Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Automaticly closing applications and taskmanager

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Automaticly closing applications and taskmanager

Unread postby mortenduen » October 8th, 2011, 5:01 pm

Hi

I have this PC with several symptoms.
I noticed the problem when I could not sign into my online banking, through a java-based login system.
The java-signin system sort-of loaded, but within one second, it was terminated..
Then I've noticed several other things closes automatically also: Sometimes Taskmanager, sometimes notepad

It feels like a 1sec timer that kills certain processes every time it ticks.

I have AVG, and a AVG scan reports no problems.
Although AVG Identity Protection usually reports a threat from an *.exe file each time windows boots. Every time the exe file has a new name, seems random. Moving to vault requires windows to reboot, and next time windows boots, the same process repeats itself.

Another symptom: Sometimes a file tries to be executed, and promts me if it is ok to run the file "Setup.exe" or not. Next time it happens, I will take a screenshot of this.

Thanks in advance.

Now the DDS logs:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_27
Run by Pernille at 22:38:11 on 2011-10-08
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.45.1030.18.3005.1449 [GMT 2:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k hpdevmgmt
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\windows\system32\igfxext.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Users\Pernille\Mobile Partner\Mobile Partner.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Pernille\Desktop\LSPFix.exe
C:\Users\Pernille\Desktop\HijackThis.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=smsn
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=smsn
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Trend Micro RUBotted V2.0 Beta] c:\program files\trend micro\rubotted\RUBottedGUI.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Send billede til &Bluetooth-enhed... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send siden til &Bluetooth-enhed... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: hadstenbank.dk
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/acti ... afekey.cab
TCP: Interfaces\{2A7285DA-2AA7-4497-B2D4-C7AE572EA737} : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{2A7285DA-2AA7-4497-B2D4-C7AE572EA737}\8445340226279616E6D23716E6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2A7285DA-2AA7-4497-B2D4-C7AE572EA737}\95F657E676020556F607C6560266F62702348627963747 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2D36A0F8-05A1-4594-925E-697CB6E92FAE} : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{E2A2D18E-77FD-44A5-A8C8-2E56B295E19A} : NameServer = 80.251.192.244 80.251.192.245
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\pernille\appdata\roaming\mozilla\firefox\profiles\wnae62z0.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg10\Firefox4
FF - Ext: AVG Security Toolbar em:version=7.008.031.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg10\toolbar\firefox\avg@igeared
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2009-9-30 10752]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-8-18 7390560]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\hwdeviceservice.exe -/service --> c:\programdata\datacardservice\HWDeviceService.exe -/service [?]
R2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\RUBotSrv.exe [2011-10-6 439632]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-2-6 29472]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2011-8-1 85248]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-8-1 72576]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-1-8 126976]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-9-30 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Tjenesten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-7 135664]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\users\pernille\mobile partner\updatedog\ouc.exe [2011-8-1 218624]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-10-8 1153368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2011-8-1 102784]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-3-21 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-7 135664]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2010-9-28 41984]
S3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-3 1343400]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-4-11 947528]
S4 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\samsung casual games\gameconsole\OberonGameConsoleService.exe [2010-2-6 44312]
.
=============== Created Last 30 ================
.
2011-10-08 19:32:51 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-10-08 19:32:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-10-08 18:20:01 209408 ----a-w- c:\users\pernille\svcparsescan.exe
2011-10-08 18:19:35 209408 ----a-w- c:\users\pernille\appdata\local\amdprovqueue.exe
2011-10-06 14:45:57 -------- d-----w- c:\program files\WinPcap
2011-10-06 14:45:41 -------- d-----w- c:\program files\Trend Micro
2011-10-06 14:22:38 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-06 13:14:06 -------- d-----w- c:\users\pernille\appdata\roaming\E9A7436FF1310B736C2D362618CA8124
2011-10-06 13:13:53 227328 ----a-w- c:\users\pernille\taskmgr.exe
2011-10-05 08:26:23 -------- d-----w- c:\users\pernille\appdata\roaming\PandoraRecovery
2011-10-05 08:26:20 -------- d-----w- c:\program files\Pandora Recovery
2011-10-03 21:37:12 69632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP9H.DLL
2011-10-03 21:37:12 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD9H.DLL
2011-10-03 21:36:47 230912 ----a-w- c:\windows\system32\CNMLM9H.DLL
2011-10-03 21:14:33 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-10-02 18:50:08 -------- d-----w- c:\windows\da
.
==================== Find3M ====================
.
2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:37:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 04:34:28 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:31:12 271360 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 02:21:47 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2010-03-30 19:45:54 6 ----a-w- c:\program files\common files\UnInstallCompleted.tmp
.
============= FINISH: 22:38:47,10 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 06-02-2010 17:19:24
System Uptime: 08-10-2011 21:06:09 (1 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | X420/X520
Processor: Genuine Intel(R) CPU U4100 @ 1.30GHz | U2E1 | 1196/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 136 GiB total, 74,838 GiB free.
D: is FIXED (NTFS) - 147 GiB total, 37,778 GiB free.
F: is CDROM (CDFS)
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP326: 23-09-2011 13:49:02 - Installationsprogram til Windows-moduler
RP327: 23-09-2011 13:57:01 - Installationsprogram til Windows-moduler
RP328: 25-09-2011 19:00:36 - Windows Sikkerhedskopiering
RP329: 27-09-2011 10:05:43 - Windows Update
RP330: 28-09-2011 07:12:45 - Windows Update
RP331: 29-09-2011 22:04:27 - Windows Update
RP332: 02-10-2011 20:25:51 - Windows Sikkerhedskopiering
RP333: 02-10-2011 20:42:03 - CheckIfInstallerIsBusy
RP335: 02-10-2011 20:43:00 - Windows Live Essentials
RP337: 02-10-2011 20:43:35 - Installed DirectX
RP339: 02-10-2011 20:44:04 - Installed DirectX
RP340: 02-10-2011 20:44:37 - WLSetup
RP341: 03-10-2011 23:12:58 - Installed Java(TM) 6 Update 20
RP342: 06-10-2011 16:16:45 - Removed Java(TM) 6 Update 20
RP343: 06-10-2011 16:21:54 - Installed Java(TM) 6 Update 27
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
3Connect
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.6 - Dansk
Alice Greenfingers
AnyPC Client
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Client Installation Program
AVG 2011
AVG PC Tuneup 2011
BatteryLifeExtender
Bing Bar
Bonjour
BufferChm
Business Contact Manager til Outlook 2007 SP2
C4600
CyberLink YouCam
D3DX10
Dairy Dash
Destinations
DeviceDiscovery
Easy Display Manager
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
Farm Frenzy 2
Feedback Tool
Game Pack
Go-Go Gourmet
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Customer Participation Program 13.0
HP Imaging Device Functions 13.0
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
HP Print Projects 1.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
Huawei modem
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 27
Junk Mail filter update
Kompatibilitetspakke til Office 2007-systemet
MarketResearch
Messenger Companion
Micrografx PhotoMagic 6
Micrografx Windows Draw 6
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DAN Language Pack
Microsoft .NET Framework 4 Client Profile DAN sprogpakke
Microsoft Application Error Reporting
Microsoft Office 2003 Webkomponenter
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Live Add-in 1.3
Microsoft Office Small Business-forbindelseskomponenter
Microsoft Office Suite Activation Assistant
Microsoft Office XP Professional
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mobile Partner
Mozilla Firefox (3.6.13)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PandoraRecovery (Remove Only)
Picasa 3
PS_AIO_05_C4600_Software_Min
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Samsung Recovery Solution 4
Samsung Support Center
Samsung Update Plus
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2518870)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Status
Synaptics Pointing Device Driver
Toolbox
TrayApp
Trend Micro RUBotted 2.0 Beta
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
User Guide
WebReg
WIDCOMM Bluetooth Software
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.1
WinRAR 4.01 (32-bit)
Zentom System Guard
.
==== End Of File ===========================


