Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojan.Agent detected by MBAM

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Trojan.Agent detected by MBAM

Unread postby wojmur » March 28th, 2011, 4:45 am

Hello,

As part of my periodical meintenance I've just updated MBAM and ran a scan. It reported the following item:

Files Infected:
c:\Users\Bartybum\downloads\lockerz_money_generator.exe (Trojan.Agent) -> No action taken.

Before I allow MBAM to remove this file I'd like to make sure it hasn't done any more damage. The name in brackets sounds scary. That file has been living on the system for about half a year now. As far as I know it was only run a few times just after being foolishly donloaded, and not touched since then. All previous MBAM scans haven't indicated any problems. One of the recent updates must have triggered the alarm.

Please kindly help to clean this PC. Below are obligatory DDS logs.

Kind Regards

wojmur

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by admin at 19:28:08.15 on Mon 28/03/2011
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4087.2797 [GMT 11:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Rebit 5\Rebit-5-Svc.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Rebit 5\DashUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Palm\Hotsync.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\admin\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:

\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files

(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - C:\Program Files

(x86)\LastPass\LPBar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:

\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files

(x86)\Java\jre6\bin\jp2ssv.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass

\LPBar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver

\Application\nusb3mon.exe"
mRun: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HOTSYN~1.LNK - C:\Program

Files (x86)\Palm\Hotsync.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program

Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program

Files (x86)\LastPass\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program

Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} -

hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24

-windows-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} -

hxxp://www.worldwinner.com/games/launch ... wwload.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24

-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24

-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vralisausydhb11.connectge.com/dana-

cached/sc/JuniperSetupClient.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files

\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:

\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:

\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program

Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program

Files (x86)\LastPass\LPBar64.dll
BHO-X64: LastPass Browser Helper Object - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:

\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll
TB-X64: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files

(x86)\LastPass\LPBar64.dll
mRun-x64: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
mRun-x64: [Rebit 5 Dashboard] "C:\Program Files\Rebit 5\DashUI.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:

\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2281q640.default\
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2009-12-4 93808]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-6

-18 188928]
R1 pctgntdi;pctgntdi;C:\Windows\System32\drivers\pctgntdi64.sys [2010-2-21 306648]
R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

[2009-12-4 3505264]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus;C:\Program Files (x86)\PC Tools Firewall Plus

\FWService.exe [2010-2-21 818432]
R2 Rebit-5-Svc;Rebit 5 Svc;C:\Program Files\Rebit 5\Rebit-5-Svc.exe [2011-3-15 4902648]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-1-

11 399416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA

Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-7 378984]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys

[2009-6-18 40832]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10

-24 72064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware

\NisSrv.exe [2010-11-11 282616]
R3 OEM03Afx;Provides a software interface to control audio effects of OEM003 camera.;C:\Windows

\System32\drivers\OEM03Afx.sys [2007-6-8 212864]
R3 OEM03Vfx;Creative Camera OEM003 Video VFX Driver;C:\Windows\System32\drivers\OEM03Vfx.sys

[2007-3-5 12288]
R3 OEM03Vid;Creative Camera OEM003 Driver;C:\Windows\System32\drivers\OEM03Vid.sys [2007-4-25

266944]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;C:\Windows\System32\drivers

\pctNdis-PacketFilter64.sys [2010-2-21 95504]
R3 pctNDIS;PC Tools Driver;C:\Windows\System32\drivers\pctNdis64.sys [2010-2-21 81584]
R3 pctplfw;pctplfw;C:\Windows\System32\drivers\pctplfw64.sys [2010-2-21 164496]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-20 347680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows

\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows

\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[2010-9-26 136176]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid

Storage Technology\IAStorDataMgrSvc.exe [2010-11-6 13336]
S2 RebitSysMonSvc;Rebit System Monitor;C:\Program Files (x86)\Rebit\bin\RebitSysMon.exe --> C:

\Program Files (x86)\Rebit\bin\RebitSysMon.exe [?]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2010-1-5 12744]
S3 etdrv;etdrv;C:\Windows\etdrv.sys [2010-2-9 25640]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2010-2-9 30528]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:

\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-11

-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers

\nusb3xhc.sys [2009-11-20 177152]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared

\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-1-11

993848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-15 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe

[2010-4-14 1255736]
.
=============== Created Last 30 ================
.
2011-03-28 08:17:43 8424784 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware

\Definition Updates\{EC5B5FB6-03BB-446F-9411-AA17B1CD906C}\mpengine.dll
2011-03-28 08:05:18 -------- d-----w- C:\Program Files\iTunes
2011-03-28 08:05:18 -------- d-----w- C:\Program Files\iPod
2011-03-28 08:05:18 -------- d-----w- C:\Program Files (x86)\iTunes
2011-03-28 08:04:04 -------- d-----w- C:\Program Files\Bonjour
2011-03-28 08:04:04 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-03-28 07:54:21 -------- d-----w- C:\Users\admin\AppData\Local\Secunia PSI
2011-03-25 20:50:32 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware

\Definition Updates\NISBackup\gapaengine.dll
2011-03-25 20:50:29 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware

\Definition Updates\{7F8A2624-FE42-4754-AB36-ECE99E1CA7BA}\gapaengine.dll
2011-03-15 13:02:09 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-03-15 13:02:09 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-03-15 12:42:49 -------- d-----w- C:\Windows\System32\SPReview
2011-03-15 12:42:39 -------- d-----w- C:\Windows\System32\EventProviders
2011-03-15 12:40:59 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-03-15 12:39:59 90112 ----a-w- C:\Windows\SysWow64\olepro32.dll
2011-03-15 12:37:53 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-03-15 12:37:53 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-03-15 12:37:53 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
2011-03-15 12:37:45 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2011-03-15 12:37:42 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
2011-03-15 12:37:09 422912 ----a-w- C:\Windows\System32\drvstore.dll
2011-03-15 12:37:09 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-03-13 10:19:57 12067528 ----a-w- C:\Program Files (x86)\Common Files

\lpuninstall.exe
2011-03-13 10:19:53 -------- d-----w- C:\Program Files (x86)\LastPass
2011-03-13 10:11:59 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox

\components\browsercomps.dll
2011-03-13 10:11:58 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox

\mozsqlite3.dll
2011-03-13 10:11:58 728024 ----a-w- C:\Program Files (x86)\Mozilla Firefox

\libGLESv2.dll
2011-03-13 10:11:58 1975768 ----a-w- C:\Program Files (x86)\Mozilla Firefox

\D3DCompiler_42.dll
2011-03-13 10:11:58 1893336 ----a-w- C:\Program Files (x86)\Mozilla Firefox

\d3dx9_42.dll
2011-03-13 10:11:58 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-13 10:11:58 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox

\mozalloc.dll
2011-03-13 10:11:58 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-03-10 12:14:07 -------- d-----w- C:\Program Files\Rebit 5
2011-03-10 12:13:48 -------- d-----w- C:\PROGRA~3\Rebit 5
2011-02-27 12:33:50 -------- d-----w- C:\Windows\System32\.working
.
==================== Find3M ====================
.
2011-03-15 12:47:56 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-03-15 12:47:56 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-02-26 09:10:47 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-02 10:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-07 12:17:52 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 12:17:52 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 09:51:01 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-01-07 09:49:34 795752 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll
2011-01-07 09:49:28 6143080 ----a-w- C:\Windows\System32\nvcpl.dll
2011-01-07 09:49:10 3156072 ----a-w- C:\Windows\System32\nvsvc64.dll
2011-01-07 09:48:58 61032 ----a-w- C:\Windows\System32\nvshext.dll
2011-01-07 09:48:58 117864 ----a-w- C:\Windows\System32\nvmctray.dll
2011-01-07 09:48:58 1005160 ----a-w- C:\Windows\System32\nvvsvc.exe
2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 07:46:34 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:46:34 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 06:01:22 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 10:34:00 612864 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 06:56:24 3129344 ----a-w- C:\Windows\System32\win32k.sys
2011-01-05 05:55:55 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 19:30:10.62 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 31/12/2009 12:22:18 AM
System Uptime: 28/03/2011 7:26:23 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | P55A-UD4P
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz | Socket 1156 | 2661/148mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 701.807 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {85b5ddd0-e090-4b15-bdf2-a443a3ca0b66}
Description: ATITool Driver
Device ID: ROOT\*ATITOOLDEVICE\0000
Manufacturer: W1zzard
Name: ATITool Driver
PNP Device ID: ROOT\*ATITOOLDEVICE\0000
Service: ATITool
.
Class GUID:
Description: Marvell 91xx Config ATA Device
Device ID: IDE\PROCESSORMARVELL_91XX_CONFIG_____________________1.01____\6&2194DD24&0&1.1.0
Manufacturer:
Name: Marvell 91xx Config ATA Device
PNP Device ID: IDE\PROCESSORMARVELL_91XX_CONFIG_____________________1.01____\6&2194DD24&0&1.1.0
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
@BIOS
Addit! Pro For Flight Simulator X
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Alien Swarm
Alphasim Westland Lynx Modified for FSX
Apple Application Support
Apple Software Update
Assassin's Creed
Assassin's Creed II
Auslogics Disk Defrag
Boeing 797 Build 1.0
CDBurnerXP
Cities XL
Cities XL 2011
City Life 2008 Demo
Combat Arms
D3DX10
Definition update for Microsoft Office 2010 (KB982726)
DiRT 2
Easy Tune 6 B10.0130.1
FlatOut Demo
Flight Control HD
Foxit Reader
FSX Project Rhino 58
Garry's Mod
GIMP 2.6.11
Google Earth Plug-in
Google SketchUp 7
Google Update Helper
Half-Life
Half-Life 2: Episode One
Half-Life 2: Episode Two
Halo 2 for Windows Vista
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 24
Juniper Networks Host Checker
Juniper Networks Network Connect 6.3.0
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client
Just Cause 2
LastPass (uninstall only)
Lead and Gold - Gangs of the Wild West
LEGO Digital Designer
Mafia II - Demo
Malwarebytes' Anti-Malware
Messenger Plus! Live
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 4.0 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NEC Electronics USB 3.0 Host Controller Driver
Need for Speed™ Carbon
Need for Speed™ ProStreet
Need For Speed™ World
neroxml
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
Palm Desktop by ACCESS
Pando Media Booster
PC Tools Firewall Plus 6.0
Portal: First Slice
Prototype(TM)
QuickTime
Rail Simulator
Rapture3D 2.3.26 Game
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
RollerCoaster Tycoon 3 Platinum
Secunia PSI (2.0.0.3001)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Shattered Horizon
Ship Simulator Extremes Demo
SimCity 3000
Skype web features
Skype™ 4.2
SpeedFan (remove only)
Star Wars Battlefront
Steam
System Requirements Lab
System Requirements Lab for Intel
Tilt Rotor (FSX)
Trainz Paint Shed
TrainzObjectz 6.0 Build 544
TRS2004
Ubisoft Game Launcher
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2289116)
Wilson River Scenery FSX 1.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Wings of Prey - Demo
.
==== Event Viewer Messages From Past Week ========
.
28/03/2011 7:27:02 PM, Error: Service Control Manager [7000] - The Rebit System Monitor service

failed to start due to the following error: The system cannot find the file specified.
28/03/2011 7:22:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
28/03/2011 7:22:14 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in

Assistant service failed to start due to the following error: The service did not respond to the

start or control request in a timely fashion.
28/03/2011 7:05:20 PM, Error: Service Control Manager [7032] - The Service Control Manager tried

to take a corrective action (Restart the service) after the unexpected termination of the Apple

Mobile Device service, but this action failed with the following error: An instance of the

service is already running.
28/03/2011 7:04:20 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service

terminated unexpectedly. It has done this 2 time(s). The following corrective action will be

taken in 60000 milliseconds: Restart the service.
28/03/2011 7:04:11 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service

terminated unexpectedly. It has done this 1 time(s). The following corrective action will be

taken in 60000 milliseconds: Restart the service.
28/03/2011 6:39:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the NVIDIA Stereoscopic 3D Driver Service service to connect.
28/03/2011 6:39:37 PM, Error: Service Control Manager [7000] - The NVIDIA Stereoscopic 3D Driver

Service service failed to start due to the following error: The service did not respond to the

start or control request in a timely fashion.
24/03/2011 6:12:32 PM, Error: Service Control Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the Blue Coat K9 Web Protection service to connect.
24/03/2011 6:09:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000

milliseconds) while waiting for the Steam Client Service service to connect.
24/03/2011 6:09:53 PM, Error: Service Control Manager [7000] - The Steam Client Service service

failed to start due to the following error: The service did not respond to the start or control

request in a timely fashion.
23/03/2011 8:35:38 PM, Error: bowser [8003] - The master browser has received a server

announcement from the computer YOSHISLAPTOP that believes that it is the master browser for the

domain on transport NetBT_Tcpip_{15A908CA-E9FB-4F86-8125-CF9E50434470}. The master browser is

stopping or an election is being forced.
22/03/2011 9:33:48 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while

attempting to read the local hosts file.
21/03/2011 7:13:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds)

was reached while waiting for a transaction response from the ShellHWDetection service.
.
==== End Of File ===========================
wojmur
Regular Member
 
Posts: 41
Joined: December 1st, 2009, 6:38 am
Location: down the hill past police academy
Advertisement
Register to Remove

Re: Trojan.Agent detected by MBAM

Unread postby deltalima » March 31st, 2011, 8:47 am

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Trojan.Agent detected by MBAM

Unread postby deltalima » March 31st, 2011, 8:55 am

Hi wojmur,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Please Note:
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Please let me know what network the following software is used to connect to.

Juniper Networks Host Checker
Juniper Networks Network Connect 6.3.0
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client


Word Wrap in Notepad

In order to make the reports I ask for, more readable, I need you to make sure Word Wrap is off in Notepad:
  • Open Notepad ... on the Commands Toolbar click Format.
  • Make sure Word Wrap is unchecked, then close Notepad.

Now please run DDS again and post both logs.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Trojan.Agent detected by MBAM

Unread postby wojmur » March 31st, 2011, 4:32 pm

Hi deltalima, thank you for looking after me.

I believe the Juniper software is the means for me to remotely access the email system at work, should I wish to. This is completely optional and I can remove this, if you wish.

Sorry for the word wrap, I was wondering myself why it's so difficult to read my post :(

The new logs will follow shortly.
wojmur
Regular Member
 
Posts: 41
Joined: December 1st, 2009, 6:38 am
Location: down the hill past police academy

DDS.txt

Unread postby wojmur » March 31st, 2011, 4:33 pm

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by admin at 7:22:29.80 on Fri 01/04/2011
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4087.1984 [GMT 11:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Rebit 5\Rebit-5-Svc.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Rebit 5\DashUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Palm\Hotsync.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\admin\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - C:\Program Files (x86)\LastPass\LPBar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HOTSYN~1.LNK - C:\Program Files (x86)\Palm\Hotsync.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launch ... wwload.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vralisausydhb11.connectge.com/d ... Client.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll
BHO-X64: LastPass Browser Helper Object - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll
mRun-x64: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
mRun-x64: [Rebit 5 Dashboard] "C:\Program Files\Rebit 5\DashUI.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2281q640.default\
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2009-12-4 93808]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-6-18 188928]
R1 pctgntdi;pctgntdi;C:\Windows\System32\drivers\pctgntdi64.sys [2010-2-21 306648]
R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2009-12-4 3505264]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-6 13336]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus;C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe [2010-2-21 818432]
R2 Rebit-5-Svc;Rebit 5 Svc;C:\Program Files\Rebit 5\Rebit-5-Svc.exe [2011-3-15 4902648]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-1-11 399416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-7 378984]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2009-6-18 40832]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 OEM03Afx;Provides a software interface to control audio effects of OEM003 camera.;C:\Windows\System32\drivers\OEM03Afx.sys [2007-6-8 212864]
R3 OEM03Vfx;Creative Camera OEM003 Video VFX Driver;C:\Windows\System32\drivers\OEM03Vfx.sys [2007-3-5 12288]
R3 OEM03Vid;Creative Camera OEM003 Driver;C:\Windows\System32\drivers\OEM03Vid.sys [2007-4-25 266944]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;C:\Windows\System32\drivers\pctNdis-PacketFilter64.sys [2010-2-21 95504]
R3 pctNDIS;PC Tools Driver;C:\Windows\System32\drivers\pctNdis64.sys [2010-2-21 81584]
R3 pctplfw;pctplfw;C:\Windows\System32\drivers\pctplfw64.sys [2010-2-21 164496]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-20 347680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-26 136176]
S2 RebitSysMonSvc;Rebit System Monitor;C:\Program Files (x86)\Rebit\bin\RebitSysMon.exe --> C:\Program Files (x86)\Rebit\bin\RebitSysMon.exe [?]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2010-1-5 12744]
S3 etdrv;etdrv;C:\Windows\etdrv.sys [2010-2-9 25640]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2010-2-9 30528]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-11-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2009-11-20 177152]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-1-11 993848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-15 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-14 1255736]
.
=============== Created Last 30 ================
.
2011-03-31 20:18:01 8424784 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{63738F47-D770-4246-B34F-6F7D7EAAFF2C}\mpengine.dll
2011-03-28 08:05:18 -------- d-----w- C:\Program Files\iTunes
2011-03-28 08:05:18 -------- d-----w- C:\Program Files\iPod
2011-03-28 08:05:18 -------- d-----w- C:\Program Files (x86)\iTunes
2011-03-28 08:04:04 -------- d-----w- C:\Program Files\Bonjour
2011-03-28 08:04:04 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-03-28 07:54:21 -------- d-----w- C:\Users\admin\AppData\Local\Secunia PSI
2011-03-25 20:50:32 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-03-25 20:50:29 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{7F8A2624-FE42-4754-AB36-ECE99E1CA7BA}\gapaengine.dll
2011-03-15 13:02:09 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-03-15 13:02:09 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-03-15 12:42:49 -------- d-----w- C:\Windows\System32\SPReview
2011-03-15 12:42:39 -------- d-----w- C:\Windows\System32\EventProviders
2011-03-15 12:40:59 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-03-15 12:39:59 90112 ----a-w- C:\Windows\SysWow64\olepro32.dll
2011-03-15 12:37:53 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-03-15 12:37:53 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-03-15 12:37:53 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
2011-03-15 12:37:45 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2011-03-15 12:37:42 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
2011-03-15 12:37:09 422912 ----a-w- C:\Windows\System32\drvstore.dll
2011-03-15 12:37:09 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-03-13 10:19:57 12067528 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2011-03-13 10:19:53 -------- d-----w- C:\Program Files (x86)\LastPass
2011-03-13 10:11:59 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-13 10:11:58 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-13 10:11:58 728024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-13 10:11:58 1975768 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-13 10:11:58 1893336 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-13 10:11:58 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-13 10:11:58 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-13 10:11:58 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-03-10 12:14:07 -------- d-----w- C:\Program Files\Rebit 5
2011-03-10 12:13:48 -------- d-----w- C:\PROGRA~3\Rebit 5
.
==================== Find3M ====================
.
2011-03-15 12:47:56 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-03-15 12:47:56 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-02-26 09:10:47 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-02 10:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-07 12:17:52 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 12:17:52 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 09:51:01 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-01-07 09:49:34 795752 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll
2011-01-07 09:49:28 6143080 ----a-w- C:\Windows\System32\nvcpl.dll
2011-01-07 09:49:10 3156072 ----a-w- C:\Windows\System32\nvsvc64.dll
2011-01-07 09:48:58 61032 ----a-w- C:\Windows\System32\nvshext.dll
2011-01-07 09:48:58 117864 ----a-w- C:\Windows\System32\nvmctray.dll
2011-01-07 09:48:58 1005160 ----a-w- C:\Windows\System32\nvvsvc.exe
2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 07:46:34 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:46:34 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 06:01:22 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 10:34:00 612864 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 06:56:24 3129344 ----a-w- C:\Windows\System32\win32k.sys
2011-01-05 05:55:55 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 7:24:00.91 ===============
wojmur
Regular Member
 
Posts: 41
Joined: December 1st, 2009, 6:38 am
Location: down the hill past police academy

Attach.txt

Unread postby wojmur » March 31st, 2011, 4:34 pm

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 31/12/2009 12:22:18 AM
System Uptime: 31/03/2011 7:12:08 AM (24 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | P55A-UD4P
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz | Socket 1156 | 2661/148mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 698.555 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {85b5ddd0-e090-4b15-bdf2-a443a3ca0b66}
Description: ATITool Driver
Device ID: ROOT\*ATITOOLDEVICE\0000
Manufacturer: W1zzard
Name: ATITool Driver
PNP Device ID: ROOT\*ATITOOLDEVICE\0000
Service: ATITool
.
Class GUID:
Description: Marvell 91xx Config ATA Device
Device ID: IDE\PROCESSORMARVELL_91XX_CONFIG_____________________1.01____\6&2194DD24&0&1.1.0
Manufacturer:
Name: Marvell 91xx Config ATA Device
PNP Device ID: IDE\PROCESSORMARVELL_91XX_CONFIG_____________________1.01____\6&2194DD24&0&1.1.0
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
@BIOS
Addit! Pro For Flight Simulator X
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Alien Swarm
Alphasim Westland Lynx Modified for FSX
Apple Application Support
Apple Software Update
Assassin's Creed
Assassin's Creed II
Auslogics Disk Defrag
Boeing 797 Build 1.0
CDBurnerXP
Cities XL
Cities XL 2011
City Life 2008 Demo
Combat Arms
D3DX10
Definition update for Microsoft Office 2010 (KB982726)
DiRT 2
Easy Tune 6 B10.0130.1
FlatOut Demo
Flight Control HD
Foxit Reader
FSX Project Rhino 58
Garry's Mod
GIMP 2.6.11
Google Earth Plug-in
Google SketchUp 7
Google Update Helper
Half-Life
Half-Life 2: Episode One
Half-Life 2: Episode Two
Halo 2 for Windows Vista
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 24
Juniper Networks Host Checker
Juniper Networks Network Connect 6.3.0
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client
Just Cause 2
LastPass (uninstall only)
Lead and Gold - Gangs of the Wild West
LEGO Digital Designer
Mafia II - Demo
Malwarebytes' Anti-Malware
Messenger Plus! Live
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 4.0 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NEC Electronics USB 3.0 Host Controller Driver
Need for Speed™ Carbon
Need for Speed™ ProStreet
Need For Speed™ World
neroxml
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
Palm Desktop by ACCESS
Pando Media Booster
PC Tools Firewall Plus 6.0
Portal: First Slice
Prototype(TM)
QuickTime
Rail Simulator
Rapture3D 2.3.26 Game
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
RollerCoaster Tycoon 3 Platinum
Secunia PSI (2.0.0.3001)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Shattered Horizon
Ship Simulator Extremes Demo
SimCity 3000
Skype web features
Skype™ 4.2
SpeedFan (remove only)
Star Wars Battlefront
Steam
System Requirements Lab
System Requirements Lab for Intel
Tilt Rotor (FSX)
Trainz Paint Shed
TrainzObjectz 6.0 Build 544
TRS2004
Ubisoft Game Launcher
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2289116)
Wilson River Scenery FSX 1.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Wings of Prey - Demo
.
==== Event Viewer Messages From Past Week ========
.
31/03/2011 7:12:47 AM, Error: Service Control Manager [7000] - The Rebit System Monitor service failed to start due to the following error: The system cannot find the file specified.
28/03/2011 7:22:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
28/03/2011 7:22:14 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
28/03/2011 7:05:20 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
28/03/2011 7:04:20 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
28/03/2011 7:04:11 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
28/03/2011 6:39:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the NVIDIA Stereoscopic 3D Driver Service service to connect.
28/03/2011 6:39:37 PM, Error: Service Control Manager [7000] - The NVIDIA Stereoscopic 3D Driver Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
wojmur
Regular Member
 
Posts: 41
Joined: December 1st, 2009, 6:38 am
Location: down the hill past police academy

Re: Trojan.Agent detected by MBAM

Unread postby Wingman » March 31st, 2011, 8:23 pm

Business Use Computer
It appears you are using your computer for business purposes or connecting to a business network.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.

This topic is now closed.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14110
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 43 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware