Inactive [A] Trojan issues (not sure which)

Status
Not open for further replies.
A

Alexpt

Hi,
I recently started to have some issues with my computer. Long story short, my AV software (Eset at that time) indicated that I had issues with "System32\Services" (alerting me of a "Patched.B.Gen Trojan". Also it kept alerting me of an other issue about an other trojan (in a folder called "instaler" in the "windows" parent folder). I therefore tried scanning my computer with Eset in normal and safe mode but nothing changed. Then I found this forum and wondered if someone could help me. I also changed my AV software to Essential Microsoft Security thinking it could do the job... it found other version of the "serifef" trojan but did not eradicate the problem.

Here are the logs that were indicated to be posted to get help.
 
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.16.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Alexis :: ALEXIS-DESKTOP [administrator]

16/07/2012 23:16:33
mbam-log-2012-07-16 (23-16-33).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233404
Time elapsed: 3 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Installer\{9f7b45f1-fdd7-8c17-a0c7-f1448443adca}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)
 
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-17 00:40:03
Windows 6.1.7601 Service Pack 1
Running: ckfq6w79.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\111111111111
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\111111111111 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
 
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32
Run by Alexis at 0:47:26 on 2012-07-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.2.1033.18.4095.2039 [GMT -4:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\lxebcoms.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
C:\Windows\SysWOW64\HsMgr.exe
C:\Windows\system\HsMgr64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\splwow64.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\program files (x86)\speedfan\speedfan.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe
C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe
C:\Program Files (x86)\ShareMouse\smService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - C:\Program Files (x86)\LastPass\LPBar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [FA8E95351A6A4D551495E69E44281FEF33D2A599._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
uRun: [LogMeIn Cubby] "C:\Users\Alexis\AppData\Roaming\cubby\cubby.exe" -hidden
uRun: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Alexis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\System\Startup\FACEBO~1.LNK - C:\Users\Alexis\AppData\Local\Facebook\Messenger\2.1.4570.0\FacebookMessenger.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{EC5993BA-38BD-4FB2-9595-E07C621E7AD4} : DhcpNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
BHO-X64: LastPass Browser Helper Object - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun-x64: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\xs6am7gn.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Users\Alexis\AppData\Local\Facebook\Messenger\2.1.4570.0\npFbDesktopPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 lxeb_device;lxeb_device;C:\Windows\system32\lxebcoms.exe -service --> C:\Windows\system32\lxebcoms.exe -service [?]
R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
R2 uxpatch;uxpatch;\??\C:\Windows\system32\drivers\uxpatch.sys --> C:\Windows\system32\drivers\uxpatch.sys [?]
R3 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R3 cmudaxp;ASUS Xonar DG Audio Interface;C:\Windows\system32\drivers\cmudaxp.sys --> C:\Windows\system32\drivers\cmudaxp.sys [?]
R3 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2011-3-16 222720]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-1-22 2253120]
R3 ShareMouse Service;ShareMouse Service;C:\Program Files (x86)\ShareMouse\smService.exe [2012-5-10 192080]
S0 Soluto;Soluto;C:\Windows\system32\DRIVERS\Soluto.sys --> C:\Windows\system32\DRIVERS\Soluto.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 ekrn;ESET Service;"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" --> C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [?]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxebserv.exe [2010-4-14 45736]
S2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2012-4-24 584224]
S3 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2010-7-22 814344]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-1-23 250056]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-1-22 79360]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
S3 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-22 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-22 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-23 113120]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 t3;Sound Blaster X-Fi Xtreme Audio;C:\Windows\system32\drivers\t3.sys --> C:\Windows\system32\drivers\t3.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-07-17 04:41:029013136----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D497FACF-32FB-419A-B61F-93A1E732778B}\mpengine.dll
2012-07-16 19:17:34328704----a-w-C:\Windows\System32\services.exe.9CDA7A0ED6517B80
2012-07-16 19:11:52328704----a-w-C:\Windows\System32\services.exe.44C9646C22E262AC
2012-07-16 19:06:51328704----a-w-C:\Windows\System32\services.exe.ED4FF49C19C98178
2012-07-16 19:01:55328704----a-w-C:\Windows\System32\services.exe.FCEDA1583464A31D
2012-07-16 18:56:58328704----a-w-C:\Windows\System32\services.exe.373704F81EF3F1A6
2012-07-16 18:51:59328704----a-w-C:\Windows\System32\services.exe.B771E0388160A5D2
2012-07-16 18:46:06927800----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECBDAAFC-D1FB-46ED-8C36-478E1DAE0408}\gapaengine.dll
2012-07-16 18:44:07--------d-----w-C:\Program Files (x86)\Microsoft Security Client
2012-07-16 18:44:02--------d-----w-C:\Program Files\Microsoft Security Client
2012-07-16 17:03:57--------d-----w-C:\Program Files\ESET
2012-07-16 16:58:14--------d-----w-C:\Users\Alexis\AppData\Roaming\Malwarebytes
2012-07-16 16:58:0024904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-07-16 16:58:00--------d-----w-C:\ProgramData\Malwarebytes
2012-07-16 16:58:00--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-16 16:42:35--------d-----w-C:\Users\Alexis\AppData\Roaming\SpeedyPC Software
2012-07-16 16:42:35--------d-----w-C:\Users\Alexis\AppData\Roaming\DriverCure
2012-07-16 16:42:21--------d-----w-C:\ProgramData\SpeedyPC Software
2012-07-16 00:55:52--------d-----w-C:\Users\Alexis\AppData\Roaming\LolClient
2012-07-16 00:34:19467984----a-w-C:\Windows\SysWow64\d3dx10_39.dll
2012-07-16 00:34:193851784----a-w-C:\Windows\SysWow64\D3DX9_39.dll
2012-07-16 00:34:191493528----a-w-C:\Windows\SysWow64\D3DCompiler_39.dll
2012-07-16 00:30:45--------d-----w-C:\Riot Games
2012-07-15 23:10:17--------d-----w-C:\Users\Alexis\AppData\Local\PMB Files
2012-07-15 23:10:13--------d-----w-C:\ProgramData\PMB Files
2012-07-15 23:09:56--------d-----w-C:\Program Files (x86)\Pando Networks
2012-07-15 20:59:08--------d-sh--w-C:\Windows\SysWow64\%APPDATA%
2012-07-14 22:07:46--------d-----w-C:\Users\Alexis\AppData\Local\PassMark
2012-07-14 22:07:21540688----a-w-C:\Windows\System32\d3dx10_39.dll
2012-07-14 22:07:211942552----a-w-C:\Windows\System32\D3DCompiler_39.dll
2012-07-14 22:07:144992520----a-w-C:\Windows\System32\D3DX9_39.dll
2012-07-14 22:05:53--------d-----w-C:\ProgramData\Passmark
2012-07-14 22:05:51--------d-----w-C:\Program Files\PerformanceTest
2012-07-14 01:40:089013136----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4163441C-0F5F-4240-9CC8-BFCBCFD89066}\mpengine.dll
2012-07-12 15:29:48--------d-----w-C:\ProgramData\Ask
2012-07-11 18:54:59--------d-----w-C:\Users\Alexis\AppData\Roaming\SuperNZB
2012-07-11 18:20:53--------d-----w-C:\Users\Alexis\AppData\Local\QuickPar
2012-07-11 18:09:59--------d-----w-C:\Program Files (x86)\QuickPar
2012-07-11 03:20:253148800----a-w-C:\Windows\System32\win32k.sys
2012-07-11 03:12:59499200----a-w-C:\Program Files\Internet Explorer\jsdbgui.dll
2012-07-11 03:12:59387584----a-w-C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2012-07-11 03:12:58678912----a-w-C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2012-07-11 03:12:57887296----a-w-C:\Program Files\Internet Explorer\iedvtool.dll
2012-07-11 03:11:26458704----a-w-C:\Windows\System32\drivers\cng.sys
2012-07-11 03:11:26340992----a-w-C:\Windows\System32\schannel.dll
2012-07-11 03:11:26307200----a-w-C:\Windows\System32\ncrypt.dll
2012-07-11 03:11:26219136----a-w-C:\Windows\SysWow64\ncrypt.dll
2012-07-11 03:11:26151920----a-w-C:\Windows\System32\drivers\ksecpkg.sys
2012-07-11 03:11:2595600----a-w-C:\Windows\System32\drivers\ksecdd.sys
2012-07-11 03:11:25225280----a-w-C:\Windows\SysWow64\schannel.dll
2012-07-11 03:11:2522016----a-w-C:\Windows\SysWow64\secur32.dll
2012-07-11 03:11:2496768----a-w-C:\Windows\SysWow64\sspicli.dll
2012-07-10 19:31:17--------d-----w-C:\Users\Alexis\AppData\Roaming\ASUS
2012-07-10 19:29:45805376------w-C:\Windows\System32\Cmeauoxy.exe
2012-07-10 19:29:45--------d-----w-C:\Program Files\ASUS Xonar DG Audio
2012-07-10 19:29:212725376----a-w-C:\Windows\System32\drivers\cmudaxp.sys
2012-07-10 19:29:2032768----a-w-C:\Windows\System32\cmudaxp.dll
2012-07-10 19:29:18315392----a-w-C:\Windows\SysWow64\CmiFltr.dll
2012-07-10 19:29:18315392----a-w-C:\Windows\system\CmiFltr.dll
2012-07-10 19:29:14359424------w-C:\Windows\System32\CmiInstallResAll64.dll
2012-07-10 19:29:05524768----a-r-C:\Windows\difxapi.dll
2012-07-08 23:31:57--------d-----w-C:\Users\Alexis\AppData\Roaming\enchant
2012-07-08 23:21:26--------d-----w-C:\Program Files (x86)\Artha
2012-07-01 05:13:50--------d-----w-C:\ProgramData\Solidshield
2012-06-24 04:44:08--------d-----w-C:\Users\Alexis\AppData\Roaming\XBMC
2012-06-21 14:00:172622464----a-w-C:\Windows\System32\wucltux.dll
2012-06-21 13:59:4399840----a-w-C:\Windows\System32\wudriver.dll
2012-06-21 13:59:1236864----a-w-C:\Windows\System32\wuapp.exe
2012-06-21 13:59:12186752----a-w-C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-16 19:21:10328704----a-w-C:\Windows\System32\services.exe
2012-07-16 02:09:52466456----a-w-C:\Windows\System32\wrap_oal.dll
2012-07-16 02:09:52444952----a-w-C:\Windows\SysWow64\wrap_oal.dll
2012-07-16 02:09:52122904----a-w-C:\Windows\System32\OpenAL32.dll
2012-07-16 02:09:52109080----a-w-C:\Windows\SysWow64\OpenAL32.dll
2012-07-15 21:07:06283304----a-w-C:\Windows\SysWow64\PnkBstrB.xtr
2012-07-15 21:07:06283304----a-w-C:\Windows\SysWow64\PnkBstrB.exe
2012-07-15 21:06:47280904----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
2012-07-12 05:15:1270344----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 05:15:12426184----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-14 20:56:22955840----a-w-C:\Windows\System32\npdeployJava1.dll
2012-06-14 20:56:22839096----a-w-C:\Windows\System32\deployJava1.dll
2012-06-06 06:06:162004480----a-w-C:\Windows\System32\msxml6.dll
2012-06-06 06:06:161881600----a-w-C:\Windows\System32\msxml3.dll
2012-06-06 06:02:541133568----a-w-C:\Windows\System32\cdosys.dll
2012-06-06 05:05:521390080----a-w-C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:521236992----a-w-C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06805376----a-w-C:\Windows\SysWow64\cdosys.dll
2012-06-02 12:12:172311680----a-w-C:\Windows\System32\jscript9.dll
2012-06-02 12:05:281392128----a-w-C:\Windows\System32\wininet.dll
2012-06-02 12:04:501494528----a-w-C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40173056----a-w-C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:082382848----a-w-C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:251800192----a-w-C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:081129472----a-w-C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:031427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:522382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-05-24 21:18:404472832----a-w-C:\Windows\SysWow64\GPhotos.scr
2012-05-23 19:07:02476960----a-w-C:\Windows\SysWow64\npdeployJava1.dll
2012-05-23 19:07:02472864----a-w-C:\Windows\SysWow64\deployJava1.dll
2012-05-17 19:19:0714844448----a-w-C:\Program Files (x86)\Common Files\lpuninstall.exe
2012-05-04 11:06:225559664----a-w-C:\Windows\System32\ntoskrnl.exe
2012-05-04 11:00:43366592----a-w-C:\Windows\System32\qdvd.dll
2012-05-04 10:03:533968368----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:503913072----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2012-05-04 09:59:54514560----a-w-C:\Windows\SysWow64\qdvd.dll
2012-05-01 05:40:20209920----a-w-C:\Windows\System32\profsvc.dll
2012-04-28 05:32:051112064----a-w-C:\Windows\System32\rdpcorets.dll
2012-04-28 03:55:21210944----a-w-C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:5677312----a-w-C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55149504----a-w-C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:279216----a-w-C:\Windows\System32\rdrmemptylst.exe
2012-04-24 21:13:2454728----a-w-C:\Windows\System32\drivers\Soluto.sys
2012-04-24 05:37:37184320----a-w-C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37140288----a-w-C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:361462272----a-w-C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42140288----a-w-C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:421158656----a-w-C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42103936----a-w-C:\Windows\SysWow64\cryptnet.dll
2012-04-22 17:56:21283200----a-w-C:\Windows\System32\drivers\dtsoftbus01.sys
.
============= FINISH: 0:47:54.09 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 22/01/2012 0:01:01
System Uptime: 17/07/2012 0:13:53 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5QL-E
Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz | LGA775 | 2533/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 340.478 GiB free.
D: is FIXED (NTFS) - 75 GiB total, 74.437 GiB free.
E: is Removable
F: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is FIXED (NTFS) - 699 GiB total, 150.567 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP156: 16/07/2012 10:56:35 - Scheduled Checkpoint
RP157: 16/07/2012 12:54:11 - Revo Uninstaller's restore point - SpeedyPC Pro
RP158: 16/07/2012 12:54:55 - Revo Uninstaller's restore point - SpeedyPC Pro
RP159: 16/07/2012 12:56:51 - Installed ESET NOD32 Antivirus
RP160: 16/07/2012 14:45:11 - Windows Update
.
==== Installed Programs ======================
.
ABBYY FineReader 10 Professional Edition
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Alt.Binz 0.25.0
Antidote HD
Apple Application Support
Apple Software Update
Artha 1.0.2.0
Audacity 2.0
Audiosurf
Auslogics Disk Defrag
Autodesk Material Library 2013
Autodesk Material Library Base Resolution Image Library 2013
Battlefield 3™
Battlelog Web Plugins
Binreader
Combined Community Codec Pack 2011-11-11
Cubby
DAEMON Tools Lite
DiRT 3
Disk Space Fan 4 Free (4.0.2.102)
DivX Setup
Dropbox
ESN Sonar
Facebook Messenger 2.1.4570.0
Fences
FileHippo.com Update Checker
Glary Utilities 2.45.0.1486
Google Chrome
Google Drive
Google Update Helper
Guitar Pro 6
Host OpenAL
ImgBurn
iSyncr
Java Auto Updater
Java(TM) 6 Update 32
K-Lite Codec Pack 8.8.0 (Full)
LastPass (uninstall only)
League of Legends
Malwarebytes Anti-Malware version 1.62.0.1300
Mass Effect™ 3
MediaHuman Audio Converter version 1.5.2
MediaHuman Video Converter version 1.1.1
Mendeley Desktop 1.3.2
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 14.0 (x86 en-US)
Mozilla Maintenance Service
NVIDIA PhysX
OpenAL
Origin
Osmos
Pando Media Booster
PDF Settings CS6
Picasa 3
Power Tab Editor 1.7
Power Tab Librarian
PunkBuster Services
QuickPar 0.9
QuickTime
Rapture3D 2.4.8 Game
Real Alternative 2.0.2
Revo Uninstaller 1.94
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
ShareMouse v1.0.90
SHIFT 2 UNLEASHED™
SopCast 3.5.0
SpeedFan (remove only)
Steam
swMSM
The Elder Scrolls V Skyrim - High Resolution Texture Pack
The KMPlayer (remove only)
theRenamer 7.55
Total War: SHOGUN 2
TuneUp Companion 2.4.6.4
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VC80CRTRedist - 8.0.50727.6195
VirtualCloneDrive
Windows Media Player Firefox Plugin
Winstep Start Menu Organizer 1.5
.
==== Event Viewer Messages From Past Week ========
.
17/07/2012 0:40:34, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
17/07/2012 0:40:34, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
17/07/2012 0:14:58, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Soluto PCGenome Core Service service to connect.
17/07/2012 0:14:58, Error: Service Control Manager [7000] - The Soluto PCGenome Core Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
17/07/2012 0:14:27, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
17/07/2012 0:14:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxebCATSCustConnectService service to connect.
17/07/2012 0:14:27, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
17/07/2012 0:14:27, Error: Service Control Manager [7000] - The lxebCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
17/07/2012 0:14:26, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
17/07/2012 0:14:26, Error: Service Control Manager [7000] - The ESET Service service failed to start due to the following error: The system cannot find the file specified.
16/07/2012 14:38:45, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
16/07/2012 14:38:45, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
16/07/2012 14:11:43, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
16/07/2012 13:55:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
16/07/2012 13:55:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
16/07/2012 13:55:28, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 13:55:28, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
16/07/2012 13:55:28, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
16/07/2012 13:55:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
16/07/2012 13:55:18, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
16/07/2012 13:55:13, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ElbyCDIO Soluto spldr Wanarpv6
16/07/2012 13:55:09, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 13:53:45, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 13:53:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
16/07/2012 13:53:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
16/07/2012 13:53:14, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss Soluto spldr tdx Wanarpv6 WfpLwf
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 13:53:09, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2012 13:39:26, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
16/07/2012 13:16:55, Error: Service Control Manager [7003] - The epfwwfpr service depends the following service: BFE. This service might not be installed.
16/07/2012 13:06:59, Error: Service Control Manager [7030] - The Eset install launcher (30040) service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
16/07/2012 10:04:21, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
16/07/2012 0:10:17, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache ehdrv ElbyCDIO NetBIOS NetBT nltdi nsiproxy Psched rdbss Soluto spldr tdx Wanarpv6 WfpLwf
15/07/2012 3:20:36, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
15/07/2012 20:41:03, Error: Service Control Manager [7034] - The CrashPlan Backup Service service terminated unexpectedly. It has done this 1 time(s).
15/07/2012 20:31:59, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
15/07/2012 0:25:48, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
13/07/2012 19:16:05, Error: Service Control Manager [7034] - The Soluto PCGenome Core Service service terminated unexpectedly. It has done this 1 time(s).
11/07/2012 16:39:02, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
10/07/2012 0:11:56, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort2.
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

============================================

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 
Thanks for the answer I'll do what you wrote this evening and give you news.
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
482
eriksnyman1
E
D
Solved Malwarebyte pop-up at random times showing "Website blocked due to Trojan" Type: Outbound, c/windows/syswows64/dllhost.exe
2
Replies
25
Views
5K
allant
A
R
iTunes Issues
Replies
0
Views
988
R Henderson
R

Latest posts

Back