Windows firewall keeps turning off.

View previous topic View next topic Go down

Windows firewall keeps turning off.

Post by BigAmzz on 6th July 2011, 12:39 pm

Every time i reboot i get a quick warning from Windows security center that my firewall is turned off. When i do check my firewall it is off and says the settings are wrong. I also sometimes get this black space at the bottom of the browser when i open a new window with Google Chrome.

Here is my log i would greatly appreciate it if someone took a look at it. Thanks.

color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2008/01/19 08:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\WINDOWS\SoftwareDistribution\Download\c452caabaad248a66aa697d8c8545eb1\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2008/01/19 08:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\WINDOWS\System32\drivers\disk.sys
[2006/11/02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\WINDOWS\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\System32\netlogon.dll
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\SoftwareDistribution\Download\c452caabaad248a66aa697d8c8545eb1\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\SoftwareDistribution\Download\c452caabaad248a66aa697d8c8545eb1\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-06 01:30:57

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)


Last edited by BigAmzz on 6th July 2011, 12:43 pm; edited 1 time in total

BigAmzz
Intermediate
Intermediate

Posts Posts : 125
Joined Joined : 2009-01-13
OS OS : windowsxp
Points Points : 29938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows firewall keeps turning off.

Post by BigAmzz on 6th July 2011, 12:40 pm

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2010/03/09 15:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2010/03/09 15:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2010/03/09 15:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/03/09 17:56:18 | 000,634,648 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/07/23 05:59:14 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/07/23 05:59:14 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/07/23 05:59:14 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/07/23 05:59:14 | 002,388,264 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2010/03/09 15:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2010/03/09 15:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2010/03/09 15:17:37 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/03/09 17:56:18 | 000,634,648 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/07/23 05:59:14 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/07/23 05:59:14 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/07/23 05:59:14 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/07/23 05:59:14 | 002,388,264 | ---- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

BigAmzz
Intermediate
Intermediate

Posts Posts : 125
Joined Joined : 2009-01-13
OS OS : windowsxp
Points Points : 29938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows firewall keeps turning off.

Post by BigAmzz on 6th July 2011, 12:44 pm

Note sure if i'm supposed to post this but this is the 'extras' log.
OTL Extras logfile created on: 06/07/2011 13:10:38 - Run 1
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Declan M\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.87 Gb Total Physical Memory | 0.77 Gb Available Physical Memory | 41.20% Memory free
3.98 Gb Paging File | 2.67 Gb Available in Paging File | 67.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 325.13 Gb Total Space | 223.64 Gb Free Space | 68.79% Space Free | Partition Type: NTFS
Drive D: | 10.22 Gb Total Space | 1.40 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
Drive E: | 555.49 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DECLANM-PC | User Name: Declan M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09695605-9091-44F2-A61F-430F5422FB27}" = rport=138 | protocol=17 | dir=out | app=system |
"{1B9A966C-D19F-42A8-ACEF-EF55BB7FC04C}" = lport=137 | protocol=17 | dir=in | app=system |
"{1C6B1F98-E4DA-4367-B539-D8F5109BE799}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1E53CB13-501D-42A1-8A41-69AF48B15C98}" = lport=139 | protocol=6 | dir=in | app=system |
"{226D89AD-85A9-4ABD-8430-663129CE7F66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{557D5246-C3FB-4097-A70C-C806776F8C05}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5C8E864A-DB56-4D46-B407-5AF1FFA1AD74}" = lport=138 | protocol=17 | dir=in | app=system |
"{816C9B00-7619-4820-A5FA-F7284DD61824}" = lport=445 | protocol=6 | dir=in | app=system |
"{B33B5105-8B61-42B3-95F8-FA4DABAD5BCA}" = rport=445 | protocol=6 | dir=out | app=system |
"{BF1BE5EA-A675-4501-8FAC-1C4F318BA74E}" = rport=139 | protocol=6 | dir=out | app=system |
"{DF2F2973-DC85-4FBD-86D3-D529438A331B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E503FC66-3533-4126-94C9-6F9F05171E29}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00665447-5EEA-4F95-B904-24FEBB64A7B9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{08E7A20B-2160-4365-8812-2B8AD5CA960A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0AB55733-325D-4662-996C-7EBACEE3D623}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{10858664-2539-4991-8F7A-289733ABF1E6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1CF9341A-C9B2-4E67-A27C-9AFDF6D59847}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{20B60CAB-F152-4ABA-AE05-D51C0A0E8CF8}" = protocol=6 | dir=in | app=e:\libneap.dll |
"{21A1C232-FCA1-4168-A4D1-B9018AF627FD}" = protocol=17 | dir=in | app=e:\libneap.dll |
"{22B8A1C3-2EF3-4EF4-B7D4-A3A424658B62}" = protocol=6 | dir=in | app=e:\dwizard615.exe |
"{34CC78C0-C4AE-4D38-AB7E-AB23EE9D2D46}" = protocol=6 | dir=in | app=c:\program files\sega\virtua tennis 4\vt4.exe |
"{360F011C-8809-4EB0-931E-C5753D81A152}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{4000D088-0603-4EB7-9271-E9E6322E4480}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{4118015D-E40C-4544-B169-AE0B4140507A}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{466A8628-AB65-43FA-A168-60026A1DF029}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4693AFF3-63E4-461A-9687-B9C635D0B857}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{4C0A9F6C-5BA4-4896-B830-0789501DD6EA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{500CE75C-8CBD-43D4-A593-474C72881F05}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{522F1CB2-2E5E-4241-A54D-F848CDDB148F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{658D40F4-7A77-4748-8C59-9F269252AAEB}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{67902ACA-2A56-4FA1-964F-4E04EA3C4ED7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6D136167-DE8A-43D8-98F4-A30F165C13D9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{75833616-619E-4306-B3D1-A69A2BE89B78}" = protocol=17 | dir=in | app=e:\dwizard615.exe |
"{7D6EE526-B26D-4217-AC39-D257772B4E99}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{814EB14C-7903-4031-B896-1B9C57A07854}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{82768C33-D021-4E2F-AFE3-22E9439F3B50}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{875A9D5F-D4F5-43DD-84A8-67A9E61F573E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A3B6CE5E-524D-40E5-87A8-B37D95074E53}" = protocol=17 | dir=in | app=c:\program files\sega\virtua tennis 4\vt4.exe |
"{A68B8082-634F-4376-AB67-2F2D71508E95}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A939BB0C-5BE1-4615-93E0-D8030007177D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{AD4566A9-8F8B-41BA-BBA0-6BA81E0E2949}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BC9DC145-7437-406F-BD58-022ACBFD190E}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{C3E2EB03-5AE1-45A0-8295-1FEDC0275756}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{C6E7F719-9D91-4B82-862A-9D41B7FA50C5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{CA4511DE-6264-4115-9059-31CF15A8AE50}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CFE93DCC-7BBC-4899-AB13-2A29B0918140}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E43B9F28-493F-4337-ACC3-A95D119DB579}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{F6E71592-F539-44EE-9003-308D2676C5FF}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F7AF18C4-0C1F-4312-B43F-5D241DEA8932}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"TCP Query User{30137268-EA84-4188-9DFB-7C245C1EDD0D}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{A88FA317-BACA-4F0F-86BC-79E71530A13E}C:\program files\microsoft games\halo trial\halo.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\halo trial\halo.exe |
"TCP Query User{CEF43E44-332A-4059-A72F-B04F2D3D422C}C:\program files\microsoft games\halo trial\halo.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\halo trial\halo.exe |
"UDP Query User{14FDA3E0-8C05-493F-A72F-9E5FFE190DC0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8AA0625B-9F2F-4225-96C3-3E4990656515}C:\program files\microsoft games\halo trial\halo.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\halo trial\halo.exe |
"UDP Query User{DBC95A96-6376-4B74-B734-60F318AE16F0}C:\program files\microsoft games\halo trial\halo.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\halo trial\halo.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19E3AD4A-73A5-413F-ABCF-852551C912A1}" = WebMate
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228814B2-6A64-4AD5-8D2D-4E2188DEB191}" = AVG 2011
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EA3A8A6-4B6B-4288-B8FB-3EB11A403ED3}" = Eye 312
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A6359CCF-215D-43D9-8366-479D231F2A72}" = Belkin Wireless USB Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAD41A9-9687-48A3-848F-693C11451433}" = HP Customer Experience Enhancements
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3DED121-395C-4338-A455-A2CFF8BDE071}" = Kaspersky Security Scan
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9D76EFC-F231-4DB4-AEF5-7C76241241F1}_is1" = Family Feud
"{DB90FF25-9932-48F2-B643-1802F1864FAF}" = AVG 2011
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software 1.10.16.1
"{E8C2622C-9FF1-4F60-8008-A0208154F9F3}" = muvee autoProducer 6.1
"{e96b3d28-47d6-43cc-98fd-7069eeab6b11}" = HP Total Care Advisor
"{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2011
"BitTorrent" = BitTorrent
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"FamilyFeudOnlineParty" = FamilyFeudOnlineParty (remove only)
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"InstallShield_{A6359CCF-215D-43D9-8366-479D231F2A72}" = Belkin Wireless USB Utility
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 en-GB)" = Mozilla Firefox 5.0 (x86 en-GB)
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"pcsx2-r3113" = PCSX2 - Playstation 2 Emulator
"PowerISO" = PowerISO
"RealPlayer 12.0" = RealPlayer
"uTorrent" = µTorrent
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT084167" = Westward IV - All Aboard
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04/07/2011 09:19:16 | Computer Name = DeclanM-PC | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, time stamp 0x4e0401a8,
faulting module chrome.dll, version 12.0.742.112, time stamp 0x4e04015e, exception
code 0xc0000409, fault offset 0x0000c2d9, process id 0x1448, application start time
0x01cc3a4ced2fcaa9.

Error - 04/07/2011 09:20:50 | Computer Name = DeclanM-PC | Source = WerSvc | ID = 5007
Description =

Error - 05/07/2011 07:33:01 | Computer Name = DeclanM-PC | Source = WerSvc | ID = 5007
Description =

Error - 05/07/2011 10:31:57 | Computer Name = DeclanM-PC | Source = WerSvc | ID = 5007
Description =

Error - 05/07/2011 11:47:54 | Computer Name = DeclanM-PC | Source = WerSvc | ID = 5007
Description =

Error - 05/07/2011 13:22:51 | Computer Name = DeclanM-PC | Source = Application Error | ID = 1000
Description = Faulting application RealConverter.exe, version 12.0.1.647, time stamp
0x4d921b85, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp
0x4afa620b, exception code 0xc0000005, fault offset 0x04febe79, process id 0x141c,
application start time 0x01cc3b381b69cee2.

Error - 05/07/2011 13:23:25 | Computer Name = DeclanM-PC | Source = Application Error | ID = 1000
Description = Faulting application RealShare.exe, version 12.0.1.647, time stamp
0x4d921bb9, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp
0x4afa620b, exception code 0xc0000005, fault offset 0x096bbe79, process id 0x87c,
application start time 0x01cc3b383956f0e2.

Error - 05/07/2011 13:25:03 | Computer Name = DeclanM-PC | Source = Application Error | ID = 1000
Description = Faulting application RealShare.exe, version 12.0.1.647, time stamp
0x4d921bb9, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp
0x4afa620b, exception code 0xc0000005, fault offset 0x5f52be79, process id 0x1494,
application start time 0x01cc3b384f830ed2.

Error - 05/07/2011 13:33:27 | Computer Name = DeclanM-PC | Source = Application Error | ID = 1000
Description = Faulting application RecordingManager.exe, version 12.0.1.647, time
stamp 0x4d921bc9, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time
stamp 0x4afa620b, exception code 0xc0000005, fault offset 0x0457be79, process id
0xf70, application start time 0x01cc3b37b08eeb52.

Error - 06/07/2011 08:07:46 | Computer Name = DeclanM-PC | Source = WerSvc | ID = 5007
Description =

[ System Events ]
Error - 05/07/2011 10:30:44 | Computer Name = DeclanM-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
11, function 0. Please contact your system vendor for technical assistance.

Error - 05/07/2011 10:30:44 | Computer Name = DeclanM-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
12, function 0. Please contact your system vendor for technical assistance.

Error - 05/07/2011 11:39:03 | Computer Name = DeclanM-PC | Source = DCOM | ID = 10010
Description =

Error - 05/07/2011 11:39:10 | Computer Name = DeclanM-PC | Source = athrusb | ID = 5003
Description = Belkin Wireless G USB Network Adapter : Could not find a network adapter.

Error - 05/07/2011 11:42:56 | Computer Name = DeclanM-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.

Error - 05/07/2011 11:42:56 | Computer Name = DeclanM-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
11, function 0. Please contact your system vendor for technical assistance.

Error - 05/07/2011 11:42:56 | Computer Name = DeclanM-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
12, function 0. Please contact your system vendor for technical assistance.

Error - 06/07/2011 08:01:20 | Computer Name = DeclanM-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.

Error - 06/07/2011 08:01:20 | Computer Name = DeclanM-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
11, function 0. Please contact your system vendor for technical assistance.

Error - 06/07/2011 08:01:20 | Computer Name = DeclanM-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
12, function 0. Please contact your system vendor for technical assistance.


< End of report >


BigAmzz
Intermediate
Intermediate

Posts Posts : 125
Joined Joined : 2009-01-13
OS OS : windowsxp
Points Points : 29938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows firewall keeps turning off.

Post by Belahzur on 7th July 2011, 3:31 pm

Hello.

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Windows firewall keeps turning off.

Post by BigAmzz on 8th July 2011, 12:24 am

[You must be registered and logged in to see this link.] wrote:Hello.

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

It says Combofix can't run with AVG installed? Do i have to uninstall AVG?

BigAmzz
Intermediate
Intermediate

Posts Posts : 125
Joined Joined : 2009-01-13
OS OS : windowsxp
Points Points : 29938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows firewall keeps turning off.

Post by Belahzur on 13th July 2011, 12:21 am

Hello.

Download and install [URL="http://download.cnet.com/Revo-Uninstaller/3000-2096_4-10687648.html"]Revo Uninstaller[/URL]


  • Double click the Revo Uninstaller icon on your desktop to start the program
  • Scroll through the listed programs and Right Click on AVG.
  • From the pop out menu choose Uninstall
  • Click Yes to the confirmation dialogue
  • In the next window select the Advanced mode
  • Click Next to start uninstalling the program
  • Answer Yes to confirm the uninstall
  • When the program has completed the four steps, click Next to allow the program to search for leftovers
  • Once complete, click Next, then Finish
  • Repeat the above steps for any other programs you wish to remove.


Try Combofix now.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Windows firewall keeps turning off.

Post by BigAmzz on 16th July 2011, 4:01 pm

ComboFix 11-07-15.03 - Declan M 16/07/2011 16:11:40.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.44.1033.18.1918.710 [GMT 1:00]
Running from: c:\users\Declan M\Downloads\commy.exe.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Declan M\pcsx2-r4600.exe
c:\users\Declan M\SDL.dll
c:\windows\system32\system
.
.
((((((((((((((((((((((((( Files Created from 2011-06-16 to 2011-07-16 )))))))))))))))))))))))))))))))
.
.
2011-07-16 15:19 . 2011-07-16 15:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-16 14:47 . 2011-07-16 14:47 -------- d-----w- c:\program files\VS Revo Group
2011-07-09 23:56 . 2011-07-09 23:57 -------- d-----w- c:\program files\Veetle
2011-07-06 22:21 . 2011-07-06 22:21 -------- d-----w- c:\users\Mcx1
2011-07-04 13:20 . 2011-07-04 13:20 -------- d-----w- c:\users\Declan M\AppData\Roaming\Malwarebytes
2011-07-04 13:20 . 2011-07-04 13:20 -------- d-----w- c:\programdata\Malwarebytes
2011-07-04 13:20 . 2011-05-29 08:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-04 13:20 . 2011-07-04 13:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-04 13:20 . 2011-05-29 08:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-03 15:50 . 2011-07-03 15:50 -------- d-----w- c:\users\Declan M\AppData\Local\pcsx2
2011-07-03 15:49 . 2011-07-03 15:50 -------- d-----w- c:\program files\PCSX2 0.9.7
2011-06-30 23:04 . 2011-07-02 10:46 -------- d-----w- c:\program files\Common Files\Steam
2011-06-30 23:04 . 2011-07-04 13:45 -------- d-----w- c:\program files\Steam
2011-06-30 22:58 . 2011-06-30 22:58 -------- d-----w- c:\users\Declan M\AppData\Local\Activision
2011-06-30 18:53 . 2010-11-03 23:09 -------- d-----w- c:\program files\Sports Interactive
2011-06-30 18:50 . 2011-06-30 18:50 -------- d--h--w- c:\users\Declan M\InstallAnywhere
2011-06-30 14:18 . 2011-06-30 14:18 -------- d-----w- c:\windows\system32\xlive
2011-06-30 14:18 . 2011-06-30 14:18 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-06-30 13:59 . 2011-06-30 13:59 -------- d-----w- c:\program files\Sega
2011-06-30 00:48 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-06-30 00:48 . 2008-10-27 09:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2011-06-30 00:48 . 2008-10-27 09:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2011-06-30 00:48 . 2008-10-27 09:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2011-06-30 00:48 . 2008-10-27 09:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2011-06-30 00:48 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2011-06-30 00:48 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-06-30 00:48 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-06-30 00:47 . 2011-07-03 15:49 -------- d--h--w- c:\windows\msdownld.tmp
2011-06-30 00:39 . 2011-04-27 21:32 31744 ----a-w- c:\users\Declan M\w32pthreads.v4.dll
2011-06-30 00:39 . 2011-04-27 21:32 31744 ----a-w- c:\users\Declan M\w32pthreads.v3.dll
2011-06-30 00:39 . 2011-04-27 22:17 -------- d-----w- c:\users\Declan M\Plugins
2011-06-30 00:39 . 2011-04-27 22:17 -------- d-----w- c:\users\Declan M\Langs
2011-06-30 00:39 . 2011-04-27 22:17 -------- d-----w- c:\users\Declan M\Docs
2011-06-30 00:39 . 2011-04-27 22:17 -------- d-----w- c:\users\Declan M\Cheats
2011-06-30 00:36 . 2011-06-30 00:36 -------- d-----w- c:\program files\7-Zip
2011-06-29 19:39 . 2011-06-29 19:39 -------- d-----w- c:\programdata\Sports Interactive
2011-06-29 19:38 . 2011-06-30 18:36 -------- d-----w- c:\users\Declan M\AppData\Roaming\Sports Interactive
2011-06-29 19:38 . 2011-06-29 19:38 -------- d-----w- c:\users\Declan M\AppData\Local\Sports Interactive
2011-06-29 19:38 . 2009-03-09 14:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2011-06-29 19:38 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2011-06-29 19:38 . 2009-03-16 13:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2011-06-29 19:38 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-06-29 18:44 . 2011-06-29 18:44 -------- d-----w- c:\program files\PowerISO
2011-06-29 18:38 . 2011-06-29 18:38 -------- d-----w- c:\program files\BitTorrent
2011-06-29 18:37 . 2011-07-16 15:00 -------- d-----w- c:\users\Declan M\AppData\Roaming\BitTorrent
2011-06-29 18:36 . 2011-06-29 18:38 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-06-29 18:36 . 2011-06-30 22:14 -------- d-----w- c:\users\Declan M\AppData\Local\Conduit
2011-06-29 18:36 . 2011-06-29 18:36 -------- d-----w- c:\users\Declan M\AppData\Local\uTorrent
2011-06-29 18:34 . 2011-06-29 18:36 -------- d-----w- c:\program files\uTorrent
2011-06-29 16:19 . 2011-06-29 16:19 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-06-29 15:39 . 2011-06-29 15:39 -------- d-----w- c:\program files\Belkin
2011-06-29 15:38 . 2011-06-29 15:38 -------- d-----w- c:\windows\{9044EB87-7F7C-4801-9A35-1481E1017EAE}
2011-06-25 22:24 . 2011-06-25 22:24 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-06-25 22:24 . 2011-06-25 22:24 -------- d-----w- c:\program files\Common Files\xing shared
2011-06-25 22:24 . 2011-06-25 22:24 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-06-25 22:23 . 2011-06-25 22:23 105472 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-06-25 22:23 . 2011-06-25 22:24 -------- d-----w- c:\program files\Real
2011-06-25 19:55 . 2011-06-25 20:00 -------- d-----w- c:\users\Declan M\AppData\Roaming\AVG
2011-06-25 15:46 . 2011-07-16 14:56 -------- d-----w- c:\programdata\AVG10
2011-06-25 15:29 . 2011-06-16 04:32 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-06-25 15:29 . 2011-06-16 04:32 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-06-25 15:29 . 2011-06-16 04:32 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-06-25 15:29 . 2011-06-16 04:32 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-06-25 15:28 . 2011-06-16 04:32 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-06-25 15:28 . 2011-06-16 04:32 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-06-25 15:28 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-06-25 15:28 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-25 15:17 . 2011-06-20 07:57 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{80BDB5AF-F35F-415E-9E08-481F49B6985E}\mpengine.dll
2011-06-25 15:07 . 2011-07-16 14:54 -------- d-----w- c:\programdata\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-30 15:01 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-06-30 15:01 . 2009-08-18 10:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-06-25 22:23 . 2007-11-30 16:41 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-06-15 08:23 . 2011-06-15 08:23 60156 ----a-w- c:\windows\system32\drivers\scdemu.sys
2011-05-24 18:14 . 2010-05-06 18:38 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-13 19:17 . 2011-05-13 19:17 784136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-04 03:52 . 2010-07-07 17:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-16 04:32 . 2011-06-25 15:29 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-02-02 1232896]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 2159104]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2007-10-04 1783136]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2011-06-29 4771184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-07 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-07 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-07 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 4702208]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-09 54840]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"BMISR"="c:\program files\KYE\WebMate\BM.exe" [2008-08-19 208896]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2011-06-25 273544]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Kaspersky Security Scan.lnk - c:\program files\Kaspersky Security Scan\KSS.exe [2010-9-3 2402696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 gupdate1cab670764c1c44;Google Update Service (gupdate1cab670764c1c44);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 133104]
R3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\DRIVERS\ewsercd.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 133104]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 RTL8187;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [x]
S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\DRIVERS\rtlprot.sys [2006-12-01 15360]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S3 athrusb;Belkin Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2008-07-28 904192]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 23:15]
.
2011-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 23:15]
.
2011-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422077084-280158802-2506141022-1000Core.job
- c:\users\Declan M\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-11 15:05]
.
2011-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422077084-280158802-2506141022-1000UA.job
- c:\users\Declan M\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-11 15:05]
.
2010-07-14 c:\windows\Tasks\HPCeeScheduleForDeclan M.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-11-30 00:34]
.
2010-06-06 c:\windows\Tasks\Install.job
- c:\windows\System32\Adobe\Shockwave 11\nssstub.exe [2010-05-30 09:26]
.
.
------- Supplementary Scan -------
.
mStart Page = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Declan M\AppData\Roaming\Mozilla\Firefox\Profiles\l9on22cm.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
AddRemove-HP Photosmart Essential - c:\program files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-07-16 16:19
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-07-16 16:21:52
ComboFix-quarantined-files.txt 2011-07-16 15:21
.
Pre-Run: 261,750,214,656 bytes free
Post-Run: 261,005,770,752 bytes free
.
- - End Of File - - C0CF6ADF70F468A17748D995267AFAB8

BigAmzz
Intermediate
Intermediate

Posts Posts : 125
Joined Joined : 2009-01-13
OS OS : windowsxp
Points Points : 29938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows firewall keeps turning off.

Post by Belahzur on 17th July 2011, 4:13 pm

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum