a certain site/functions from working properly until I got them reset right.

I do whole heartly agree "a person needs backups!!!!!....just too many computer problems (like hard drive failures) can take you back to ground zero. And sure hope the OP don't jump over the clip and do a Clean install (i.e., Format C) which is the same as going back to ground zero. Cheers.

[siamect]

... probably ain't going to hurt anything

I fully agree the it is "probably" not dangerous, but when you give advice in a forum and all the world can read it, I think that is not good enough.

Martin

Edited August 15, 2010 by siamect

[Pib]

All firewall / anti virusprograms I know of allow themselves to be temporarily turned off because sometimes they can cause computer problems if the settings get messed up. Of course they will follow-up with a warning of death and destruction...do you really want to do this notice asking if you really want to turn them off temporarily. This is generally good advice and good "continue to subscripe to my firewall/antivirus advertisement / fear factor type stuff."

Heck, some software still recommends you turn off the anti virus during the install--which I never do unless the software doesn't install properly after a couple of tries. It's getting to be a rarer occurrence that firewall/anitvirus programs cause issues but they still can cause issues, especially when the user unknowingly clicked some firewall/antivirus earlier caution notice or went experiencing with the firewall/antivirus settings. But improper/messed up firewalll settings sure can limit your browsing/downloading.

Nope, IMHO if you turn off your firewall/antivirus temporarily / for a few minutes your chances of your computer being attacked / infected / run over by a bus do not rise significantly. I've personally done it too many times and ain't been run over by the bus yet....maybe in the future...but not yet.

[Jiu-Jitsu]

Rather than messing around with it, I would suggest that you run a clean install. Copy your important data elsewhere and start again.

What is the make and model of your laptop?

Do you mean start from scratch? Unfortunately I don't have the MS XP software any more.

I have an acer - Aspire 5100. I've been very satisfied with it - in general it's not a bad laptop even though many speak badly about acer.

Thanks again for any info.

Don't worry, I can send you the OS disc for your laptop. All you need do is to remove your important data beforehand.

My girlfriend has a similar model, so the OS disc will work without any need for Activation.

You can get the necessary drivers from here

Let me know if you wish to take this course of action and we can get started.

Was it bought in Thailand or abroad? Does it have the Windows Certificate of Authenticity attached to the bottom of the laptop?

Once you've 'backed up' your info, it should take around an hour to complete the clean install and to reinstall the necessary drivers.

It's better than taking hours going through your system trying to eliminate the varied problems.

Your Laptop will be back to 'as new' performance.

Edited August 15, 2010 by Jiu-Jitsu

[siamect]

Your Laptop will be back to 'as new' performance.

This means you need to reinstall the rest of the software too...Like Antivirus, Office package and whatever more you have...

And then restore the data from you backup...

Martin

Edited August 15, 2010 by siamect

[rodcourt49]

try clearing the browser's cache

How do I do that? I'm not very computer savy... as you might have already guessed.

Home page..Tools..Internet Options..delete Temporary Internet Files, Cookies and History.

[djayz]

try clearing the browser's cache

How do I do that? I'm not very computer savy... as you might have already guessed.

Home page..Tools..Internet Options..delete Temporary Internet Files, Cookies and History.

Thanks... I knew that already, I just didn't know it was also called "clearning the browsers's cache"... I just knew it as "deleting the browser history".

Thanks again. I do "clear the browsers' cache" on a regular basis - but this doesn't appear to be the cause of any of my problems.

Re the other suggestions: the thoughts of having to reinstall EVERYTHING from scratch again is just annoying me... it takes hours and hours and hours...

I think I'll finish my bottle of Chang now and take care of the back ups tomorrow...

Thanks again for the tips - I was hoping there'd be a "quick 'n' easy" solution...

[Jiu-Jitsu]

try clearing the browser's cache

How do I do that? I'm not very computer savy... as you might have already guessed.

Home page..Tools..Internet Options..delete Temporary Internet Files, Cookies and History.

Thanks... I knew that already, I just didn't know it was also called "clearning the browsers's cache"... I just knew it as "deleting the browser history".

Thanks again. I do "clear the browsers' cache" on a regular basis - but this doesn't appear to be the cause of any of my problems.

Re the other suggestions: the thoughts of having to reinstall EVERYTHING from scratch again is just annoying me... it takes hours and hours and hours...

I think I'll finish my bottle of Chang now and take care of the back ups tomorrow...

Thanks again for the tips - I was hoping there'd be a "quick 'n' easy" solution...

That is the quick and easy solution.

But if you prefer to do it the other way, you can start with doing a Malware scan.

Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer.

After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here. Run a Full Scan. Post the log if anything found.

Next, download, install and run the HijackThis Version 2.0.3 installer and use the Quick Start guide to enable you to produce a log for posting here too.

Onc

[siamect]

That is the quick and easy solution.

But if you prefer to do it the other way, you can start with doing a Malware scan.

Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer.

After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here. Run a Full Scan. Post the log if anything found.

Next, download, install and run the HijackThis Version 2.0.3 installer and use the Quick Start guide to enable you to produce a log for posting here too.

Onc

There is a quicker and easier one and that is Gnu/Linux.... fully functional after maybe 30 minutes if you use an easy distro... but take a backup of your data first.

Martin

Edited August 18, 2010 by siamect

[djayz]

That is the quick and easy solution.

But if you prefer to do it the other way, you can start with doing a Malware scan.

Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer.

After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here. Run a Full Scan. Post the log if anything found.

Next, download, install and run the HijackThis Version 2.0.3 installer and use the Quick Start guide to enable you to produce a log for posting here too.

Onc

Hello Onc, I finally got around to downloading and running the suggested Malwarebytes software. As requested, here's a copy of todays log:

Malwarebytes' Anti-Malware 1.46

Database version: 4493

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

28.08.2010 20:59:33

mbam-log-2010-08-28 (20-59-33).txt

Scan type: Full scan (C:\|D:\|)

Objects scanned: 228902

Time elapsed: 2 hour(s), 37 minute(s), 48 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 14

Registry Values Infected: 7

Registry Data Items Infected: 6

Folders Infected: 1

Files Infected: 8

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{fa29a810-4e30-4c71-bc79-38335f93426b} (Password.Stealer) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{996d4e16-517f-474a-870f-f882c6133c47} (Password.Stealer) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fa29a810-4e30-4c71-bc79-38335f93426b} (Password.Stealer) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{996d4e16-517f-474a-870f-f882c6133c47} (Password.Stealer) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fa29a810-4e30-4c71-bc79-38335f93426b} (Password.Stealer) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{996d4e16-517f-474a-870f-f882c6133c47} (Password.Stealer) -> Quarantined and deleted successfully.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\glaide32 (Rootkit.Rustock) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MSN\bn (Trojan.Ambler) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MSN\d1 (Trojan.Ambler) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MSN\d2 (Trojan.Ambler) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MSN\d3 (Trojan.Ambler) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MSN\gd (Trojan.Ambler) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MSN\pr (Trojan.Ambler) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:

C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

Files Infected:

C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully.

C:\Dokumente und Einstellungen\me\Anwendungsdaten\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\c2d.dat (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ck.dat (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\idm.dat (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jc.dat (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\q1.dat (Malware.Trace) -> Quarantined and deleted successfully.

I'll now run the Hijack software. What's the next step?

I want to thank you and the others for taking the time to guide me through all of this. I really do appreciate it!

Best regards

[djayz]

Rather than messing around with it, I would suggest that you run a clean install. Copy your important data elsewhere and start again.

What is the make and model of your laptop?

Do you mean start from scratch? Unfortunately I don't have the MS XP software any more.

I have an acer - Aspire 5100. I've been very satisfied with it - in general it's not a bad laptop even though many speak badly about acer.

Thanks again for any info.

Don't worry, I can send you the OS disc for your laptop. All you need do is to remove your important data beforehand.

My girlfriend has a similar model, so the OS disc will work without any need for Activation.

You can get the necessary drivers from here

Let me know if you wish to take this course of action and we can get started.

Was it bought in Thailand or abroad? Does it have the Windows Certificate of Authenticity attached to the bottom of the laptop?

Once you've 'backed up' your info, it should take around an hour to complete the clean install and to reinstall the necessary drivers.

It's better than taking hours going through your system trying to eliminate the varied problems.

