Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Virus in windows/system32/services.exe

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Virus in windows/system32/services.exe

Unread postby knowlze » September 8th, 2012, 9:17 pm

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_33
Run by Domsfriend at 13:09:32 on 2012-09-09
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.64.1033.18.4094.1793 [GMT 12:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Folding@HomeCPU\1\Fah.exe
C:\Folding@HomeCPU\2\Fah.exe
C:\Folding@HomeCPU\3\Fah.exe
C:\Folding@HomeCPU\1\FahCore_a4.exe
C:\Folding@HomeCPU\4\Fah.exe
C:\Folding@HomeCPU\2\FahCore_a4.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Folding@HomeCPU\3\FahCore_a4.exe
C:\Folding@HomeCPU\4\FahCore_a4.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\System32\tgbstarter.exe
C:\Program Files (x86)\Tunngle\TnglCtrl.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\Domsfriend\AppData\Local\Akamai\netsession_win.exe
C:\Users\Domsfriend\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Opera\opera.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=112555 ... 7f74f75f77
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: YTD Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll
uURLSearchHooks: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\6.2\iobitToolbarIE.dll
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo2.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo2.dll
mWinlogon: Userinit=userinit.exe
BHO: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\6.2\iobitToolbarIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
BHO: SearchCore for Browsers: {9d717f81-9148-4f12-8568-69135f087db0} - C:\PROGRA~2\SEARCH~1\SEARCH~1\BROWSE~1.DLL
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: YTD Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo2.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: YTD Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll
TB: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\6.2\iobitToolbarIE.dll
EB: ShopperReports: {bdea95cf-f0e6-41e0-bd3d-b00f39a4e939} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\Domsfriend\AppData\Local\Akamai\netsession_win.exe"
uRun: [Google Update] "C:\Users\Domsfriend\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
uRun: [Facebook Update] "C:\Users\Domsfriend\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
mRun: [DATAMNGR] C:\PROGRA~2\SEARCH~1\SEARCH~1\DATAMN~1.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [<NO NAME>]
mRun: [D3DOverrider] "C:\Users\Domsfriend\AppData\Local\Temp\Rar$EX99.632\D3DOverrider\D3DOverriderWrapper.exe" /s
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [PrivitizeVPN] C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/stati ... 0.66.2.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{87FE5EC8-E1BB-4BBE-AE1A-A6661AE14C0F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B49F06C4-4DA9-40B2-BD37-361797E674FF} : DhcpNameServer = 178.32.51.4 76.73.18.50
TCP: Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759} : NameServer = 208.67.222.222
TCP: Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759}\2545141303235375D2839313336373 : NameServer = 208.67.222.222
TCP: Interfaces\{E0A255E7-D6BA-4087-BABB-906270D77759}\2545141303235375D2839313336373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E9A12D39-CC55-4AE8-8E37-5D3E00A2D5F8} : DhcpNameServer = 178.32.51.4 76.73.18.50
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\SysWow64\DreamScene.dll
BHO-X64: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.2\iobitToolbarIE.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO-X64: Babylon toolbar helper - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
BHO-X64: Searchqu Toolbar - No File
BHO-X64: SearchCore for Browsers: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\SEARCH~1\BROWSE~1.DLL
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo2.dll
BHO-X64: uTorrentBar - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo2.dll
TB-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB-X64: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll
TB-X64: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.2\iobitToolbarIE.dll
EB-X64: {BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} - No File
mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun-x64: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
mRun-x64: [DATAMNGR] C:\PROGRA~2\SEARCH~1\SEARCH~1\DATAMN~1.EXE
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [(Default)]
mRun-x64: [D3DOverrider] "C:\Users\Domsfriend\AppData\Local\Temp\Rar$EX99.632\D3DOverrider\D3DOverriderWrapper.exe" /s
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [PrivitizeVPN] C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
IE-X64: {A0EF4604-467A-424C-B942-E17D28BD78D9} - C:\Microgaming\Casino\YukonGold\casinogame.exe
AppInit_DLLs-X64: C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll
STS-X64: Windows DreamScene: {E31004D1-A431-41B8-826F-E902F9D95C81} - %SystemRoot%\SysWow64\DreamScene.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&app ... 06&sr=0&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Domsfriend\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Domsfriend\AppData\Roaming\Mozilla\Firefox\Profiles\ubkywt8p.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 ndistgb;TheGreenBow NDIS filter driver;C:\Windows\system32\DRIVERS\ndistgb.sys --> C:\Windows\system32\DRIVERS\ndistgb.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 20992]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-7-26 794560]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 Folding@home-CPU-[1];Folding@home-CPU-[1];C:\Folding@HomeCPU\1\Fah.exe -svcstart -d "C:\Folding@HomeCPU\1" --> C:\Folding@HomeCPU\1\Fah.exe -svcstart -d C:\Folding@HomeCPU\1 [?]
R2 Folding@home-CPU-[2];Folding@home-CPU-[2];C:\Folding@HomeCPU\2\Fah.exe -svcstart -d "C:\Folding@HomeCPU\2" --> C:\Folding@HomeCPU\2\Fah.exe -svcstart -d C:\Folding@HomeCPU\2 [?]
R2 Folding@home-CPU-[3];Folding@home-CPU-[3];C:\Folding@HomeCPU\3\Fah.exe -svcstart -d "C:\Folding@HomeCPU\3" --> C:\Folding@HomeCPU\3\Fah.exe -svcstart -d C:\Folding@HomeCPU\3 [?]
R2 Folding@home-CPU-[4];Folding@home-CPU-[4];C:\Folding@HomeCPU\4\Fah.exe -svcstart -d "C:\Folding@HomeCPU\4" --> C:\Folding@HomeCPU\4\Fah.exe -svcstart -d C:\Folding@HomeCPU\4 [?]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-9-8 821592]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-25 1262400]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-31 2358656]
R2 TgbIke Starter;TgbIke Starter;C:\Windows\System32\tgbstarter.exe --> C:\Windows\System32\tgbstarter.exe [?]
R2 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-10-5 745832]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-9-8 21384]
R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2012-9-8 33224]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-8 250056]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2012-9-8 21904]
S3 WatAdminSvc;WatAdminSvc;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2012-7-18 14544]
.
=============== Created Last 30 ================
.
2012-09-08 08:13:04 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-09-08 04:25:33 -------- d-----r- C:\Program Files (x86)\Skype
2012-09-08 03:22:11 -------- d-----w- C:\FRST
2012-09-07 10:23:16 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Facebook
2012-09-01 06:34:44 2388992 ----a-w- C:\Windows\explorer_edit_w7sbc.exe
2012-09-01 06:34:44 2388992 ----a-w- C:\Windows\explorer_backup_w7sbc.exe
2012-09-01 06:34:44 -------- d-----w- C:\Windows\W7SBC
2012-09-01 06:28:27 2755072 ----a-w- C:\Windows\SysWow64\themeui.dll.backup
2012-09-01 06:28:26 245760 ----a-w- C:\Windows\SysWow64\uxtheme.dll.backup
2012-09-01 06:28:26 1842688 ----a-w- C:\Windows\System32\ExplorerFrame_backup_wti.dll
2012-09-01 06:28:26 15181312 ----a-w- C:\Windows\System32\shell32_backup_wti.dll
2012-09-01 06:28:25 898560 ----a-w- C:\Windows\System32\OobeFldr_backup_wti.dll
2012-09-01 06:28:25 3208192 ----a-w- C:\Windows\explorer_backup_wti.exe
2012-09-01 06:28:23 151608 ----a-w- C:\Windows\UTP.exe
2012-09-01 06:16:53 -------- d-----w- C:\Program Files\Theme Resource Changer
2012-08-31 10:06:09 -------- d-----w- C:\Program Files (x86)\HUD RED
2012-08-31 09:47:53 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Korbin_Bickel
2012-08-31 09:47:08 -------- d-----w- C:\Program Files (x86)\Theme Manager
2012-08-31 09:40:23 44544 ----a-w- C:\Windows\System32\themeservice.dll.backup
2012-08-31 09:40:21 2851328 ----a-w- C:\Windows\System32\themeui.dll.backup
2012-08-31 09:40:18 332288 ----a-w- C:\Windows\System32\uxtheme.dll.backup
2012-08-31 00:32:21 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2012-08-27 06:55:20 -------- d-----w- C:\Users\Domsfriend\AppData\Local\NBGI
2012-08-25 22:56:53 -------- d-----w- C:\Program Files (x86)\PrivitizeVPN
2012-08-25 22:56:52 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Babylon
2012-08-25 02:35:17 0 ----a-w- C:\STFBC96.tmp
2012-08-22 10:22:09 -------- d-----w- C:\Ubisoft
2012-08-22 10:20:10 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Apps
2012-08-22 10:20:09 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Deployment
2012-08-20 04:31:42 0 ----a-w- C:\STF6CF8.tmp
2012-08-20 04:24:41 0 ----a-w- C:\STF224.tmp
2012-08-14 23:08:08 -------- d-----w- C:\Users\Domsfriend\AppData\Local\Dxtory Software
2012-08-14 23:08:03 3673600 ----a-w- C:\Windows\System32\DxtoryCodec64.dll
2012-08-14 23:08:02 3166720 ----a-w- C:\Windows\SysWow64\DxtoryCodec.dll
2012-08-14 23:07:59 -------- d-----w- C:\Program Files (x86)\Dxtory Software
2012-08-13 04:55:32 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-08-13 01:35:32 5115584 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-08-12 04:29:52 -------- d-----w- C:\Program Files\pb
2012-08-12 04:28:16 -------- d-----w- C:\Program Files\mods
2012-08-12 04:24:18 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-08-12 04:24:18 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-08-12 04:24:18 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-08-12 04:24:17 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-08-12 04:24:17 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-08-12 04:24:17 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-08-12 04:24:16 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-08-11 06:27:22 -------- d-----w- C:\Program Files\GameData
2012-08-11 05:39:22 -------- d-----w- C:\Program Files (x86)\The Creative Assembly
.
==================== Find3M ====================
.
2012-09-07 23:55:37 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-09-07 23:55:37 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-09-01 06:28:27 2755072 ----a-w- C:\Windows\SysWow64\themeui.dll
2012-09-01 06:28:26 245760 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2012-08-31 09:40:23 44544 ----a-w- C:\Windows\System32\themeservice.dll
2012-08-31 09:40:21 2851328 ----a-w- C:\Windows\System32\themeui.dll
2012-08-31 09:40:19 332288 ----a-w- C:\Windows\System32\uxtheme.dll
2012-08-28 09:37:11 281120 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-08-21 09:13:13 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-08-21 09:13:12 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-21 09:12:33 41224 ----a-w- C:\Windows\avastSS.scr
2012-08-15 11:02:59 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 11:02:59 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-18 04:38:03 2048 ----a-w- C:\Windows\SysWow64\winver.exe
2012-07-18 04:38:02 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-07-18 04:37:59 410624 ----a-w- C:\Windows\SysWow64\systemcpl.dll
2012-07-18 04:37:56 1536 ----a-w- C:\Windows\SysWow64\sppcomapi.dll
2012-07-18 04:37:54 113543 ----a-w- C:\Windows\SysWow64\slmgr.vbs
2012-07-18 04:37:54 113543 ----a-w- C:\Windows\System32\slmgr.vbs
2012-06-28 08:23:50 476976 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-06-28 08:23:46 472880 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-29 08:31:50 3993600 ----a-w- C:\Program Files (x86)\GUT7D7E.tmp
2012-04-04 08:24:43 11986 ----a-w- C:\Program Files (x86)\layout.bin
2012-04-04 08:21:44 587200 ----a-w- C:\Program Files (x86)\ISSetup.dll
2012-04-03 05:58:08 3146312 ----a-w- C:\Program Files (x86)\pbsvc_blr.exe
2012-02-22 11:12:54 8525240 ----a-w- C:\Program Files (x86)\Blacklight Retribution.exe
2012-02-20 06:59:36 125892 ----a-w- C:\Program Files (x86)\config.bin
2011-09-21 03:42:24 4216840 ----a-w- C:\Program Files (x86)\vcredist_x86.exe
2011-09-21 03:30:36 34013024 ----a-w- C:\Program Files (x86)\PhysX_9.10.0513_SystemSoftware.exe
2011-08-24 06:00:40 100271992 ----a-w- C:\Program Files (x86)\directx_Jun2010_redist.exe
2011-03-29 23:40:34 517976 ----a-w- C:\Program Files (x86)\DXSETUP.exe
2011-03-29 23:40:32 95576 ----a-w- C:\Program Files (x86)\DSETUP.dll
2011-03-29 23:40:32 1566040 ----a-w- C:\Program Files (x86)\dsetup32.dll
.
============= FINISH: 13:11:30.36 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/02/2011 7:02:42 p.m.
System Uptime: 9/09/2012 11:29:43 a.m. (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4A78LT-M-LE
Processor: AMD Phenom(tm) II X4 955 Processor | AM3 | 3200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 333.953 GiB free.
D: is CDROM (CDFS)
E: is FIXED (NTFS) - 699 GiB total, 295.442 GiB free.
F: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is CDROM ()
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Device ID: PCI\VEN_1969&DEV_1063&SUBSYS_83FE1043&REV_C0\4&1441FE03&0&0030
Manufacturer: Atheros
Name: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
PNP Device ID: PCI\VEN_1969&DEV_1063&SUBSYS_83FE1043&REV_C0\4&1441FE03&0&0030
Service: L1C
.
==== System Restore Points ===================
.
RP314: 5/09/2012 4:45:05 p.m. - Restore Operation
RP316: 5/09/2012 5:35:34 p.m. - Removed Assassin's Creed Brotherhood
RP317: 5/09/2012 5:39:14 p.m. - Removed Prototype(TM)
RP318: 5/09/2012 5:52:34 p.m. - Removed Far Cry 2
RP319: 6/09/2012 6:15:11 p.m. - Restore Operation
RP320: 7/09/2012 8:33:58 p.m. - Removed L.A. Noire
RP321: 7/09/2012 8:35:26 p.m. - Removed Grand Theft Auto IV
RP322: 7/09/2012 8:46:52 p.m. - Removed Fallout 3
RP323: 7/09/2012 9:00:33 p.m. - Removed Crysis® 2
RP324: 7/09/2012 9:14:40 p.m. - Removed Rome - Total War - Gold Edition
RP325: 8/09/2012 11:32:19 a.m. - IObit Uninstaller restore point
RP326: 8/09/2012 11:33:27 a.m. - Removed Star Wars Battlefront II
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
ɱ³öÖØΧ3ÈËÀà¸ïÃü
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader 9.5.2
Adobe Story
Adobe Widget Browser
Akamai NetSession Interface
Akamai NetSession Interface Service
Aliens vs. Predator
Amazon Kindle
Any to Icon
APB Reloaded
Apple Application Support
Apple Software Update
ArcaniA - Gothic 4 Patch
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
µTorrent
Audiosurf
avast! Free Antivirus
AVIConverter 2.1
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
Babylon toolbar on IE
BabylonObjectInstaller
Battlefield 3™
Battlefield Play4Free
Battlelog Web Plugins
Blacklight Retribution
Chief Architect Premier X3
Combat Arms
DAEMON Tools Lite
DAEMON Tools Toolbar
Dark Souls
Dawn of War - Soulstorm
DeskScapes
Desktop Icon Position Saver (64-bit)
DivX Setup
DOOM II: Hell on Earth
Dxtory version 2.0.118
Endless Space
EPU-4 Engine
ESN Sonar
Facebook Video Calling 1.2.0.159
Fallout Mod Manager 0.13.21
FFOLKES 2142 Unlocks mod v1.01
FLV Downloader
Game Booster 3
Ghost Recon Future Soldier
Google Chrome
Heavy Weapon Deluxe
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
iLivid
IObit Malware Fighter
IObit Toolbar v6.2
J2SE Runtime Environment 5.0 Update 5
Java Auto Updater
Java(TM) 6 Update 33
JDownloader
Jewel Quest
LogMeIn Hamachi
Lost Planet 2
Magic ISO Maker v5.5 (build 0281)
Majesty 2: The Fantasy Kingdom Sim
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Design 4
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Studio 4
Microsoft Expression Web 4
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Minecraft Beta Cracked
MinecraftCrack
Mount&Blade
Mount&Blade Warband
Mozilla Firefox 7.0.1 (x86 en-US)
NBA 2K12
Nexon Game Manager
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Oblivion
OpenAL
Opera 12.02
OPERATION7
Orcs Must Die
Orcs Must Die!
Origin
PassGen
Platform
PowerISO
PrivitizeVPN
PunkBuster Services
PxMergeModule
QuickTime
RAR Password Recovery v1.1 RC16 (remove only)
Rockstar Games Social Club
Savage 2 - A Tortured Soul
SearchCore for Browsers
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SHIFT 2 UNLEASHED™
ShopperReports
Skype Click to Call
Skype™ 5.10
Sleeping Dogs version 1.4
Smart Defrag 2
Star Wars: The Old Republic
Steam
Super Monday Night Combat
System Requirements Lab
TeamViewer 6
TES Construction Set
The Witcher 2
TheGreenBow IPSec VPN Client
Theme Manager
Torus
Tune Sweeper
Tunngle beta
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
uTorrentBar Toolbar
VC80CRTRedist - 8.0.50727.6195
VIA Platform Device Manager
ViewSonic Monitor Drivers
Vikingr 0.84
VLC media player 1.1.11
Windows iLivid Toolbar
WinRAR 4.00 (32-bit)
WolfTeam
WPF Toolkit February 2010 (Version 3.5.50211.1)
Xfire (remove only)
YourFileDownloader
YouTube Downloader 3.5
YTD Toolbar v6.2
Yukon Gold
.
==== Event Viewer Messages From Past Week ========
.
9/09/2012 12:36:43 p.m., Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {88F5E7B2-09B9-471E-895A-25247585905C} and APPID Unavailable to the user LINCOLN-PC\UpdatusUser SID (S-1-5-21-3630749389-2258371352-599158283-1004) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/09/2012 11:50:17 a.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
9/09/2012 11:42:25 a.m., Error: Service Control Manager [7000] - The UrlFilter service failed to start due to the following error: There are no more endpoints available from the endpoint mapper.
9/09/2012 11:41:58 a.m., Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
9/09/2012 11:41:58 a.m., Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
9/09/2012 11:30:17 a.m., Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
9/09/2012 11:30:16 a.m., Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
8/09/2012 6:18:53 a.m., Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied.
8/09/2012 3:27:21 p.m., Error: Service Control Manager [7038] - The WerSvc service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
8/09/2012 12:56:53 a.m., Error: Ntfs [137] - The default transaction resource manager on volume J: encountered a non-retryable error and could not start. The data contains the error code.
7/09/2012 4:14:33 p.m., Error: Microsoft-Windows-WHEA-Logger [20] - A fatal hardware error has occurred. Component: AMD Northbridge Error Source: Machine Check Exception Error Type: HyperTransport Watchdog Timeout Error Processor ID: 0 The details view of this entry contains further information.
7/09/2012 4:11:14 p.m., Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
7/09/2012 4:11:13 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/09/2012 4:11:13 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/09/2012 4:11:12 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/09/2012 4:11:12 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/09/2012 4:11:11 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/09/2012 4:11:04 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO aswRdr aswSnx aswSP aswTdi CSC DfsC discache ndistgb NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The TunngleService service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/09/2012 4:10:49 p.m., Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/09/2012 4:10:49 p.m., Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa80053f64f8, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\090712-26130-01.dmp. Report Id: 090712-26130-01.
6/09/2012 6:04:11 p.m., Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: The service has not been started.
2/09/2012 8:56:17 p.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
.
==== End Of File ===========================
knowlze
Member+
 
Posts: 37
Joined: September 8th, 2012, 9:08 pm
Advertisement
Register to Remove

Re: Virus in windows/system32/services.exe

Unread postby Gary R » September 9th, 2012, 1:33 am

viewtopic.php?f=11&t=60386

This is a Duplicate of the post linked to above, and has therefore been closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21863
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 55 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware