I've completed the preliminary 5 steps for malware. Here are my logs.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8255
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
11/28/2011 12:32:38 AM
mbam-log-2011-11-28 (00-32-38).txt
Scan type: Quick scan
Objects scanned: 171466
Time elapsed: 11 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 5
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 9
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\programdata\mousebackupmanager.dll (Trojan.Tracur) -> Delete on reboot.
c:\Users\chasity kay\AppData\Local\Adobe\adobeupdate\adobeupdt32.dll (Trojan.Tracur) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{156433F8-FCCB-40BF-8F73-613F94691D93} (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{156433F8-FCCB-40BF-8F73-613F94691D93} (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{156433F8-FCCB-40BF-8F73-613F94691D93} (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{156433F8-FCCB-40BF-8F73-613F94691D93} (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MouseBackupManager (Trojan.Tracur) -> Value: MouseBackupManager -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Softonic Update (Trojan.Tracur) -> Value: Softonic Update -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\programdata\mousebackupmanager.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\AppData\Local\Adobe\adobeupdate\adobeupdt32.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\AppData\Local\serviceuser.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Windows\System32\srrstr.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\srrstr.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\AppData\Local\Temp\1E00.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\local settings\serviceuser.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\local settings\application data\serviceuser.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\local settings\application data\Adobe\adobeupdate\adobeupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
The gmer log is blank and said nothing was found. I ran it twice and both time same results. If I need to do something different please let me know.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Chasity Kay at 2:00:00 on 2011-11-28
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1692 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360610d525l0424z145t44j2x237
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360610d525l0424z145t44j2x237
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360610d525l0424z145t44j2x237
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360610d525l0424z145t44j2x237
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111110203304.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\245737974596765627D27657563747 : DhcpNameServer = 156.154.70.11 156.154.71.11
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\353494E636055726 : DhcpNameServer = 65.175.128.46 65.175.128.47 8.8.8.8
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\36C6169786F6573756 : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\C696E6B6379737 : DhcpNameServer = 65.83.241.181 67.32.118.46
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\D6373747164756E2564657 : DhcpNameServer = 130.18.80.13 10.1.0.3
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\D637577657563747 : DhcpNameServer = 10.11.0.3 130.18.80.134
TCP: Interfaces\{856ED3C4-B8B5-470E-B3C2-641E5FDB459F} : DhcpNameServer = 192.168.1.254 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111110203304.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-11-5 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-28 366152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-11 249936]
R2 McMPFSvc;McAfee Personal Firewall;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-11 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-11 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-11 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-10-26 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-10-26 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-5 240160]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-11 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-11 136176]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-28 06:17:57 -------- d-----w- C:\Users\Chasity Kay\AppData\Roaming\Malwarebytes
2011-11-28 06:17:42 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-28 06:17:37 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-28 06:17:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-09 04:54:56 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 04:54:55 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 04:54:52 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 04:54:47 3141120 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2011-10-18 20:32:28 161168 ----a-w- C:\Windows\System32\mfevtps.exe
2011-10-15 19:16:16 75808 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2011-10-15 19:16:16 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2011-10-15 19:16:16 647080 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2011-10-15 19:16:16 481768 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2011-10-15 19:16:16 284648 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2011-10-15 19:16:16 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2011-10-15 19:16:16 160280 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2011-10-15 19:16:16 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2011-10-15 19:16:16 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2011-10-14 04:46:31 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 2:02:16.56 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/8/2010 8:35:13 PM
System Uptime: 11/28/2011 12:36:18 AM (2 hours ago)
.
Motherboard: Acer | | Aspire 5532
Processor: AMD Athlon(tm) Processor TF-20 | Socket S1G1 | 1600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 137 GiB total, 95.719 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP77: 10/21/2011 11:25:20 PM - Scheduled Checkpoint
RP79: 10/27/2011 9:36:41 AM - Windows Modules Installer
RP80: 10/27/2011 9:38:17 AM - Windows Modules Installer
RP81: 11/8/2011 11:51:13 PM - Removed BlackBerry Device Software Updater.
RP82: 11/9/2011 2:14:55 PM - Windows Update
RP83: 11/11/2011 10:14:48 AM - Windows Update
RP84: 11/19/2011 4:35:08 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 2 (SP2)
Acer Arcade Deluxe
Acer Assist
Acer ePower Management
Acer eRecovery Management
Acer Games
Acer GridVista
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.4.3 MUI
AMD USB Filter Driver
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
eSobi v2
Google Toolbar for Internet Explorer
Google Update Helper
Identity Card
Java Auto Updater
Java(TM) 6 Update 23
Junk Mail filter update
Launch Manager
Malwarebytes' Anti-Malware version 1.51.2.1300
McAfee Internet Security Suite
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
Norton Online Backup
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Veetle TV 0.9.18
Welcome Center
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Movie Maker 2.6
.
==== Event Viewer Messages From Past Week ========
.
11/28/2011 12:36:37 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
11/28/2011 12:36:37 AM, Error: atikmdag [43029] - Display is not active
11/28/2011 12:35:10 AM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
11/27/2011 9:12:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
11/27/2011 10:08:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
11/27/2011 1:46:02 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
11/25/2011 8:41:27 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================
I think this is all you needed. Hope you can help me resolve my problems. Thanks
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8255
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
11/28/2011 12:32:38 AM
mbam-log-2011-11-28 (00-32-38).txt
Scan type: Quick scan
Objects scanned: 171466
Time elapsed: 11 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 5
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 9
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\programdata\mousebackupmanager.dll (Trojan.Tracur) -> Delete on reboot.
c:\Users\chasity kay\AppData\Local\Adobe\adobeupdate\adobeupdt32.dll (Trojan.Tracur) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{156433F8-FCCB-40BF-8F73-613F94691D93} (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{156433F8-FCCB-40BF-8F73-613F94691D93} (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{156433F8-FCCB-40BF-8F73-613F94691D93} (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{156433F8-FCCB-40BF-8F73-613F94691D93} (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MouseBackupManager (Trojan.Tracur) -> Value: MouseBackupManager -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Softonic Update (Trojan.Tracur) -> Value: Softonic Update -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\programdata\mousebackupmanager.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\AppData\Local\Adobe\adobeupdate\adobeupdt32.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\AppData\Local\serviceuser.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Windows\System32\srrstr.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\srrstr.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\AppData\Local\Temp\1E00.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\local settings\serviceuser.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\local settings\application data\serviceuser.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\chasity kay\local settings\application data\Adobe\adobeupdate\adobeupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
The gmer log is blank and said nothing was found. I ran it twice and both time same results. If I need to do something different please let me know.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Chasity Kay at 2:00:00 on 2011-11-28
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1692 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360610d525l0424z145t44j2x237
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360610d525l0424z145t44j2x237
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360610d525l0424z145t44j2x237
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360610d525l0424z145t44j2x237
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111110203304.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\245737974596765627D27657563747 : DhcpNameServer = 156.154.70.11 156.154.71.11
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\353494E636055726 : DhcpNameServer = 65.175.128.46 65.175.128.47 8.8.8.8
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\36C6169786F6573756 : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\C696E6B6379737 : DhcpNameServer = 65.83.241.181 67.32.118.46
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\D6373747164756E2564657 : DhcpNameServer = 130.18.80.13 10.1.0.3
TCP: Interfaces\{3FC3F169-F213-459E-B76A-9FFF5741A5CD}\D637577657563747 : DhcpNameServer = 10.11.0.3 130.18.80.134
TCP: Interfaces\{856ED3C4-B8B5-470E-B3C2-641E5FDB459F} : DhcpNameServer = 192.168.1.254 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111110203304.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-11-5 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-28 366152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-11 249936]
R2 McMPFSvc;McAfee Personal Firewall;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-11 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-11 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-8-11 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-10-26 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-10-26 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-5 240160]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-11 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-11 136176]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-28 06:17:57 -------- d-----w- C:\Users\Chasity Kay\AppData\Roaming\Malwarebytes
2011-11-28 06:17:42 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-28 06:17:37 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-28 06:17:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-09 04:54:56 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 04:54:55 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 04:54:52 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 04:54:47 3141120 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2011-10-18 20:32:28 161168 ----a-w- C:\Windows\System32\mfevtps.exe
2011-10-15 19:16:16 75808 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2011-10-15 19:16:16 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2011-10-15 19:16:16 647080 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2011-10-15 19:16:16 481768 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2011-10-15 19:16:16 284648 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2011-10-15 19:16:16 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2011-10-15 19:16:16 160280 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2011-10-15 19:16:16 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2011-10-15 19:16:16 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2011-10-14 04:46:31 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 2:02:16.56 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/8/2010 8:35:13 PM
System Uptime: 11/28/2011 12:36:18 AM (2 hours ago)
.
Motherboard: Acer | | Aspire 5532
Processor: AMD Athlon(tm) Processor TF-20 | Socket S1G1 | 1600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 137 GiB total, 95.719 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP77: 10/21/2011 11:25:20 PM - Scheduled Checkpoint
RP79: 10/27/2011 9:36:41 AM - Windows Modules Installer
RP80: 10/27/2011 9:38:17 AM - Windows Modules Installer
RP81: 11/8/2011 11:51:13 PM - Removed BlackBerry Device Software Updater.
RP82: 11/9/2011 2:14:55 PM - Windows Update
RP83: 11/11/2011 10:14:48 AM - Windows Update
RP84: 11/19/2011 4:35:08 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 2 (SP2)
Acer Arcade Deluxe
Acer Assist
Acer ePower Management
Acer eRecovery Management
Acer Games
Acer GridVista
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.4.3 MUI
AMD USB Filter Driver
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
eSobi v2
Google Toolbar for Internet Explorer
Google Update Helper
Identity Card
Java Auto Updater
Java(TM) 6 Update 23
Junk Mail filter update
Launch Manager
Malwarebytes' Anti-Malware version 1.51.2.1300
McAfee Internet Security Suite
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
Norton Online Backup
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Veetle TV 0.9.18
Welcome Center
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Movie Maker 2.6
.
==== Event Viewer Messages From Past Week ========
.
11/28/2011 12:36:37 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
11/28/2011 12:36:37 AM, Error: atikmdag [43029] - Display is not active
11/28/2011 12:35:10 AM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
11/27/2011 9:12:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
11/27/2011 10:08:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
11/27/2011 1:46:02 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
11/25/2011 8:41:27 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================
I think this is all you needed. Hope you can help me resolve my problems. Thanks