djayz Posted August 15, 2010 Share Posted August 15, 2010 (edited) I have a couple of different problems with my laptop and have finally gotten around to asking for help in solving these. Problem # 1: I cannot upload files or photos using my hotmail account. I can upload to facebook, but not to hotmail. Problem # 2: I cannot download files, photos or software. For example: I just tried to download CCleaner today but could not. When I click on "download" a new window (download) opens but closes again within a second - before I have time to click on "download/save as": It's the same for every photo, file or software I try to download. Problem # 3: When I'm online, the tabs are constantly "connecting". I'll be in the middle of writing/reading an e-mail for example, and the tab will reconnect. This usually only happens when I use hotmail or facebook (occassionally when I use online banking, but very seldom). I didn't always have these problems - they just "crept" in with time. The laptop is about 4 - 5 years old and I'm using Windows XP. I don't download games or anything like that, but I do want to download the odd programme (eg. CCleaner) or upload the odd file (e.g my curriculum vitae). I currently use BitDefender Antivirus and Firewall. I cannot determine if this is causing the upload/download problem as described in problem # 2. What is wrong and how can I fix these problems? Thanking you all in advance for any advice or help you might be able to give me. Best regards Edited August 15, 2010 by djayz Link to comment Share on other sites More sharing options...
filingaccount Posted August 15, 2010 Share Posted August 15, 2010 Start by temporarily disabling BitDefender, and try to download/upload again. 1 Link to comment Share on other sites More sharing options...
sulasno Posted August 15, 2010 Share Posted August 15, 2010 try clearing the browser's cache Link to comment Share on other sites More sharing options...
Pib Posted August 15, 2010 Share Posted August 15, 2010 Start by temporarily disabling BitDefender, and try to download/upload again. This would be my first step. Could easily be firewall/antivirus settings. Link to comment Share on other sites More sharing options...
djayz Posted August 15, 2010 Author Share Posted August 15, 2010 try clearing the browser's cache How do I do that? I'm not very computer savy... as you might have already guessed. Link to comment Share on other sites More sharing options...
Jiu-Jitsu Posted August 15, 2010 Share Posted August 15, 2010 Rather than messing around with it, I would suggest that you run a clean install. Copy your important data elsewhere and start again. What is the make and model of your laptop? Link to comment Share on other sites More sharing options...
djayz Posted August 15, 2010 Author Share Posted August 15, 2010 Rather than messing around with it, I would suggest that you run a clean install. Copy your important data elsewhere and start again. What is the make and model of your laptop? Do you mean start from scratch? Unfortunately I don't have the MS XP software any more. I have an acer - Aspire 5100. I've been very satisified with it - in general it's not a bad laptop even though many speak badly about acer. Thanks again for any info. Link to comment Share on other sites More sharing options...
siamect Posted August 15, 2010 Share Posted August 15, 2010 (edited) First thing.... Do you have a backup of your data? You should take a backup before you do anything else. After that you can basically do anything you like, but I would probably do a clean install as suggestedbefore in this thread. You computer cannot be trusted. The last thing I would do in this case is to disable any antivirus or firwall as someone suggested. There is a chance that this problem is caused by some malware and there is a huge chance that that malware is not the only malware you have. By disabling anything you give this malware full potential to infect, spread or cause other problems.... Martin Now, let's see how long time it takes before anyone say I' wrong.... Edited August 15, 2010 by siamect Link to comment Share on other sites More sharing options...
Pib Posted August 15, 2010 Share Posted August 15, 2010 Not too long. If the firewall/antivirus didn't catch stop/catch a virus while turned on then turning it off temporarily (a few minutes) to see if things work right probably ain't going to hurt anything based on how the OP decribed the type of problem he's having. I haven't had any issues with my Norton 360 causing any problems like the OP has, but I have had other firewall/antivirus programs in the past which did...somehow the firewall/antivirus (usually the firewall) settings just prevented a certain site/functions from working properly until I got them reset right. I do whole heartly agree "a person needs backups!!!!!....just too many computer problems (like hard drive failures) can take you back to ground zero. And sure hope the OP don't jump over the clip and do a Clean install (i.e., Format C) which is the same as going back to ground zero. Cheers. Link to comment Share on other sites More sharing options...
siamect Posted August 15, 2010 Share Posted August 15, 2010 (edited) ... probably ain't going to hurt anything I fully agree the it is "probably" not dangerous, but when you give advice in a forum and all the world can read it, I think that is not good enough. Martin Edited August 15, 2010 by siamect Link to comment Share on other sites More sharing options...
Pib Posted August 15, 2010 Share Posted August 15, 2010 All firewall / anti virusprograms I know of allow themselves to be temporarily turned off because sometimes they can cause computer problems if the settings get messed up. Of course they will follow-up with a warning of death and destruction...do you really want to do this notice asking if you really want to turn them off temporarily. This is generally good advice and good "continue to subscripe to my firewall/antivirus advertisement / fear factor type stuff." Heck, some software still recommends you turn off the anti virus during the install--which I never do unless the software doesn't install properly after a couple of tries. It's getting to be a rarer occurrence that firewall/anitvirus programs cause issues but they still can cause issues, especially when the user unknowingly clicked some firewall/antivirus earlier caution notice or went experiencing with the firewall/antivirus settings. But improper/messed up firewalll settings sure can limit your browsing/downloading. Nope, IMHO if you turn off your firewall/antivirus temporarily / for a few minutes your chances of your computer being attacked / infected / run over by a bus do not rise significantly. I've personally done it too many times and ain't been run over by the bus yet....maybe in the future...but not yet. Link to comment Share on other sites More sharing options...
Jiu-Jitsu Posted August 15, 2010 Share Posted August 15, 2010 (edited) Rather than messing around with it, I would suggest that you run a clean install. Copy your important data elsewhere and start again. What is the make and model of your laptop? Do you mean start from scratch? Unfortunately I don't have the MS XP software any more. I have an acer - Aspire 5100. I've been very satisfied with it - in general it's not a bad laptop even though many speak badly about acer. Thanks again for any info. Don't worry, I can send you the OS disc for your laptop. All you need do is to remove your important data beforehand. My girlfriend has a similar model, so the OS disc will work without any need for Activation. You can get the necessary drivers from here Let me know if you wish to take this course of action and we can get started. Was it bought in Thailand or abroad? Does it have the Windows Certificate of Authenticity attached to the bottom of the laptop? Once you've 'backed up' your info, it should take around an hour to complete the clean install and to reinstall the necessary drivers. It's better than taking hours going through your system trying to eliminate the varied problems. Your Laptop will be back to 'as new' performance. Edited August 15, 2010 by Jiu-Jitsu Link to comment Share on other sites More sharing options...
siamect Posted August 15, 2010 Share Posted August 15, 2010 (edited) Your Laptop will be back to 'as new' performance. This means you need to reinstall the rest of the software too...Like Antivirus, Office package and whatever more you have... And then restore the data from you backup... Martin Edited August 15, 2010 by siamect Link to comment Share on other sites More sharing options...
rodcourt49 Posted August 15, 2010 Share Posted August 15, 2010 try clearing the browser's cache How do I do that? I'm not very computer savy... as you might have already guessed. Home page..Tools..Internet Options..delete Temporary Internet Files, Cookies and History. Link to comment Share on other sites More sharing options...
djayz Posted August 17, 2010 Author Share Posted August 17, 2010 try clearing the browser's cache How do I do that? I'm not very computer savy... as you might have already guessed. Home page..Tools..Internet Options..delete Temporary Internet Files, Cookies and History. Thanks... I knew that already, I just didn't know it was also called "clearning the browsers's cache"... I just knew it as "deleting the browser history". Thanks again. I do "clear the browsers' cache" on a regular basis - but this doesn't appear to be the cause of any of my problems. Re the other suggestions: the thoughts of having to reinstall EVERYTHING from scratch again is just annoying me... it takes hours and hours and hours... I think I'll finish my bottle of Chang now and take care of the back ups tomorrow... Thanks again for the tips - I was hoping there'd be a "quick 'n' easy" solution... Link to comment Share on other sites More sharing options...
Jiu-Jitsu Posted August 17, 2010 Share Posted August 17, 2010 try clearing the browser's cache How do I do that? I'm not very computer savy... as you might have already guessed. Home page..Tools..Internet Options..delete Temporary Internet Files, Cookies and History. Thanks... I knew that already, I just didn't know it was also called "clearning the browsers's cache"... I just knew it as "deleting the browser history". Thanks again. I do "clear the browsers' cache" on a regular basis - but this doesn't appear to be the cause of any of my problems. Re the other suggestions: the thoughts of having to reinstall EVERYTHING from scratch again is just annoying me... it takes hours and hours and hours... I think I'll finish my bottle of Chang now and take care of the back ups tomorrow... Thanks again for the tips - I was hoping there'd be a "quick 'n' easy" solution... That is the quick and easy solution. But if you prefer to do it the other way, you can start with doing a Malware scan. Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer. After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here. Run a Full Scan. Post the log if anything found. Next, download, install and run the HijackThis Version 2.0.3 installer and use the Quick Start guide to enable you to produce a log for posting here too. Onc Link to comment Share on other sites More sharing options...
siamect Posted August 18, 2010 Share Posted August 18, 2010 (edited) That is the quick and easy solution. But if you prefer to do it the other way, you can start with doing a Malware scan. Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer. After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here. Run a Full Scan. Post the log if anything found. Next, download, install and run the HijackThis Version 2.0.3 installer and use the Quick Start guide to enable you to produce a log for posting here too. Onc There is a quicker and easier one and that is Gnu/Linux.... fully functional after maybe 30 minutes if you use an easy distro... but take a backup of your data first. Martin Edited August 18, 2010 by siamect Link to comment Share on other sites More sharing options...
djayz Posted August 28, 2010 Author Share Posted August 28, 2010 That is the quick and easy solution. But if you prefer to do it the other way, you can start with doing a Malware scan. Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer. After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here. Run a Full Scan. Post the log if anything found. Next, download, install and run the HijackThis Version 2.0.3 installer and use the Quick Start guide to enable you to produce a log for posting here too. Onc Hello Onc, I finally got around to downloading and running the suggested Malwarebytes software. As requested, here's a copy of todays log: Malwarebytes' Anti-Malware 1.46 Database version: 4493 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 28.08.2010 20:59:33 mbam-log-2010-08-28 (20-59-33).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 228902 Time elapsed: 2 hour(s), 37 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 14 Registry Values Infected: 7 Registry Data Items Infected: 6 Folders Infected: 1 Files Infected: 8 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{fa29a810-4e30-4c71-bc79-38335f93426b} (Password.Stealer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{996d4e16-517f-474a-870f-f882c6133c47} (Password.Stealer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fa29a810-4e30-4c71-bc79-38335f93426b} (Password.Stealer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{996d4e16-517f-474a-870f-f882c6133c47} (Password.Stealer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fa29a810-4e30-4c71-bc79-38335f93426b} (Password.Stealer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{996d4e16-517f-474a-870f-f882c6133c47} (Password.Stealer) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\glaide32 (Rootkit.Rustock) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MSN\bn (Trojan.Ambler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MSN\d1 (Trojan.Ambler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MSN\d2 (Trojan.Ambler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MSN\d3 (Trojan.Ambler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MSN\gd (Trojan.Ambler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MSN\pr (Trojan.Ambler) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully. Folders Infected: C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully. Files Infected: C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\me\Anwendungsdaten\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\c2d.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ck.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\idm.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jc.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\q1.dat (Malware.Trace) -> Quarantined and deleted successfully. I'll now run the Hijack software. What's the next step? I want to thank you and the others for taking the time to guide me through all of this. I really do appreciate it! Best regards Link to comment Share on other sites More sharing options...
djayz Posted August 28, 2010 Author Share Posted August 28, 2010 (edited) Rather than messing around with it, I would suggest that you run a clean install. Copy your important data elsewhere and start again. What is the make and model of your laptop? Do you mean start from scratch? Unfortunately I don't have the MS XP software any more. I have an acer - Aspire 5100. I've been very satisfied with it - in general it's not a bad laptop even though many speak badly about acer. Thanks again for any info. Don't worry, I can send you the OS disc for your laptop. All you need do is to remove your important data beforehand. My girlfriend has a similar model, so the OS disc will work without any need for Activation. You can get the necessary drivers from here Let me know if you wish to take this course of action and we can get started. Was it bought in Thailand or abroad? Does it have the Windows Certificate of Authenticity attached to the bottom of the laptop? Once you've 'backed up' your info, it should take around an hour to complete the clean install and to reinstall the necessary drivers. It's better than taking hours going through your system trying to eliminate the varied problems. Your Laptop will be back to 'as new' performance. Hello Jiu Jitsu, thanks for the help. The laptop was purchased about 4-5 years ago in Germany and yes, it has the MS certificate of authenticity attached to it. In your previous message you offered to send me the OS disc... is that offer still good? I am determined to fix this once and for all... I have copied all important files, software, etc. to an external hard drive. Best regards Edited August 28, 2010 by djayz Link to comment Share on other sites More sharing options...
djayz Posted August 28, 2010 Author Share Posted August 28, 2010 That is the quick and easy solution. But if you prefer to do it the other way, you can start with doing a Malware scan. Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer. After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here. Run a Full Scan. Post the log if anything found. Next, download, install and run the HijackThis Version 2.0.3 installer and use the Quick Start guide to enable you to produce a log for posting here too. Onc Hello again Onc, here is a copy of the log file from Hijack This (version 2.0.4). Best regards and have a good weekend. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:05:56, on 28.08.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Programme\BitDefender\BitDefender 2009\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\Programme\BitDefender\BitDefender 2009\bdagent.exe C:\Programme\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Programme\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Windows Live\Messenger\msnmsgr.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\Programme\Windows Desktop Search\WindowsSearch.exe C:\Programme\BitDefender\BitDefender 2009\seccenter.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Yahoo!\Messenger\ymsgr_tray.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Windows Live\Toolbar\wltuser.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.timeanddate.com/counters/customcounter.html?day=25&month=12&year=2009&hour=18&min=00&sec=&p0=28 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {80010030-0911-00E6-1467-99ca3230262a} - C:\Programme\Common Files\System\kbdiis.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN\Toolbar\3.0.1203.0\msneshellx.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2009\IEToolbar.dll O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Programme\MSN\Toolbar\3.0.1203.0\msneshellx.dll O3 - Toolbar: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [startupDelayer] "C:\Programme\r2 Studios\Startup Delayer\Startup Launcher GUI.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Programme\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Programme\BitDefender\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://jamestemp.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://jamestemp.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: toolbarchrome - {718733BC-AD64-4E5F-AC18-A85FBD75D54D} - C:\Programme\RadioBar\toolbar.ni.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Programme\BitDefender\BitDefender 2009\vsserv.exe O24 - Desktop Component 0: (no name) - http://www.thailovelinks.com/memphoto/Photo1/Big/224187.jpg -- End of file - 13493 bytes Link to comment Share on other sites More sharing options...
Jiu-Jitsu Posted September 27, 2010 Share Posted September 27, 2010 Ok, have just seen your PM. No problem, I can get the disc to you if you are happy to run a clean install. In the meanwhile, perhaps you can run new scans and produce new logs. Before you do so.... On the Tools menu in Internet Explorer, click Internet Options, click the Connections tab, and then click LAN Settings. Under Proxy server, make sure that Use a proxy server for your LAN remains un-ticked. You can also use Hijack This to tick and fix this: R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local You can also use this HOSTS file[right-click - Select: Save Target As] and save it to your Desktop. Extract the contents to a folder and double click on the mvps.bat file. That will block a lot of unwanted advertisements and various parasites from connecting with your computer. Once you have done this you can proceed with the scans and the new logs. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now