Your Laptop will be back to 'as new' performance.

Hello Jiu Jitsu, thanks for the help. The laptop was purchased about 4-5 years ago in Germany and yes, it has the MS certificate of authenticity attached to it. In your previous message you offered to send me the OS disc... is that offer still good? I am determined to fix this once and for all... I have copied all important files, software, etc. to an external hard drive.

Best regards

Edited August 28, 2010 by djayz

[djayz]

That is the quick and easy solution.

But if you prefer to do it the other way, you can start with doing a Malware scan.

Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer.

After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here. Run a Full Scan. Post the log if anything found.

Next, download, install and run the HijackThis Version 2.0.3 installer and use the Quick Start guide to enable you to produce a log for posting here too.

Onc

Hello again Onc, here is a copy of the log file from Hijack This (version 2.0.4). Best regards and have a good weekend.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:05:56, on 28.08.2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Programme\BitDefender\BitDefender 2009\vsserv.exe

C:\WINDOWS\System32\svchost.exe

C:\Programme\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe

C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Programme\Bonjour\mDNSResponder.exe

C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\Programme\ATI Technologies\ATI.ACE\cli.exe

C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Programme\Synaptics\SynTP\SynTPEnh.exe

C:\PROGRA~1\LAUNCH~1\LManager.exe

C:\Acer\Empowering Technology\eRecovery\eRAgent.exe

C:\Programme\BitDefender\BitDefender 2009\bdagent.exe

C:\Programme\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Programme\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programme\Windows Live\Messenger\msnmsgr.exe

C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe

C:\Programme\Windows Desktop Search\WindowsSearch.exe

C:\Programme\BitDefender\BitDefender 2009\seccenter.exe

C:\Programme\iPod\bin\iPodService.exe

C:\Programme\ATI Technologies\ATI.ACE\cli.exe

C:\Programme\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\System32\svchost.exe

C:\Programme\Yahoo!\Messenger\ymsgr_tray.exe

C:\Programme\Internet Explorer\iexplore.exe

C:\Programme\Windows Live\Toolbar\wltuser.exe

C:\Programme\Internet Explorer\iexplore.exe

C:\Programme\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\msiexec.exe

C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.timeanddate.com/counters/customcounter.html?day=25&month=12&year=2009&hour=18&min=00&sec=&p0=28

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {80010030-0911-00E6-1467-99ca3230262a} - C:\Programme\Common Files\System\kbdiis.dll

O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN\Toolbar\3.0.1203.0\msneshellx.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2009\IEToolbar.dll

O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Programme\MSN\Toolbar\3.0.1203.0\msneshellx.dll

O3 - Toolbar: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll

O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe

O4 - HKLM\..\Run: [startupDelayer] "C:\Programme\r2 Studios\Startup Delayer\Startup Launcher GUI.exe"

O4 - HKLM\..\Run: [bDAgent] "C:\Programme\BitDefender\BitDefender 2009\bdagent.exe"

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Programme\BitDefender\BitDefender 2009\IEShow.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)

O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://jamestemp.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://jamestemp.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab

O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

O18 - Protocol: toolbarchrome - {718733BC-AD64-4E5F-AC18-A85FBD75D54D} - C:\Programme\RadioBar\toolbar.ni.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe

O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Programme\BitDefender\BitDefender 2009\vsserv.exe

O24 - Desktop Component 0: (no name) - http://www.thailovelinks.com/memphoto/Photo1/Big/224187.jpg

--

End of file - 13493 bytes

[Jiu-Jitsu]

Ok, have just seen your PM.

No problem, I can get the disc to you if you are happy to run a clean install.

In the meanwhile, perhaps you can run new scans and produce new logs.

Before you do so....

On the Tools menu in Internet Explorer, click Internet Options, click the Connections tab, and then click LAN Settings.

Under Proxy server, make sure that Use a proxy server for your LAN remains un-ticked.

You can also use Hijack This to tick and fix this: R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

You can also use this HOSTS file[right-click - Select: Save Target As] and save it to your Desktop. Extract the contents to a folder and double click on the mvps.bat file.

That will block a lot of unwanted advertisements and various parasites from connecting with your computer.

Once you have done this you can proceed with the scans and the new logs.