0

Hi,

I desperately need help to fix my computer since it's currently close to impossible to work with it.

I use a HP Pavilion DM3 (which i regret I ever bought) with a AMD Athlon Neo X2 1.60 GHz and 4 giggs of RAM. The machine is running Windows 7 64-bit Home premium.

My problem started with video and audio all of a sudden being very laggy even thou I had CPU capcity to spare. Then soon after that the CPU started showing 100% usage most of the time. Often even when the system was idle. Looking in process explorer the usage seems to come from random processes. Some times it's firefox using a lot some times it's some other application. Though most of the time the culprit is one of the instaces of svchost. Normally 10-20 instances of svchost is running parallel. Going deeper down the service that is normally eating the major part of the capacity is iphlp.

I have checked a lot of forums in my search for an answer to this problem and have disabled windows update, inactivated my HD audio card etc but nothing has helped. I'm therefore hoping that one of the readers of this forum will take pity on me and see if they can help me out.

I have followed the instructions in the virus-readme and attached all the logs below. I had no trouble running the specified applications but unfortunately the log from MBA-M is in my native tongue Swedish. However, MBA-M didn't find any malware anyway so it shouldn't matter. Since GMER One was empty I was not able to attach it and I had to change the extension of GMER Two to .txt but I'm guessing that it shouldn't matter.

I would be very gratefully if any of you would take the time to help me out!!

Thx in advance!

Attachments
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-10.03)

Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 2009-11-12 13:22:22
System Uptime: 2010-10-15 00:22:43 (1 hours ago)

Motherboard: Flextronics |  | 3656
Processor: AMD Athlon(tm) Neo X2 Dual Core Processor L335 | Socket AM2/S1G2 | 1600/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 218 GiB total, 67,592 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 2,365 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP116: 2010-09-25 16:32:19 - Installationsprogram fr Windows-moduler
RP117: 2010-10-02 18:06:13 - Restore point created by Trend Mico [0x00001101] 
RP118: 2010-10-13 18:48:08 - Windows Update
RP119: 2010-10-13 20:48:18 - Installed HP Support Assistant
RP120: 2010-10-13 20:52:27 - Installationsprogram fr Windows-moduler
RP121: 2010-10-13 20:53:45 - Installationsprogram fr Windows-moduler
RP122: 2010-10-14 15:36:25 - Windows Update
RP123: 2010-10-14 21:31:12 - Windows Update

==== Installed Programs ======================

AAC Decoder
Acrobat.com
Activate Norton Online Backup
ActiveCheck component for HP Active Support Library
Ad-Aware
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0 MUI
Alcor Micro USB Card Reader
AMD USB Filter Driver
AOL Toolbar 5.0
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
AutoUpdate
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack fr Office 2007-systemet
Comviq Surf Connect
CyberLink DVD Suite
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Media Foundation Components
DivX Plus Web Player
DivX Version Checker
Facebook Plug-In
GIMP 2.6.8
Google Chrome
Google Earth
Google Update Helper
H.264 Decoder
HijackThis 2.0.2
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart Internet TV
HP MediaSmart Movie Themes
HP MediaSmart Music/Photo/Video
HP MediaSmart Webcam
HP Quick Launch Buttons
HP Support Assistant
HP Update
HP User Guides 0144
HP Wireless Assistant
HPAsset component for HP Active Support Library
Huawei Modems
IDT Audio
Java Auto Updater
Java(TM) 6 Update 13
Java(TM) 6 Update 21
Junk Mail filter update
LabelPrint
Malwarebytes' Anti-Malware
Microsoft Choice Guard
Microsoft Office PowerPoint Viewer 2007 (Swedish)
Microsoft Office Suite Activation Assistant
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MKV Splitter
Mozilla Firefox (3.6.10)
MSVCRT
Net iD 5.3 (32-bit Edition)
OpenOffice.org 3.1
Power2Go
PowerDirector
PowerRecover
QLBCASL
QuickTime
Realtek Ethernet Controller Driver For Windows Vista and Later
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Skype web features
Skype 4.1
Spotify
Tele2 Mobile Partner
Torchlight
VC80CRTRedist - 8.0.50727.4053
Windows Live Communications Platform
Windows Live Essentials
Windows Live inloggningsassistenten
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 1.0.3
VoddlerNet
VoddlerPlayer

==== End Of File ===========================
DDS (Ver_10-10-10.03) - NTFS_AMD64  
Run by Edward at  1:23:20,56 on 2010-10-15
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.46.1053.18.3836.2436 [GMT 2:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Program Files (x86)\Voddler\service\voddler.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Net iD\iid.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Voddler\service\VNetManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\PlatformDependent\ProToolbarComm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Edward\Desktop\procexp64.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Edward\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_SE&c=94&bd=Pavilion&pf=cnnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_SE&c=94&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_SE&c=94&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_SE&c=94&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
BHO: Windows Live inloggningshjlpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
uRun: [Power2GoExpress] 
uRun: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe /lock
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>] 
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Net iD] "C:\Program Files (x86)\Net iD\iid.exe"
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [VoddlerNet Manager] C:\Program Files (x86)\Voddler\service\VNetManager.exe
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Edward\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: &AOL Verktygsfalt Sk - C:\ProgramData\AOL\ieToolbar\resources\sv-SE\local\search.html
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
{DBC80044-A445-435b-BC74-9C25C1C588A9}
TB-X64: {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
mRun-x64: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
mRun-x64: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
mRun-x64: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Edward\AppData\Roaming\Mozilla\Firefox\Profiles\8iparjjp.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://se.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_se&p=
FF - component: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension\components\FFTMUFEHelper.dll
FF - component: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension\components\FFToolbarComm.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npiidplg.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files (x
GMER 1.0.15.15315 - http://www.gmer.net
Rootkit scan 2010-10-14 22:35:54
Windows 6.1.7600 
Running: blabla.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind    ????16??????16??????????????????????v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|???????$??????F???????????????????????t??????????????????????????16???????????????f??????????{63EED7C7-C74A-4F90-B4A0-8E84474563F1}???z???????????2???????s??? ???????r???????????????????????????d??????????????16???????????????e??????????????????????????? .??????????????????????????????t???????t???????t???????????????????B??? ??????????????????????????????`????????e??? ???????:?????????????:????????????&???????????????????????41??????????????????C2??C2??????????????16???????d??????????????01??????_{??? ??????????????????????????????<??????it ???????????????????6??????????????????Microsoft 6to4 Adapter???i???????????i???t??????????????? ??????????????????????????????"??? ????????????????????f??????int?????{98A2DBDA-C049-497D-AD54-7A04E6D4BF72}??????????MTP?{E??? ?????
Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route   ???m?????s??????????? ???i??????????????????????????t????????m???|???i???o??? ???????k???????????i?,??????????????????????s?????? ???????F?????A7-??? ???????k?????????????,?????????????????f??? ???????k?????l???????0??L????????? ??????????????l???l???l????????? ???????l?????l???????0????????????&???????????????????????? ???????l?????l???????0????????????????????????-8??? ???????l???????????h?0?????????????????????????????B??NT?????l????? ???????l?????l???????0???????????????????????l???l????? ???????l???????????h?0?????????????????????????????A??tI???????i???o?????????????????l????? ???????l?????l???????0????????????&??????????????????????????l???l????? ???????l?????l???????0????????????????????? ???????l???????????i?0???????????????????????????????????????????t???????????????????????????l????? ???????l?????l???????0?????????????????????????????B??? ???????l???????????i?0????????????????????1394 OHCI Compliant Host Controller??????z?z?s???r?????l????? ???????l?????l???????0???????????????????????????????????
Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export  ?????????????????????????8??????????*6to4mp?A8??? ?????????????????????0????????????????????? ???????????????????m?0?????????????????????????????????????2??CF???????????A??8E??*6to4mp?48??? ?????????????????????0????????????????????? ?????????????????????0?????????????????????????????????????7??CE???????????3??0-??????D7??? ?????????????????????0????????????&????????????????????8??????????????? ?????????????????????0????????????????????? ?????????????????????0????????~????????????????????????????C??9}????~??????4??1A??nettun.inf:Microsoft.NTamd64:6to4mp.ndi:6.1.7600.16385:*6to4mp?}"???????A9???????????5???e??tunnel?248??? .??????2?????C95??Microsoft 6to4 Adapter??"{??????????????????????????????????????????04??? ?????????????????????0??????????????????????????????????????????????????????800544A-96C8??? ?????????????????????0????????.???????????Microsoft 6to4 Adapter?EC7??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter?0C???????????????????????????????4?????s9E??? ??????????????????????????????`??????
Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind                                                                            ????????System32\drivers\volmgrx.sys????int???????R??t?????????e??????????????????????X?????????????????????????????????????*6to4mp??6??????????????????????????????????????????????*6to4mp???????X??????t???t??????????????????????????????????6-21-2006????? ??t???????<????N??????&???????&??\Device\LanmanRedirector????Microsoft Windows Network?????N??s?????????e????@%systemroot%\system32\wkssvc.dll,-102????????F??s??????????????%SystemRoot%\System32\ntlanman.dll???????s?s?s?s????? ???????s???????????s????????0?B??? ???????????? B??s??????????????%SystemRoot%\System32\wkssvc.dll?????s???????????????????????????????????????????????d???????????????????????e?????s?????t??????????????????????????????????????????ms???s?s?s?s?s?s???????s???s???s????????? ???????n?????s?????s????????&????????????????????????????????y????? ???????s???????????????????????????????g??? ???????n?????s?????n?,?????? ?`????????S??%systemroot%\system32\w32time.dll?????<??t????????h?????????????????H????????????????????????????????????????? ??g?
Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route                                                                           ????Ty????????????????????N??????????????P??????int?1a??????????????os??????????v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=445|App=System|Name=@FirewallAPI.dll,-28515|Desc=@FirewallAPI.dll,-28518|EmbedCtxt=@FirewallAPI.dll,-28502|??????????z???????????????????????????????????????y???????<???????=?????? z????????????n??????????y???????????????????:???7???e??v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-32027|Desc=@FirewallAPI.dll,-32030|EmbedCtxt=@FirewallAPI.dll,-32002|????text?5??6to4mp.ndi?P\0??????????????? "??y???;??????????????????????????????????????LocalSystem??y??v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|?????? ??????????????????????????????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App
Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export                                                                          ????????? ???????|??????????Net?er???????z???????s???????????????f???????e???? ??i???t???????????????{?{?{?{?????z??????????????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=135|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|?????? ???????????????????????????/???????????????????????????????e???0???????????????????????????????????????????????n??system32\DRIVERS\udfs.sys????z????N??????_???????z???????????z???????????z??????????????????mouhid??????????????????tt??Net??????????z???????????????l???????????????????z???????????????e??????????????????????????6.1.7600.16385?l????????B9???????????????????????????????????F?????????d64???????????l???e??????????????????????????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dl
Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind                                                                       ????os????????????????????????<??????d???????E??????????????????????6.1.7600.16385?459??Typ?????????[?????????????????????N?????????????????????????{904204F3-1D63-488F-B43A-F01C3E36A31B}???????????????t???????s???????????0??????Lo????$??????9???????-??CD??????E7??tunnel?mll??? ?????????????????????,??"?????p???????ct????X??????1????????N??????6????DLoc??{4d36e972-e325-11ce-bfc1-08002be10318}?\sy???????????o??se??Net?=u??? ???????e?????ewa??*6to4mp??3??? ????????????????????????????$?N???????????{4d36e972-e325-11ce-bfc1-08002be10318}\0022?ow????????????????????????N?????????????????{3694BE9E-12E0-43CA-81C4-6BB7F3A4E38C}?S?????????????y???????????????x???????s??? ???????d?????all???????????7????????????????`?????????????? ?????????????????????0??????????g?&???????????????????????? ???????????????????k?0??????*?F??? ????????????????????????????l???????????????????????i????????????F??????r??ri??Anslutning till lokalt n?tverk* 16????????????????????????X??????????????????0????F??????m???m????:?????????????Net?ro?
Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route                                                                      ????????Net?Ne???y??????????????6.1.7600.16385??????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=136:*|Name=@FirewallAPI.dll,-25027|Desc=@FirewallAPI.dll,-25032|EmbedCtxt=@FirewallAPI.dll,-25000|??;???y??????????v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=2|App=System|Name=@FirewallAPI.dll,-25376|Desc=@FirewallAPI.dll,-25382|EmbedCtxt=@FirewallAPI.dll,-25000|????????????v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|??API.dll,-28502|???????????????????e???????????y???????y??????????Typ???????X??????|?????????|?????? ??y?????~?????????y??????????????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=2|App=System|Name=@FirewallAPI.dll,-25377|Desc=@FirewallAPI.dll,-25382|EmbedCtxt=@FirewallAPI.dll,-25000|????;??????m???????????????????????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=5355|RA4=LocalSubnet|RA6=LocalS
Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export                                                                     ????????????s????????????????s???????i??????????6.1.7600.16385??6.???????????????????????i??????????netavpna.inf?????????h??? ???????????????????F???????????????????????????????w?}?z???i?j?j???u?u?u????N??i?????????D????Ndi-Mp-Ip???????????????????nn????????????????????????X??????&???&???????????D???e???z?z???????k?????i?i?????????????????????????h???????????????v??????????? `??i????????????????X??????c???.???????h???i??Vp???????h?????????????????????????s????? ??????????????x????????h???m??????Nd??????????????????.NTAMD64????????????????????@netrasa.inf,%msft%;Microsoft???
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databasversion: 4825

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2010-10-14 23:53:50
mbam-log-2010-10-14 (23-53-50).txt

Skanningstyp: Fullstndig skanning (C:\|D:\|)
Antal skannade objekt: 320542
Frfluten tid: 1 timme(ar), 9 minut(er), 56 sekund(er)

Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 0
Infekterade registervrden: 0
Infekterade registerdataposter: 0
Infekterade mappar: 0
Infekterade filer: 0

Infekterade minnesprocesser:
(Inga illasinnade poster hittades)

Infekterade minnesmoduler:
(Inga illasinnade poster hittades)

Infekterade registernycklar:
(Inga illasinnade poster hittades)

Infekterade registervrden:
(Inga illasinnade poster hittades)

Infekterade registerdataposter:
(Inga illasinnade poster hittades)

Infekterade mappar:
(Inga illasinnade poster hittades)

Infekterade filer:
(Inga illasinnade poster hittades)
2
Contributors
3
Replies
5
Views
7 Years
Discussion Span
Last Post by Rik_
0

I came across this problem 2 days ago. The symptoms seem identical. It was a laptop and with some testing I found the southbridge on the laptop to be faulty. I suspect a faulty timer somewhere on the motherboard. I didn't find a cure.

0

Hi Rik,

Thx for your reply.

Is there any way for a layman like myself to test if I have the same fault in my southbridge? If I could confirm that's the problem I could give up on trying to fix it. It might even constitute a reason under the warranty for HP to give me a new machine.

Thx again!

0

The onlt way I was able to test the laptop was to remove it's built in keyboard and mouse pad and run it with USB one's instead. Something like that won't be so easy on your machine. Seeing as it's still under warranty, get HP to sort it!

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.