1.
mortenduen
Active Member
 
Posts: 1
Joined: October 8th, 2011, 4:32 pm
Advertisement
Register to Remove

Re: Automaticly closing applications and taskmanager

Unread postby askey127 » October 10th, 2011, 11:36 am

Checking your log.
be back soon.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Automaticly closing applications and taskmanager

Unread postby askey127 » October 10th, 2011, 11:52 am

Hi mortenduen,
------------------------------------------------
Download and Run Rkill
Please download and run the tool named Rkill, which may help in allowing other programs to run.
There are different versions with different names. If one of them won't run ,then download and try to run one of the other ones.
After the download, Vista and Win7 users will need to right click the icon and choose Run as Administrator.
You only need to get ONE of these to run, not all of them. You may get warnings from your antivirus about any of these tools. Either ignore the warnings or shutdown your antivirus.
Please download Rkill from one of the following links (note the different names) and save to your Desktop:
iExplore.exe
Rkill.exe
eXplorer.exe
RKill.com
RKill.scr
Rkill.pif
uSeRiNiT.exe
  • Right Click on the iExplore, Rkill, eXplorer, or uSeRiNiT desktop icon and choose "Run as administrator" to run the tool.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If you get a Warning Message when you try to run it, run it again while the Warning Message is still displayed.
  • If it doesn't run on the first try, please try to run it another two or three times.
  • If it still does not run, delete the desktop entry. Then download and use the one provided in the next link.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided after trying each a few times, please let me know.
----------------------------------------------------------------------------------
Download and Run MalwareBytes' Anti-Malware It is free for non-business use.
Please go here to the Download Location, click on Download in the Free column..
When the next page comes up, click on the Download Now button.
  • After clicking on the download and choosing Save, the "Save to location" dialog will come up.
  • Click the browse folders button, then click on Desktop on the left as the location for the installer and click Save again. Close the dialog when the download is complete.
  • You should now have a desktop icon named mbam-setup.exe. (If the download was saved somewhere else, locate it and copy or move it to your desktop).
  • Right click it, choose Run as administrator and Continue
  • Let it install where it wants to, with the default settings, and click Finish.
  • If an update is found, it will download and install the latest version. A shield symbol will show on the desktop icon while it is updating, and will disappear when it's done.
  • If necessary, start Malwarebytes Anti-Malware again.
    (You can Decline any Offer for a Trial if you don't want the paid version)
  • Once the program has started up, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it found any malware items, check ALL items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any "Scan" log listed to open its contents. The logs are listed and named by time/date stamp.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Automaticly closing applications and taskmanager

Unread postby askey127 » October 14th, 2011, 9:15 am

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 315 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware