Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows Security Center can't be started because of virus/malware


24 Jan 2013   #11

Windows 7 Home Premium
 
 

Those entries in RogueKiller are of no consequence. Just let them be.

Please run SystemLook once again. This time, use the following:

Code:
:filefind
wscsvc.dll
Seems unusual that there are no wscsvc files showing in the query. It could be my mistake by not showing the .dll extension.


Also, do you have the file wscui.cpl in the system?

Go to Start, and in the Search box, type: wscui.cpl
If present in the list of programs, above Search, right click and select: Open with Control Panel

What happens?

If the Service Center does not start, set the Startup type to: Automatic (Delayed start), and then see if you can press the Start button. It is currently set as: Deaktivert

What happens.

If still the same issue, please download Microsoft Security Essentials:
Microsoft Security Essentials - Microsoft Windows

Install the program, update it, and run a Scan.

Does the scan show any malware?...hopefully not.

Is Security Center still the same?

My System SpecsSystem Spec
.

24 Jan 2013   #12

Windows 7 Ultimate, 32bit
 
 

Okey, I found a file called wscui.cpl as you said, and I opened it "with control panel". What happened was that the Control Panel opened, like this:



It still says that the Security Center is deactivated. So I did what you told me to: set the startup type to delayed start. Then it was possible to press the start button, but after maybe 2 seconds it was deactivated again.

And I ran the SystemLook test again, here is the result:

SystemLook 30.07.11 by jpshortstuff
Log created at 04:02 on 25/01/2013 by siri1802
Administrator - Elevation successful

========== filefind ==========

Searching for "wscsvc.dll"
C:\Windows\System32\wscsvc.dll --a---- 73728 bytes [23:31 13/07/2009] [01:16 14/07/2009] 6F5D49EFE0E7164E03AE773A3FE25340
C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_1c47c79e105aef4c\wscsvc.dll --a---- 73728 bytes [23:31 13/07/2009] [01:16 14/07/2009] 6F5D49EFE0E7164E03AE773A3FE25340

-= EOF =-


I have now reinstalled Microsoft Security Essentials - and it still won't open. Or - it opens in half a second before it closes again. I managed to press printscreen before it closed though, and this is what it looked like:




As the program close down so fast, I don't have the time to press "update", and at least not run a scan I'm afraid.

I am sure there must be some malware that automatically closes and unables my security-program.

And also the screen driver stops responding all the time and is then recovered again. I don't know if it has any connection with my other problems.
My System SpecsSystem Spec
25 Jan 2013   #13

Windows 7 Home Premium
 
 

Quote:
...there must be some malware that automatically closes and unables my security-program...

That is what it looks like.

When you ran Malwarebytes and some threats were found, is the log with those results still available?
The log is automatically saved and can be viewed by clicking the MBAM Logs tab.

If it is available, please post the info.


Now, let's go after the malware...

Please download ComboFix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

IMPORTANT!!! Save to your Desktop <<<

If using a notebook, make sure it is connected to wall-power (AC power), or a UPS system.


Disable any AntiVirus and AntiSpyware applications, since they may interfere with ComboFix.

Info on disabling protection programs:
Topic:
http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html
Topic:
http://www.bleepingcomputer.com/forums/topic114351.html

To run ComboFix, right-click on ComboFix.exe and select: Run as Administrator
Click on Yes, to continue scanning for malware.
The scan make take a while, since it has some 50+ stages.

When finished, CF produces a report.
Please provide a copy of the C:\ComboFix.txt in your reply.
 
Notes:
1. Please do not mouse-click the ComboFix window while it is running. This action may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making IE the default browser.
3. CF disconnects your machine from the Internet. However, the connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.


ComboFix User's Guide:
ComboFix: A guide and tutorial on using ComboFix
 


Next, please run the AdwCleaner program:
http://general-changelog-team.fr/fr/downloads

It searches and removes unwanted toolbars, programs, adwares, and browser hijackers, and is compatible with Windows XP, Vista, 7, versions 32 and 64 bits.

After downloading, save AdwCleaner to the Desktop
Double-click on the program to run it
Click the Search button
When done a text file opens.

Please post the content of the AdwCleaner[Sn].txt in your reply.

Note: You can also find the reports at C:\AdwCleaner[Sn].txt (S = search, n = order number), or, C:\AdwCleaner[Rn].txt (R = remove, n = order number)


I currently live in the USA, do you live in Europe's Scandinavian Penninsula? There seems to be a time zone difference in our communications.
My System SpecsSystem Spec
.


25 Jan 2013   #14

W7 Pro SP1 64bit
 
 

@Crumble,
Have you followed the suggest in post 2?

You can probably use a USB flash drive - so you don't even have to burn a CD/DVD. There are nasties out there that can hide from MSE, Malwarebytes, rootkit detectors..... These particular nasties load before the operating system loads, so they can hide themselves from most anything running on top of the operating system. This is why there are several scanners that check things out while your operating system is not loaded.

WDO is not perfect, but it is free, relatively fast, easy to use and from the maker of your OS :-)

:::returns to lurking:::
My System SpecsSystem Spec
25 Jan 2013   #15

Windows 7 Home Premium
 
 

@UsernameIssues,

Thanks for the WDO reminder.

Had looked at it here:
Windows Defender Offline

Then, got busy trying to see if the problem could be resolved otherwise. However, the situation does look as if there is malware still involved.

It is a good idea, though. It could be run now, and if it comes up clean, and the issue is not resolved, then go back to ComboFix.
My System SpecsSystem Spec
25 Jan 2013   #16

Windows 7 Ultimate, 32bit
 
 

Sounds great UsernameIssues , but I have some questions:
1. Will the USB flash drive get infected by the malware if I connect it to my computer?
2. I already have a program called "Windows Defender" - is this the same program you are talking about? The only problem is that like Security Center, this program won't open either..

Should I just try the ComboFix since I don't have my USB flash drive with me now? Or should I start with the WDO?


cottonball, yes - I'm from the Europe's Scandinavian Penninsula, but I live in Asia for the time being, hence the time zone difference
My System SpecsSystem Spec
25 Jan 2013   #17

W7 Pro SP1 64bit
 
 

The order that you try things in doesn't much matter at this point.

WDO is different than WD.
What is Windows Defender Offline&#63;
WDO contains an operating system (network drivers, graphics drivers...) all of which stay on the CD/DVD/USB media that you put it on. Then you boot the computer to that media.

It would be best to create the WDO bootable USB flash drive using a clean computer... but the same would be true for burning a CD or DVD. Be sure that you copy any files that are on the USB flash drive to somewhere safe because the WDO build process will format the USB flash drive. A tiny USB flash drive will do - you only need 250MB.
My System SpecsSystem Spec
25 Jan 2013   #18

Windows 7 Ultimate, 32bit
 
 

Good. I have now run the ComboFix and got the following result:

ComboFix 13-01-24.02 - siri1802 25.01.2013 10:27:10.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1044.18.2003.1298 [GMT 1:00]
Kjører fra: c:\users\siri1802\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\3002.abs
c:\programdata\3002.xml
.
Infisert kopi av c:\windows\system32\userinit.exe ble funnet og desinfisert
Gjenopprettet kopi fra - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2012-12-25 til 2013-01-25 )))))))))))))))))))))))))))))))))
.
.
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-22 03:23 . 2013-01-22 03:23 -------- d-----w- c:\program files\iPod
2013-01-22 03:22 . 2013-01-22 03:23 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-22 03:22 . 2013-01-22 03:23 -------- d-----w- c:\program files\iTunes
2013-01-19 11:48 . 2013-01-19 11:48 -------- d-----w- c:\users\siri1802\AppData\Roaming\Malwarebytes
2013-01-19 11:47 . 2013-01-19 11:47 -------- d-----w- c:\programdata\Malwarebytes
2013-01-19 11:47 . 2013-01-19 11:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-19 11:47 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-19 11:39 . 2013-01-19 11:39 -------- d-----w- c:\users\siri1802\AppData\Local\Programs
2013-01-18 09:09 . 2013-01-18 09:09 -------- d-----w- c:\program files\Common Files\Java
2013-01-18 09:08 . 2013-01-18 09:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-16 10:17 . 2013-01-16 10:17 -------- d-----w- c:\program files\WinPcap
2013-01-16 04:00 . 2013-01-16 04:00 -------- d-----w- c:\program files\MSECache
2013-01-14 03:06 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-01-14 03:06 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-01-13 15:06 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-13 15:06 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-13 15:02 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-25 09:35 . 2012-09-24 09:51 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2013-01-25 09:35 . 2012-09-25 07:30 58288 ----a-w- c:\windows\system32\rpcnet.dll
2013-01-18 09:08 . 2012-09-25 07:27 859552 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-18 09:08 . 2011-05-20 14:10 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-13 14:39 . 2012-09-24 22:16 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-13 14:39 . 2011-05-20 14:10 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-09 04:42 . 2012-12-12 03:10 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11 . 2012-12-12 03:10 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-01-19 16:36 . 2013-01-19 16:35 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}"= "c:\program files\BitTorrentControl_v12\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
2011-05-09 09:49 176936 ----a-w- c:\program files\BitTorrentControl_v12\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}"= "c:\program files\BitTorrentControl_v12\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}"= "c:\program files\BitTorrentControl_v12\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\siri1802\AppData\Roaming\Spotify\Spotify.exe" [2012-10-29 7880664]
"Spotify Web Helper"="c:\users\siri1802\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-29 1199576]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\SEARCH~1\Datamngr\datamngr.dll c:\progra~1\SEARCH~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]
@="Service"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
--- Andre tjenester/drivere lastet i minnet ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-24 07:40 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2013-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-24 14:39]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-07 15:20]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-07 15:20]
.
2013-01-25 c:\windows\Tasks\IKOPXBS.job
- c:\windows\system32\deskperfm.dll [2012-09-24 22:13]
.
.
------- Tilleggsskanning -------
.
uStart Page = hxxp://google.no/
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={035FCF41-1554-11E2-A7E2-0023AE27B879}
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd til OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.11.1
FF - ProfilePath - c:\users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - BitTorrentControl_v12 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&SearchSource=2&CUI=SB_CUI&q=
FF - ExtSQL: !HIDDEN! 2012-09-25 10:35; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: extentions.y2layers.installId - 695d8d28-0b01-4564-9510-72b1c5231f33
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - TOMME PEKERE FJERNET - - - -
.
Toolbar-10 - (no file)
HKLM-Run-Aimersoft Helper Compact.exe - c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
.
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe ,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\rpcnet.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehRecvr.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2013-01-25 10:40:46 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt 2013-01-25 09:40
.
Pre-Run: 15*018*688*512 byte ledig
Post-Run: 15*445*389*312 byte ledig
.
- - End Of File - - 0F1B2B13D1F75DAA6F6351F45DEFE969



[B]The program deleted some unwanted files I think.
My System SpecsSystem Spec
25 Jan 2013   #19

Windows 7 Ultimate, 32bit
 
 

I then ran the AdwCleaner as you suggested:[/B]

# AdwCleaner v2.108 - Logfile created 01/25/2013 at 10:57:08
# Updated 24/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : siri1802 - SIRIS-PC
# Boot Mode : Normal
# Running from : C:\Users\siri1802\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\searchplugins\Conduit.xm l
File Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\searchplugins\Search_Res ults.xml
File Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\searchplugins\SweetIm.xm l
Folder Found : C:\Program Files\1ClickDownload
Folder Found : C:\Program Files\BitTorrentControl_v12
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Searchqu Toolbar
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\Program Files\WhiteSmoke_US_New
Folder Found : C:\Program Files\Yontoo
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\siri1802\AppData\Local\Conduit
Folder Found : C:\Users\siri1802\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found : C:\Users\siri1802\AppData\Local\Ilivid
Folder Found : C:\Users\siri1802\AppData\LocalLow\BitTorrentControl_v12
Folder Found : C:\Users\siri1802\AppData\LocalLow\Conduit
Folder Found : C:\Users\siri1802\AppData\LocalLow\searchquband
Folder Found : C:\Users\siri1802\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\siri1802\AppData\LocalLow\WhiteSmoke_US_New
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\CT3225826
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\extensions\OneClickDownl oad@OneClickDownload.com
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\extensions\plugin@yontoo .com
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\Searchqutoolbar
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\Smartbar
Folder Found : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\SweetPacksToolbarData
Folder Found : C:\Users\siri1802\AppData\Roaming\OpenCandy
Folder Found : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Folder Found : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\WhiteSmoke_US_New
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\BitTorrentControl_v12
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Key Found : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Key Found : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3244149
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33AB742A-8D0F-44D0-ACB5-897D3DFC346B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95E32D64-21FF-481F-BB17-A76F49B0F7BD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CA08590-D917-4BEA-828D-9734E696C1AD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4B7BDF1-C8A0-47CB-811A-D87756A3E97F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
My System SpecsSystem Spec
25 Jan 2013   #20

Windows 7 Ultimate, 32bit
 
 

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US_New Toolbar
Key Found : HKLM\Software\WhiteSmoke_US_New
Key Found : HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKU\S-1-5-21-4278792135-2590523476-2833556063-1002\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{462BE121-2B54-4218-BF00-B9BF8135B23F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={035FCF41-1554-11E2-A7E2-0023AE27B879}

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\prefs.js

Found : user_pref("CT3225826.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM1ODY5Nzc1MSwidXVpZCI6Nzc2MDQ4NjQxMDE5NTQxLCJ[...]
Found : user_pref("CT3225826.CBOpenMAMSettings.enc", "MA==");
Found : user_pref("CT3225826.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3225826.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3225826.FirstTime", "true");
Found : user_pref("CT3225826.FirstTimeFF3", "true");
Found : user_pref("CT3225826.LoginRevertSettingsEnabled", true);
Found : user_pref("CT3225826.RevertSettingsEnabled", true);
Found : user_pref("CT3225826.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Found : user_pref("CT3225826.UserID", "UN61944506999088192");
Found : user_pref("CT3225826.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3225826.browser.search.defaultthis.engineName", true);
Found : user_pref("CT3225826.cbcountry_001.enc", "TlA=");
Found : user_pref("CT3225826.cbfirsttime.enc", "U2F0IE9jdCAxMyAyMDEyIDIxOjE5OjExIEdNVCswMjAwIChTZW50cmFsZXVy[...]
Found : user_pref("CT3225826.embeddedsData", "[{\"appId\":\"129830626805552092\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT3225826.enableAlerts", "always");
Found : user_pref("CT3225826.enableSearchFromAddressBar", "true");
Found : user_pref("CT3225826.firstTimeDialogOpened", "true");
Found : user_pref("CT3225826.fixPageNotFoundError", "true");
Found : user_pref("CT3225826.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3225826.fixUrls", true);
Found : user_pref("CT3225826.installId", "fft6E8C.tmp.exe");
Found : user_pref("CT3225826.installType", "XPE");
Found : user_pref("CT3225826.isCheckedStartAsHidden", true);
Found : user_pref("CT3225826.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3225826.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT3225826.isNewTabEnabled", true);
Found : user_pref("CT3225826.isPerformedSmartBarTransition", "true");
Found : user_pref("CT3225826.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3225826.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT3225826.keyword", true);
Found : user_pref("CT3225826.migrateAppsAndComponents", true);
My System SpecsSystem Spec
Reply

 Windows Security Center can't be started because of virus/malware




Thread Tools



Similar help and support threads for2: Windows Security Center can't be started because of virus/malware
Thread Forum
The Windows Security Center Can't be Started. Help! System Security
The windows 7 security center can't be started System Security
Windows Security Center service cannot be started System Security
Solved Windows Security Center service can't be started. General Discussion
Solved the windows security center service can't be started System Security
Solved windows security center service can't be started System Security
Solved The Windows Security Center service can't be started. System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 12:06 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33