lepagea01
2012-09-24, 22:22
Hello,
Sorry if the title of this thread is so generic but I didn't know how to address the situation. Here it goes.
This morning, installing Virtual PC on my Windows 7 Ultimate laptop failed mainly due to Windows Firewall malfunction. By investing the issue, I realized that Windows Firewall was no longer in my services and that corresponding registry keys were missing, which lead me to suspect some malware infection. I ran some diagnostics and narrowed it down to the following:
I seem to have some ZeroAccess infection: problematic C:\Windows\assembly\Desktop.ini, C:\Windows\assembly\GAC_32\Desktop.ini, and C:\Windows\assembly\GAC_64\Desktop.ini are present
Hitman Pro is having serious doubts with the legitimacy of the C:\Windows\system32\services.exe executable running. Funny thing is I tried to replace it through Hitman Pro but the tool won't activate due to firewall issues: I'm back to square one!
In my startup configuration, there's this vpngui.exe executable that actually points to C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe that seems
For the fun of it, I ran OldTimer's OTL tool and it seems to confirm my suspicions (see OTL.Txt and Extras.Txt files attached).
Please advise.
Regards,
AL
Sorry if the title of this thread is so generic but I didn't know how to address the situation. Here it goes.
This morning, installing Virtual PC on my Windows 7 Ultimate laptop failed mainly due to Windows Firewall malfunction. By investing the issue, I realized that Windows Firewall was no longer in my services and that corresponding registry keys were missing, which lead me to suspect some malware infection. I ran some diagnostics and narrowed it down to the following:
I seem to have some ZeroAccess infection: problematic C:\Windows\assembly\Desktop.ini, C:\Windows\assembly\GAC_32\Desktop.ini, and C:\Windows\assembly\GAC_64\Desktop.ini are present
Hitman Pro is having serious doubts with the legitimacy of the C:\Windows\system32\services.exe executable running. Funny thing is I tried to replace it through Hitman Pro but the tool won't activate due to firewall issues: I'm back to square one!
In my startup configuration, there's this vpngui.exe executable that actually points to C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe that seems
For the fun of it, I ran OldTimer's OTL tool and it seems to confirm my suspicions (see OTL.Txt and Extras.Txt files attached).
Please advise.
Regards,
AL