Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trj/Alureon.BB


  • This topic is locked This topic is locked
1 reply to this topic

#1 jimhappy17

jimhappy17

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:50 AM

Posted 24 August 2009 - 12:28 AM

Having a heck of a hard time with this virus...

It won't let me run spybot or hijackthis. They just don't open. I played around and removed some files but I still can't get those programs to run.

Also on boot, it always opens two instances of Iexplorer but I don't see the actual program pop up.


***********************************************************************


Logfile of random's system information tool 1.06 (written by random/random)
Run by Q6600 at 2009-08-23 22:06:44
Microsoft Windows XP Professional Service Pack 2
System drive C: has 93 GB (62%) free of 150 GB
Total RAM: 2010 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:06:49 PM, on 8/23/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AnVir Task Manager\AnVir.exe
D:\a\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Documents and Settings\Q6600\Desktop\RSIT.exe
C:\Program Files\trend micro\Q6600.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\a\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [AnVir Task Manager] "C:\Program Files\AnVir Task Manager\AnVir.exe" Minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\a\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\a\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\a\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Z-SAN Service (Z-SANService) - Zetera Corporation - C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe

--
End of file - 4483 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\a\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"PestPatrol Control Center"=C:\PROGRA~1\PESTPA~1\PPControl.exe [2004-11-15 98304]
"PPMemCheck"=C:\PROGRA~1\PESTPA~1\PPMemCheck.exe [2003-04-19 148480]
"CookiePatrol"=C:\PROGRA~1\PESTPA~1\CookiePatrol.exe [2005-01-10 73728]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-07-04 520024]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-09-01 15360]
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-02-04 4363504]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2009-05-18 49968]
"AnVir Task Manager"=C:\Program Files\AnVir Task Manager\AnVir.exe [2009-05-15 3071712]
"SpybotSD TeaTimer"=D:\a\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2007-05-21 124512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"VMware NAT Service"=3
"VMnetDHCP"=3
"VMAuthdService"=3
"vmount2"=3
"ufad-ws60"=3

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\InterVideo\DVD8\WinDVD.exe"="C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Disabled:WinDVD"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"E:\Windows\DSAssistant\Application\DSAssistant.exe"="E:\Windows\DSAssistant\Application\DSAssistant.exe:*:Enabled:Synology Assistant"
"C:\Program Files\Synology Assistant\DSAssistant.exe"="C:\Program Files\Synology Assistant\DSAssistant.exe:*:Enabled:Synology Assistant"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Synology Download Redirector\Redirector.exe"="C:\Program Files\Synology Download Redirector\Redirector.exe:*:Enabled:Synology® Download Redirector"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"

======List of files/folders created in the last 1 months======

2009-08-23 22:04:58 ----D---- C:\Program Files\xerox
2009-08-23 21:14:10 ----HDC---- C:\WINDOWS\ie8
2009-08-23 21:09:33 ----A---- C:\WINDOWS\imsins.BAK
2009-08-23 21:09:30 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2009-08-23 21:05:21 ----D---- C:\BMW95
2009-08-23 20:28:51 ----A---- C:\WINDOWS\ntbtlog.txt
2009-08-23 20:05:37 ----D---- C:\rsit
2009-08-23 20:05:37 ----D---- C:\Program Files\trend micro
2009-08-23 19:12:20 ----D---- C:\Program Files\Panda Security
2009-08-23 18:26:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-08 23:57:54 ----D---- C:\Documents and Settings\Q6600\Application Data\skypePM
2009-08-08 23:57:31 ----D---- C:\Documents and Settings\Q6600\Application Data\Skype
2009-08-08 23:56:55 ----D---- C:\Program Files\Skype
2009-08-08 23:56:51 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-08-08 15:32:29 ----D---- C:\Documents and Settings\Q6600\Application Data\Viewpoint

======List of files/folders modified in the last 1 months======

2009-08-23 22:06:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-23 22:06:01 ----D---- C:\WINDOWS\system32
2009-08-23 22:06:00 ----D---- C:\WINDOWS\Temp
2009-08-23 22:05:31 ----D---- C:\Program Files\PestPatrol
2009-08-23 22:04:58 ----D---- C:\Program Files
2009-08-23 22:03:52 ----D---- C:\WINDOWS\Prefetch
2009-08-23 21:50:06 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-23 21:48:22 ----D---- C:\Program Files\Mozilla Firefox
2009-08-23 21:38:11 ----D---- C:\Program Files\FlashFXP
2009-08-23 21:19:00 ----D---- C:\WINDOWS
2009-08-23 21:18:29 ----HD---- C:\WINDOWS\inf
2009-08-23 21:18:29 ----D---- C:\Program Files\Internet Explorer
2009-08-23 21:18:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-23 21:18:28 ----D---- C:\WINDOWS\Help
2009-08-23 21:17:22 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-23 21:16:32 ----D---- C:\WINDOWS\system32\en-US
2009-08-23 21:14:57 ----D---- C:\WINDOWS\WBEM
2009-08-23 21:14:52 ----D---- C:\WINDOWS\Media
2009-08-23 21:09:26 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-23 20:25:53 ----SD---- C:\WINDOWS\Tasks
2009-08-23 20:11:56 ----D---- C:\WINDOWS\Debug
2009-08-23 20:11:45 ----D---- C:\WINDOWS\system32\drivers
2009-08-23 19:04:05 ----D---- C:\Intel
2009-08-23 18:59:48 ----SHD---- C:\System Volume Information
2009-08-23 18:59:48 ----D---- C:\WINDOWS\system32\Restore
2009-08-23 18:44:16 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-23 18:09:41 ----HD---- C:\WINDOWS\system32\GroupPolicy
2009-08-23 17:32:29 ----SH---- C:\boot.ini
2009-08-23 17:32:29 ----N---- C:\WINDOWS\win.ini
2009-08-23 17:32:29 ----N---- C:\WINDOWS\system.ini
2009-08-23 17:07:01 ----SHD---- C:\WINDOWS\Installer
2009-08-23 15:54:44 ----D---- C:\Program Files\RegVac
2009-08-23 14:04:54 ----SHD---- C:\RECYCLER
2009-08-23 13:31:20 ----D---- C:\Documents and Settings
2009-08-13 21:38:05 ----D---- C:\Program Files\Full Tilt Poker
2009-08-13 00:38:20 ----AD---- C:\Program Files\Diablo IIII
2009-08-13 00:37:39 ----AD---- C:\Program Files\Diablo III
2009-08-12 00:55:05 ----D---- C:\Program Files\Yahoo!
2009-08-10 20:29:21 ----D---- C:\WINDOWS\system32\config
2009-08-10 20:29:11 ----D---- C:\WINDOWS\system32\wbem
2009-08-10 20:29:11 ----D---- C:\WINDOWS\Registration
2009-08-10 20:28:56 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-08-08 23:57:00 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-09-01 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-09-01 14848]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2006-07-29 30601]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2004-09-01 223616]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-05 55656]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 SFSZ;DataPlow SFS for Zetera Storage Devices; C:\WINDOWS\system32\drivers\sfsz.sys [2007-08-14 345984]
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2007-05-01 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys []
R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2008-09-26 238736]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-09-01 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-09-18 4816896]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-09-01 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
R3 TPM;Winbond Trusted Platform Module; C:\WINDOWS\system32\DRIVERS\tpm.sys [2008-02-10 18048]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-09-01 12416]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-09-01 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-05-01 16816]
R3 ZetBus;Zetera Virtual Bus; C:\WINDOWS\system32\DRIVERS\ZetBus.sys [2007-08-08 15488]
S3 ALSysIO;ALSysIO; \??\C:\DOCUME~1\Q6600\LOCALS~1\Temp\ALSysIO.sys []
S3 HECI;Intel® Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-05-11 45056]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-09-01 40320]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 vmusb;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2007-05-01 30768]
S3 ZetMPD;ZetMPD; C:\WINDOWS\system32\DRIVERS\ZetMPD.sys [2007-08-08 5120]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2004-09-01 14336]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-02 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-07-04 1029456]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 Z-SANService;Z-SAN Service; C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe [2007-08-08 376891]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2007-04-09 187184]
S4 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2007-05-01 109360]
S4 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2007-05-01 121648]
S4 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2007-03-23 269104]
S4 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2007-05-01 150320]

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 jimhappy17

jimhappy17
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:50 AM

Posted 25 August 2009 - 01:33 AM

Mods please delete. I was able to clean this running hitman pro 3.5. in safemode with networking




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users