Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows Security Center can't be started because of virus/malware

12 Feb 2013   #101

Windows 7 Ultimate, 32bit
 
 

cottonball, the avast! problem was solved by using the command prompt no need to reinstall it


My System SpecsSystem Spec
.

12 Feb 2013   #102

Windows 7 Home Premium
 
 

Crumble,

Good job!! You done goood!!


Did you use the instructions to repair the WMI Repository??
My System SpecsSystem Spec
13 Feb 2013   #103

Windows 7 Ultimate, 32bit
 
 

Yes, that's exactly what I did Glad it worked!
I hope my computer is virus/malware free now? Or do you think we need to take som last check-ups?
My System SpecsSystem Spec
.


13 Feb 2013   #104

Windows 7 Home Premium
 
 

Let's do a couple of things, although we are almost there, but, before we wrap up...

Please download OTL from one of the links below:
http://oldtimer.geekstogo.com/OTL.exe
http://oldtimer.geekstogo.com/OTL.com (renamed version)
Save the program to the Desktop.

Right-click and select 'Run as Administrator'
In the OTL progeram console, click the Scan All Users checkbox.

Press the Run Scan button.

Two reports appear:
OTL.txt <-- Opened on the Desktop
Extra.txt <-- Minimized on the TaskBar

Please attach the OTL.txt and Extra.txt reports in your reply.


Next, also download Security Check:
http://screen317.spywareinfoforum.org/SecurityCheck.exe
Save to the Desktop.

Double-click SecurityCheck.exe and follow the onscreen instructions (on the black screen)

When done, a Notepad document opens automatically: checkup.txt
P
lease post the contents of checkup.txt in your reply.
My System SpecsSystem Spec
14 Feb 2013   #105

Windows 7 Ultimate, 32bit
 
 

Great

OTL.txt

OTL logfile created on: 14.02.2013 04:20:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\siri1802\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy

1,96 Gb Total Physical Memory | 0,50 Gb Available Physical Memory | 25,60% Memory free
3,91 Gb Paging File | 1,93 Gb Available in Paging File | 49,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,24 Gb Total Space | 15,92 Gb Free Space | 21,45% Space Free | Partition Type: NTFS

Computer Name: SIRIS-PC | User Name: siri1802 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.02.14 04:15:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\siri1802\Downloads\OTL.exe
PRC - [2013.01.26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Programfiler\Google\Chrome\Application\chrome.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programfiler\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programfiler\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programfiler\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programfiler\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programfiler\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.10.14 07:16:30 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Windows Media Player\wmpnetwk.exe
PRC - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2009.07.14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2007.02.06 10:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE


========== Modules (No Company Name) ==========

MOD - [2013.02.08 18:15:17 | 012,459,888 | ---- | M] () -- C:\Users\siri1802\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Programfiler\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll
MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Programfiler\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013.01.26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Programfiler\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013.01.26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Programfiler\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Programfiler\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2012.08.27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Programfiler\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Programfiler\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.03.16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Programfiler\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV - [2013.02.08 06:32:17 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.19 17:36:31 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programfiler\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programfiler\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programfiler\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programfiler\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programfiler\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.14 07:16:30 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet)
SRV - [2012.09.20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.05.20 12:16:20 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programfiler\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programfiler\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 20:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programfiler\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programfiler\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.02.06 10:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\siri1802\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.10.15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2010.11.20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.16 01:45:44 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2010.01.26 16:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.12.03 15:48:44 | 000,625,224 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009.07.08 12:48:38 | 000,025,656 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2009.07.08 12:48:22 | 000,033,848 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2009.06.25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009.04.20 07:38:54 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.12.01 21:14:34 | 004,179,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nb-NO
IE - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 45 BA ED B9 3B 9A CD 01 [binary data]
IE - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B99079a25-328f-4bd4-be04-00955acaa0a7%7D:4.6.1.01
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.9.0.0
FF - prefs.js..extensions.enabledAddons: %7B5ddeb737-082c-48fb-8c06-aa4b38d61e5f%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bb6ac5e3c-5ceb-4e72-b451-f0e1ba983c14%7D:10.13.40.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found
My System SpecsSystem Spec
14 Feb 2013   #106

Windows 7 Ultimate, 32bit
 
 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.02.01 04:44:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.19 17:36:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.19 17:35:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.19 17:36:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.19 17:35:50 | 000,000,000 | ---D | M]

[2012.09.25 09:35:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\siri1802\AppData\Roaming\mozilla\Extensions
[2013.01.25 16:36:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\siri1802\AppData\Roaming\mozilla\Firefox\Profiles\3pt7z1m9.default\extensions
[2013.01.25 16:36:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\siri1802\AppData\Roaming\mozilla\Firefox\Profiles\3pt7z1m9.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
[2013.01.18 10:40:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\siri1802\AppData\Roaming\mozilla\Firefox\Profiles\3pt7z1m9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.10.30 09:45:21 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\siri1802\AppData\Roaming\mozilla\firefox\profiles\3pt7z1m9.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.01.19 17:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programfiler\Mozilla Firefox\extensions
[2013.01.19 17:35:48 | 000,000,000 | ---D | M] ("BitAccelerator") -- C:\Programfiler\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
[2013.01.19 17:35:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programfiler\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.01.19 17:35:48 | 000,000,000 | ---D | M] ("BitAccelerator") -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{5DDEB737-082C-48FB-8C06-AA4B38D61E5F}
File not found (No name found) -- C:\USERS\SIRI1802\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3PT7Z1M9.DEFAULT\EXTENSIONS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
File not found (No name found) -- C:\USERS\SIRI1802\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3PT7Z1M9.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
File not found (No name found) -- C:\USERS\SIRI1802\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3PT7Z1M9.DEFAULT\EXTENSIONS\PLUGIN@YONTOO .COM
[2013.01.19 17:36:32 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.06 02:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.30 06:36:50 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryF orSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputE ncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searc hTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\siri1802\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: BitTorrentControl_v12 = C:\Users\siri1802\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.19.11_0\
CHR - Extension: avast! WebRep = C:\Users\siri1802\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: BitTorrentControl_v12 = C:\Users\siri1802\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.19.11_0\
CHR - Extension: avast! WebRep = C:\Users\siri1802\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

O1 HOSTS File: ([2013.02.04 07:38:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programfiler\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programfiler\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programfiler\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programfiler\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&ksporter til Microsoft Excel - C:\Programfiler\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd til OneNote - C:\Programfiler\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programfiler\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programfiler\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Koblede OneNote-notater - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programfiler\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Koblede OneNote-notater - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programfiler\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programfiler\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.11.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F987F6BE-186B-4F9A-842A-C13490B68D4D}: DhcpNameServer = 192.168.11.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programfiler\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programfiler\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programfiler\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programfiler\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========
My System SpecsSystem Spec
14 Feb 2013   #107

Windows 7 Ultimate, 32bit
 
 

[2013.02.12 08:28:29 | 000,048,128 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2013.02.12 08:28:28 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013.02.12 08:24:45 | 000,000,000 | ---D | C] -- C:\dell
[2013.02.12 08:12:46 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.02.04 07:44:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.04 07:44:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.01 06:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.02.01 04:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.02.01 04:45:50 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.02.01 04:45:49 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.02.01 04:45:41 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013.02.01 04:45:40 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.02.01 04:45:38 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.02.01 04:45:32 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.02.01 04:44:02 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.02.01 04:44:01 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.02.01 04:43:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.02.01 04:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.01.31 08:12:38 | 000,000,000 | ---D | C] -- C:\FRST
[2013.01.31 08:01:33 | 000,909,576 | ---- | C] (Farbar) -- C:\FRST.exe
[2013.01.30 05:26:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.01.28 04:45:59 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013.01.28 04:43:52 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2013.01.28 04:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013.01.28 04:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2013.01.25 11:52:54 | 000,000,000 | ---D | C] -- C:\Users\siri1802\Documents\Gitar-noter
[2013.01.25 10:24:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.25 10:24:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.25 10:24:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.25 10:16:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.25 10:15:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.25 10:11:54 | 000,000,000 | ---D | C] -- C:\Users\siri1802\Desktop\RK_Quarantine
[2013.01.23 07:30:07 | 000,000,000 | ---D | C] -- C:\Users\siri1802\Documents\Artikler fra Marit
[2013.01.22 04:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.01.22 04:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.01.22 04:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.01.22 04:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.01.19 17:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.01.19 12:48:04 | 000,000,000 | ---D | C] -- C:\Users\siri1802\AppData\Roaming\Malwarebytes
[2013.01.19 12:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.19 12:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.19 12:47:56 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.19 12:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.19 12:39:13 | 000,000,000 | ---D | C] -- C:\Users\siri1802\AppData\Local\Programs
[2013.01.19 07:28:57 | 000,000,000 | ---D | C] -- C:\Users\siri1802\Documents\Outlook-filer
[2013.01.18 10:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.01.18 10:09:31 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.01.18 10:08:41 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.18 10:08:41 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.18 10:08:41 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.16 11:17:23 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013.01.16 05:00:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache

========== Files - Modified Within 30 Days ==========

[2013.02.14 03:48:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.14 03:48:17 | 000,000,980 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.14 03:48:11 | 000,000,984 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.14 03:47:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.14 03:47:37 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2013.02.13 08:04:41 | 000,000,133 | RHS- | M] () -- C:\ProgramData\3002.xml
[2013.02.13 04:10:19 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.13 04:10:19 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.13 03:58:10 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2013.02.13 03:57:52 | 1575,354,368 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.12 06:03:44 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.02.12 06:03:38 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.02.11 09:39:52 | 000,027,973 | ---- | M] () -- C:\Users\siri1802\Desktop\TheVaDinciCod (1).jpg
[2013.02.08 06:32:14 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.08 06:32:14 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.06 06:07:47 | 000,011,904 | RHS- | M] () -- C:\ProgramData\3002.abs
[2013.02.04 07:38:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.02.02 20:22:16 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.02 20:22:16 | 000,456,744 | ---- | M] () -- C:\Windows\System32\perfh014.dat
[2013.02.02 20:22:16 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.02 20:22:16 | 000,077,218 | ---- | M] () -- C:\Windows\System32\perfc014.dat
[2013.02.01 08:18:17 | 000,086,692 | ---- | M] () -- C:\Users\siri1802\Desktop\1.png
[2013.01.31 08:18:41 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.dll
[2013.01.31 08:02:05 | 000,909,576 | ---- | M] (Farbar) -- C:\FRST.exe
[2013.01.31 05:00:06 | 000,143,384 | ---- | M] () -- C:\Users\siri1802\Desktop\Uten navn.png
[2013.01.28 04:50:10 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013.01.28 04:43:45 | 000,002,244 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013.01.28 04:11:22 | 000,005,522 | ---- | M] () -- C:\backup.reg
[2013.01.25 16:59:47 | 000,002,115 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.22 04:23:52 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.19 12:47:58 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.18 10:08:28 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.18 10:08:23 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.01.18 10:08:23 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.18 10:08:22 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.18 10:08:19 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2013.01.18 10:08:19 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

========== Files Created - No Company Name ==========

[2013.02.11 09:39:45 | 000,027,973 | ---- | C] () -- C:\Users\siri1802\Desktop\TheVaDinciCod (1).jpg
[2013.02.06 06:07:56 | 000,000,133 | RHS- | C] () -- C:\ProgramData\3002.xml
[2013.02.06 06:07:47 | 000,011,904 | RHS- | C] () -- C:\ProgramData\3002.abs
[2013.02.01 08:18:15 | 000,086,692 | ---- | C] () -- C:\Users\siri1802\Desktop\1.png
[2013.02.01 04:45:51 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.31 05:00:05 | 000,143,384 | ---- | C] () -- C:\Users\siri1802\Desktop\Uten navn.png
[2013.01.28 04:43:45 | 000,002,244 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013.01.28 03:57:31 | 000,005,522 | ---- | C] () -- C:\backup.reg
[2013.01.25 10:24:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.25 10:24:13 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.25 10:24:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.25 10:24:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.25 10:24:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.22 04:23:52 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.19 12:47:58 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.30 16:21:52 | 000,007,605 | ---- | C] () -- C:\Users\siri1802\AppData\Local\Resmon.ResmonCfg
[2012.09.24 10:52:13 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2012.09.24 10:51:32 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.exe
[2011.05.23 10:15:43 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini
[2011.05.20 11:30:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
My System SpecsSystem Spec
14 Feb 2013   #108

Windows 7 Ultimate, 32bit
 
 

Extras.txt:

OTL Extras logfile created on: 14.02.2013 04:20:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\siri1802\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy

1,96 Gb Total Physical Memory | 0,50 Gb Available Physical Memory | 25,60% Memory free
3,91 Gb Paging File | 1,93 Gb Available in Paging File | 49,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,24 Gb Total Space | 15,92 Gb Free Space | 21,45% Space Free | Partition Type: NTFS

Computer Name: SIRIS-PC | User Name: siri1802 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4278792135-2590523476-2833556063-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOVIEW] -- "C:\Program Files\CEWE COLOR\Min CEWE FOTOVERDEN\CEWE FOTOVIEW.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Min CEWE FOTOVERDEN] -- "C:\Program Files\CEWE COLOR\Min CEWE FOTOVERDEN\Min CEWE FOTOVERDEN.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"C:\32788R22FWJFW\EN-US\iexplore.exe" = C:\32788R22FWJFW\EN-US\iexplore.exe:*:Enabled:ipsec
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe:*:Enabled:ipsec -- (Synaptics Incorporated)
"C:\Windows\system32\Dwm.exe" = C:\Windows\system32\Dwm.exe:*:Enabled:ipsec -- (Microsoft Corporation)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{01671467-7DE9-43CC-BEED-72936BC448EA}" = rport=139 | protocol=6 | dir=out | app=system |
"{1BAA0A1D-1C7D-4E20-9248-2B34CC06CE9C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{24305E62-AF4C-4A2D-8A9A-0E85C85352D0}" = rport=138 | protocol=17 | dir=out | app=system |
"{37FEF54B-6DF9-4E49-B265-840BEC50AE02}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{3860B35E-F71E-43F8-A899-369BC16A7B82}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41FF84C6-3F6B-4F8A-A779-64FA293B815C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{44F14546-BFB9-464F-ADC5-A56FF9D907A8}" = lport=48517 | protocol=6 | dir=in | name=windows core service |
"{4BC40200-5548-4A53-9FFB-0ACB49452179}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C14B4AD-7782-4B7E-90F7-4BAFE68DCFFB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4FDF81AC-FBBF-4528-B1AC-172413FE177D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{72A0A492-8A1F-464A-9271-5986D44D6582}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{802F7130-12C6-4151-9FB5-5714FE672F96}" = lport=139 | protocol=6 | dir=in | app=system |
"{852978EE-EC29-4EFD-884C-B818F1E6B66D}" = lport=138 | protocol=17 | dir=in | app=system |
"{8E76A9DA-3EA3-4A01-BEB6-5EAA4A50BE20}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A0FE981F-98D4-4779-8A25-482AB64C56A4}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{A310EE2D-5115-445D-ABDF-9A4692381964}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B4D017EA-A540-4BAC-B199-504D4B0ECDDB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C2EEB2BA-66C7-4707-8414-5EA900C44C1D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{C46B3BDA-B6FF-448C-A38A-B482375DD455}" = lport=445 | protocol=6 | dir=in | app=system |
"{C87E51DE-EEEC-4F44-95E5-33C2E3FCB8B9}" = lport=137 | protocol=17 | dir=in | app=system |
"{CBCF4DA6-7544-4A13-873C-24376D208647}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF547739-842E-4A1A-AA55-A3C69706ED3E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D2E80C4B-B929-40D4-B1D9-217BF5A473DA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E526E731-98DC-4481-A103-159C13B54956}" = rport=445 | protocol=6 | dir=out | app=system |
"{FDD4B439-E821-4B05-9654-2775F2CF2E71}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{05C7C493-29F0-4E79-805B-B02FA18BCC67}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{0ED9A8F3-FD9F-4B65-BC9E-1ECC9CB598E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14E6DE12-74AB-4D59-BA7E-C88AF7AD0D71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{19227BA6-939C-405A-BE46-48B99F60FA69}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{200691E5-52A0-4545-9A9F-BDC16FCAF54E}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{22C8BE43-0B2D-4688-A198-8D9C0B3F4E59}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{293112BA-D358-4DAF-954F-66BDE34935C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{354FD6DA-0247-4320-A5FF-0B400180F7EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3A9A0810-CC56-497E-B227-FC8B3533A3EA}" = protocol=6 | dir=out | app=system |
"{45F08A9E-6B93-4D40-9424-2FC6CA3BA9AF}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{46F091DB-EB43-42CF-8D33-6493EC14078B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5D283A14-DF24-4DC7-9D96-5072A2E1B8FB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{63EE8C4B-BB70-4C5D-A588-52728760CA06}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DF8AFE4-8EEC-4463-8E43-C8E87EB9E49C}" = protocol=17 | dir=in | app=c:\users\siri1802\appdata\local\directdownloader\directdownloader.exe |
"{8B93950D-2542-45BE-A18A-E72D2E17C344}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9DB914B4-010A-42DC-AF0F-A4CD52EF04A7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{9F7B59F3-5649-4847-AF75-2ECB1606FFDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A985F5CD-334D-4783-8C8C-B40E035A783E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AE68E410-83AF-4A33-81ED-B2A8F27FB7CC}" = protocol=6 | dir=in | app=c:\users\siri1802\appdata\local\directdownloader\directdownloader.exe |
"{AE9E53EE-9D03-43A6-8E18-E624DE17B402}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B0849E0C-0929-4F8C-B188-CC28DE4EC9B9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B25D4D2C-6761-4F6F-B917-3E25BD03C609}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{B84D23E7-FA06-48C5-8B6D-AF1072B23A7F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{BA8D0497-F70D-4C53-B840-69BB9DF9A3D4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BE26553B-148F-4DC2-AE50-57DFB1288E10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF5974DE-4CB2-457E-8320-D3E4911E8E69}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{D2A780D0-21B0-44EE-B9F1-53FEE8AFAA93}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DEDC7271-8705-463B-81BE-DDDCB62001CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2BDA913-A504-4C37-9F45-DF611FBEB733}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F348A4E0-F8F3-4C83-9ACE-E99E6DFDFA56}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{F430FC3F-AE15-42D4-95ED-5CE3D9DB3546}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F62BE6BF-EFEE-42E1-A7F8-E5FBC948690B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F6BD2C76-8025-4535-BF82-5622877DD697}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1154E511-14E8-49FF-BB22-0CD39C9BE678}C:\32788r22fwjfw\en-us\iexplore.exe" = protocol=6 | dir=in | app=c:\32788r22fwjfw\en-us\iexplore.exe |
"TCP Query User{4E3D8610-7138-4E7A-9637-20588FAB241A}C:\program files\synaptics\syntp\syntphelper.exe" = protocol=6 | dir=in | app=c:\program files\synaptics\syntp\syntphelper.exe |
"TCP Query User{60681318-ABF0-4A28-933A-FEC5AED73BA7}C:\users\siri1802\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\siri1802\appdata\roaming\spotify\spotify.exe |
"TCP Query User{7CACCBCA-D259-4825-AFFA-8326141E2F20}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{C1904338-B504-42FC-AAE2-2803814F1CAC}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{EE404994-BCAC-480A-B2B6-62681E00A209}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{120D2041-7B63-489F-A35D-AD553A95B41D}C:\users\siri1802\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\siri1802\appdata\roaming\spotify\spotify.exe |
"UDP Query User{2F6A5F42-50C7-4FC9-A2AC-B98CAD72DAD4}C:\program files\synaptics\syntp\syntphelper.exe" = protocol=17 | dir=in | app=c:\program files\synaptics\syntp\syntphelper.exe |
"UDP Query User{73A9529C-CEA7-41F6-96A0-ED738BF76129}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{7FD3DA2F-5812-4131-8411-1808332598F4}C:\32788r22fwjfw\en-us\iexplore.exe" = protocol=17 | dir=in | app=c:\32788r22fwjfw\en-us\iexplore.exe |
"UDP Query User{BD95C3C6-9332-48AD-9848-EF0B3124641F}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{E95BC74B-0EE4-4817-9628-5D54C1089388}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
My System SpecsSystem Spec
14 Feb 2013   #109

Windows 7 Ultimate, 32bit
 
 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2F74F55D-13CB-4F1A-932C-1AEAF7147010}" = Microsoft Antimalware Service NB-NO Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client NB-NO Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0414-0000-0000000FF1CE}" = Microsoft Office Access MUI (Norwegian (Bokmål)) 2010
"{90140000-0015-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0414-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Norwegian (Bokmål)) 2010
"{90140000-0016-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0414-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2010
"{90140000-0018-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0414-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Norwegian (Bokmål)) 2010
"{90140000-0019-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0414-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Norwegian (Bokmål)) 2010
"{90140000-001A-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0414-0000-0000000FF1CE}" = Microsoft Office Word MUI (Norwegian (Bokmål)) 2010
"{90140000-001B-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0414-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Bokmål)) 2010
"{90140000-001F-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{F3137115-1D72-46BE-9D42-B5DE61971F2A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0814-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Nynorsk)) 2010
"{90140000-001F-0814-0000-0000000FF1CE}_Office14.PROPLUSR_{751049E8-D99F-4DE1-9FC2-71DE06655678}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0414-0000-0000000FF1CE}" = Microsoft Office Proofing (Norwegian (Bokmål)) 2010
"{90140000-002C-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{66FC3637-893A-4837-A32C-0DD98E7F8444}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0414-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Norwegian (Bokmål)) 2010
"{90140000-0044-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0414-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Norwegian (Bokmål)) 2010
"{90140000-006E-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{C166254D-5FB6-4D3F-8509-3575387141B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0414-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2010
"{90140000-00A1-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0414-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Norwegian (Bokmål)) 2010
"{90140000-00BA-0414-0000-0000000FF1CE}_Office14.PROPLUSR_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95140000-0081-0414-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3499A41-41EA-3567-977C-29E9E226A360}" = Microsoft .NET Framework 4 Client Profile NOR Language Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1044-7B44-AA0000000001}" = Adobe Reader X - Norsk
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple-programsupport
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versjon 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NOR Language Pack" = Microsoft .NET Framework 4 Client Profile NOR Language Pack
"Min CEWE FOTOVERDEN" = Min CEWE FOTOVERDEN
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"Videora iPhone Converter" = Videora iPhone Converter 6
"WinPcapInst" = WinPcap 4.1.2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.02.2013 04:19:15 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10.02.2013 04:19:15 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11420

Error - 10.02.2013 04:19:15 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11420

Error - 10.02.2013 04:19:16 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10.02.2013 04:19:16 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12418

Error - 10.02.2013 04:19:16 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12418

Error - 10.02.2013 04:19:17 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10.02.2013 04:19:17 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13432

Error - 10.02.2013 04:19:17 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13432

Error - 10.02.2013 04:19:18 | Computer Name = siris-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ System Events ]
Error - 05.02.2013 06:33:22 | Computer Name = siris-pc | Source = bowser | ID = 8003
Description =

Error - 05.02.2013 23:49:55 | Computer Name = siris-pc | Source = BROWSER | ID = 8032
Description =

Error - 06.02.2013 00:46:56 | Computer Name = siris-pc | Source = Service Control Manager | ID = 7011
Description = Det oppstod et tidsavbrudd (60000 millisekunder) under venting på
et transaksjonssvar fra tjenesten ShellHWDetection.

Error - 06.02.2013 00:57:28 | Computer Name = siris-pc | Source = EventLog | ID = 6008
Description = Forrige avslutning av systemet klokken 05:54:53 den ?06.?02.?2013
var uventet.

Error - 06.02.2013 00:57:31 | Computer Name = SIRIS-PC | Source = BugCheck | ID = 1001
Description =

Error - 06.02.2013 04:30:29 | Computer Name = siris-pc | Source = BROWSER | ID = 8032
Description =

Error - 06.02.2013 06:11:56 | Computer Name = siris-pc | Source = BROWSER | ID = 8032
Description =

Error - 07.02.2013 00:14:19 | Computer Name = siris-pc | Source = Tcpip | ID = 4199
Description = Systemet fant en adressekonflikt for IP-adresse 192.168.11.15 og maskinvareadressen
for
systemet 00-26-B9-DF-AC-5D. Nettverksoperasjonen på dette systemet kan være skadet
som et resultat av dette.

Error - 07.02.2013 00:29:01 | Computer Name = siris-pc | Source = BROWSER | ID = 8032
Description =

Error - 07.02.2013 02:34:19 | Computer Name = siris-pc | Source = Tcpip | ID = 4199
Description = Systemet fant en adressekonflikt for IP-adresse 192.168.11.18 og maskinvareadressen
for
systemet 00-24-D6-75-BC-DC. Nettverksoperasjonen på dette systemet kan være skadet
som et resultat av dette.


< End of report >
My System SpecsSystem Spec
14 Feb 2013   #110

Windows 7 Ultimate, 32bit
 
 

checkup.txt:

Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x86 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware versjon 1.70.0.1100
CCleaner
Java(TM) 6 Update 35
Java 7 Update 11
Adobe Flash Player 11.5.502.149
Mozilla Firefox (18.0.1)
Google Chrome 24.0.1312.56
Google Chrome 24.0.1312.57
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
My System SpecsSystem Spec
Reply

 Windows Security Center can't be started because of virus/malware




Thread Tools



Similar help and support threads for2: Windows Security Center can't be started because of virus/malware
Thread Forum
The Windows Security Center Can't be Started. Help! System Security
The windows 7 security center can't be started System Security
Windows Security Center service cannot be started System Security
Solved Windows Security Center service can't be started. General Discussion
Solved the windows security center service can't be started System Security
Solved windows security center service can't be started System Security
Solved The Windows Security Center service can't be started. System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:50 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33