Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Possible Trojan, Windows Firewall Disabled

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Possible Trojan, Windows Firewall Disabled

Unread postby Tiramisu » October 28th, 2011, 5:28 pm

Yesterday, one of my friends used my computer to watch a tv show online. When I returned, I found a notice that windows firewall had been disabled. When I tried to reenable it through the prompt I got the error: Action Center can't turn on Windows Firewall. When I attempted to turn it on manually, I had the error code: indows Firewall can't change some of your settings. Error code 0x8007042c.

Here are the DDS and attach log files.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Alvin at 16:13:24 on 2011-10-28
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.1524 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\Alvin\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
C:\Users\Alvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Users\Alvin\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Alvin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\PROGRA~2\MICROS~2\Office12\OUTLOOK.EXE
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Users\Alvin\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Alvin\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Google Update] "C:\Users\Alvin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostart
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [F.lux] "C:\Users\Alvin\Local Settings\Apps\F.lux\flux.exe" /noshow
uRun: [KeePass Password Safe 2] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe"
mRun: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
mRun: [Name of App] C:\Program Files (x86)\SAMSUNG\FW LiveUpdate\FWManager.exe r
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Alvin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Alvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Alvin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7B947328-5845-4985-AFBE-729494D9F34A} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
mRun-x64: [Name of App] C:\Program Files (x86)\SAMSUNG\FW LiveUpdate\FWManager.exe r
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [(Default)]
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-8 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-6-4 219360]
R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2010-6-4 68136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-8-4 2329480]
R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-7-28 5790064]
R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-7-28 487280]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 UsbFltr;WayTech USB Filter Driver;C:\Windows\system32\Drivers\UsbFltr.sys --> C:\Windows\system32\Drivers\UsbFltr.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-6-3 1153368]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-28 128928]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-10-28 04:39:58 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F171FC0-2FCF-4C91-8CBF-1FAAC0E2DCA3}\offreg.dll
2011-10-28 04:01:12 9049936 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-28 04:00:59 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F171FC0-2FCF-4C91-8CBF-1FAAC0E2DCA3}\mpengine.dll
2011-10-28 04:00:16 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAC5043E-BD56-4C0D-8990-4938708CB60C}\gapaengine.dll
2011-10-28 03:50:53 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-10-28 03:50:36 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-10-28 03:47:24 388096 ----a-r- C:\Users\Alvin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-28 03:47:23 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-10-28 02:03:22 -------- d-----w- C:\Program Files (x86)\SEGA
2011-10-28 02:02:46 -------- d-----we C:\Windows\system64
2011-10-27 05:35:33 -------- d-----w- C:\Program Files (x86)\Gemini Rue
2011-10-18 22:25:57 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-10-18 22:09:25 270336 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-10-18 22:09:20 310784 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-10-18 22:09:19 5428736 ----a-w- C:\Windows\System32\atiumd64.dll
2011-10-18 22:09:17 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-10-18 22:09:14 3888640 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-10-18 22:09:12 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-10-18 22:09:12 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-10-18 22:09:09 15360 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-10-13 22:27:58 3138048 ----a-w- C:\Windows\System32\win32k.sys
2011-10-13 22:27:57 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-10-13 22:27:57 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-10-13 22:27:57 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-10-13 22:27:56 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-10-13 22:27:35 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-13 22:27:35 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-13 22:27:35 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-10-13 22:27:35 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-10-12 23:52:18 -------- d-----w- C:\Program Files\iPod
2011-10-12 23:52:15 -------- d-----w- C:\Program Files\iTunes
2011-10-12 23:48:30 -------- d-----w- C:\Program Files\Bonjour
2011-10-12 23:48:30 -------- d-----w- C:\Program Files (x86)\Bonjour
.
==================== Find3M ====================
.
2011-10-28 04:40:00 25640 ----a-w- C:\Windows\gdrv.sys
2011-10-18 22:09:25 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-10-18 22:09:23 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-10-18 22:09:09 24229376 ----a-w- C:\Windows\System32\atio6axx.dll
2011-10-18 22:09:07 4204032 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-10-03 10:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-09-14 16:47:42 60416 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-09-14 16:47:40 53760 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-09-14 16:47:10 16652288 ----a-w- C:\Windows\System32\amdocl64.dll
2011-09-14 16:46:58 13625856 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-09-14 16:38:30 44032 ----a-w- C:\Windows\System32\amdoclcl64.dll
2011-09-14 16:38:28 37376 ----a-w- C:\Windows\SysWow64\amdoclcl.dll
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 04:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-08-31 04:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-08-31 04:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-08-31 04:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-08-01 20:59:06 45416 ----a-w- C:\Windows\System32\drivers\point64.sys
.
============= FINISH: 16:14:07.01 ===============

Attach file


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 6/3/2010 6:55:21 PM
System Uptime: 10/27/2011 11:39:32 PM (17 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA785GMT-UD2H
Processor: AMD Athlon(tm) II X2 250 Processor | Socket M2 | 3000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 72.098 GiB free.
D: is CDROM (CDFS)
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {85b5ddd0-e090-4b15-bdf2-a443a3ca0b66}
Description: ATITool Driver
Device ID: ROOT\*ATITOOLDEVICE\0000
Manufacturer: W1zzard
Name: ATITool Driver
PNP Device ID: ROOT\*ATITOOLDEVICE\0000
Service: ATITool
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Windows Firewall Authorization Driver
Device ID: ROOT\LEGACY_MPSDRV\0000
Manufacturer:
Name: Windows Firewall Authorization Driver
PNP Device ID: ROOT\LEGACY_MPSDRV\0000
Service: mpsdrv
.
==== System Restore Points ===================
.
RP926: 10/17/2011 8:51:55 AM - Windows Update
RP927: 10/20/2011 4:07:23 PM - Windows Update
RP928: 10/24/2011 12:55:27 AM - Windows Update
RP929: 10/25/2011 9:22:12 PM - Installed Java(TM) 6 Update 29
RP930: 10/26/2011 3:00:28 AM - Windows Update
RP932: 10/27/2011 10:05:31 PM - Microsoft Forefront Client Security Checkpoint
RP933: 10/27/2011 10:46:04 PM - Installed HiJackThis
RP934: 10/27/2011 10:48:02 PM - Removed Microsoft Forefront Client Security Antimalware Service
RP935: 10/27/2011 10:49:29 PM - Removed Microsoft Forefront Client Security State Assessment Service
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
A.R.E.S.
Acrobat.com
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.6
Adobe Shockwave Player 11.5
Advertising Center
Age of Empires III: Complete Collection
Alien Swarm
AMD VISION Engine Control Center
And Yet It Moves
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
Aquaria
ATI Catalyst Registration
ATITool Overclocking Utility
Atom Zombie Smasher
Bamboo
Bandisoft MPEG-1 Decoder
Battlefield: Bad Company 2
Bejeweled 3
Ben There, Dan That!
Big Brain Wolf
Bing Bar
Bing Rewards Client Installer
Blood Bowl: Legendary Edition
Braid
Browser Configuration Utility
BulletStorm
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
CDisplay 1.8
Chime
Codename Gordon
Cogs
Combined Community Codec Pack 2009-09-09
Crayon Physics Deluxe
Crysis
Crysis Warhead
Crysis Wars
Dark Messiah Might and Magic Single Player
Deus Ex: Human Revolution
DFOLauncher
Diamond Dan
Din's Curse 1.02
Divinity II - The Dragon Knight Saga
DivX Setup
DolbyFiles
DragonNest
Dropbox
Droplitz
Dungeons and Dragons Daggerdale
Dungeons of Dredmor
EA Download Manager
EasySaver B9.0904.1
Eets
Eufloria
Everyday Genius: SquareLogic
F.lux
Fallout: New Vegas
Feedback Tool
Fortix 2
Fractal
From Dust
Frozen Synapse
Furcadia
Futuremark SystemInfo
FW LiveUpdate
GameSpy Comrade
Gemini Rue version 1.0
Gish
Google Chrome
Guild Wars
Hammerfight
Heroes of Might and Magic V: Tribes of the East
HF pAppLoc version 0.8
HiJackThis
HOARD
HydraVision
ImagXpress
Iron Grip: Warlord
Java Auto Updater
Java(TM) 6 Update 29
Just Cause 2
KeePass Password Safe 2.15
King's Bounty: Armored Princess
King's Bounty: Crossworlds
King's Bounty: The Legend
Lara Croft and the Guardian of Light
Left 4 Dead 2
LightScribe System Software
LogMeIn Hamachi
Lugaru HD
Machinarium
Macro Recorder 4.65.0
MagicDisc 2.7.106
Magicka
Magnetis
Majesty 2
Men of War
Men of War: Red Tide
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server System CLR Types
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio Platform Tools
Minecraft
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
Nero Vision
Nero Vision Help
NeroExpress
neroxml
Nexon Game Manager
Nimbus
NVIDIA PhysX
NyxQuest
OnLive
OpenAL
Osmos
Overlord
Overlord II
Overlord: Raising Hell
Penumbra: Overture
piaip AppLocale
Portal 2
PunkBuster Services
Puzzle Bots
Puzzle Dimension
Puzzle Pirates
Puzzler World
Quicken 2010
QuickTime
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Recettear: An Item Shop's Tale
Renegade Ops
Revenge of the Titans
RGSS-RTP Standard
Runespell: Overture
S.T.A.L.K.E.R.: Call of Pripyat
S.T.A.L.K.E.R.: Shadow of Chernobyl
Samorost 2
Sanctum
Section 8: Prejudice
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489)
Shadowgrounds
Shadowgrounds Editor
Shadowgrounds: Survivor
Shatter
SimCity 4 Deluxe
Skype Toolbars
Skype™ 4.2
SpaceChem
SpaceMonger 2.1.1
SpeedFan (remove only)
Spiral Knights
Spybot - Search & Destroy
SpywareBlaster 4.2
Stalker Complete 2009
StarCraft II
Steam
Steel Storm: Burning Retribution
Super Meat Boy
System Requirements Lab CYRI
Team Fortress 2
Terraria
The Lord of the Rings FREE Trial
The Misadventures of P.B. Winterbottom
The Sims Medieval
The Sims™ 3
The Sims™ 3 Ambitions
The Sims™ 3 Create a Sim
The Sims™ 3 Generations
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 World Adventures
The Witcher 2
The Witcher: Enhanced Edition
Tidalis
Time Gentlemen, Please!
Tom Clancy's Splinter Cell: Chaos Theory
Trine
Tropico 3 - Steam Special Edition
Tropico 3: Absolute Power
Ubisoft Game Launcher
Unity Web Player
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Uplink
VC80CRTRedist - 8.0.50727.4053
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
WebTablet IE Plugin
WebTablet Netscape Plugin
Windosill
Windows Glulxe
World of Goo
Xvid 1.2.2 final uninstall
Yahoo! Toolbar
Zen Bound® 2
.
==== Event Viewer Messages From Past Week ========
.
10/28/2011 12:46:51 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
10/28/2011 12:00:22 AM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.
10/28/2011 12:00:22 AM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.
10/27/2011 9:46:51 PM, Error: FcsSas [10006] -
10/27/2011 11:40:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
10/27/2011 11:40:44 PM, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/25/2011 9:55:16 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{7B947328-5845-4985-AFBE-729494D9F34A} because another computer on the network has the same name. The server could not start.
10/24/2011 1:57:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
.
==== End Of File ===========================

Thank you for your help.
Tiramisu
Active Member
 
Posts: 2
Joined: October 28th, 2011, 5:15 pm
Advertisement
Register to Remove

Re: Possible Trojan, Windows Firewall Disabled

Unread postby deltalima » October 31st, 2011, 4:04 pm

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Possible Trojan, Windows Firewall Disabled

Unread postby Tiramisu » October 31st, 2011, 4:18 pm

Thank you for the reply but I ended up reformatting my computer. Whatever I got was bad enough that I could barely use my computer anymore, and I was afraid to pay my bills with the way things were.

Thanks for having this site, though. I think you're doing a really great service.
Tiramisu
Active Member
 
Posts: 2
Joined: October 28th, 2011, 5:15 pm

Re: Possible Trojan, Windows Firewall Disabled

Unread postby deltalima » October 31st, 2011, 4:20 pm

Hi Tiramisu,

You are running an Enterprise version of Microsoft Office.

Microsoft does not sell nor does it permit the sale of Enterprise versions of Windows or Microsoft Office to individuals, therefore your computer is a business computer, not a home computer, and we do not work on business computers.

This topic is now closed
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 299 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware