BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
KMService.exe virus, and probably more!
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > KMService.exe virus, and probably more!  
Forum Quick Jump
 
New Topic Post reply to : KMService.exe virus, and probably more! Printable version of : KMService.exe virus, and probably more!
[ << Previous Thread | Next Thread >> ]

datica
New Member


Date Joined Mar 2009
Total Posts : 3
 
   Posted 6/23/2013 4:58 AM (GMT +3)    Quote: KMService.exe virus, and probably more!Alert an admin about: KMService.exe virus, and probably more!
Hello, Bullguard forums. I have a problem with an annoying virus, it keeps spamming the browser everytime I click anything and neither Avast nor MBAM have erased it. I have received help before in Bullguard and the attention received is extremely proffesional, so, thank you very much in advance.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:02:59, on 22/06/2013
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)


Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Ares\Ares.exe
C:\Users\Flia. Kumbos\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Flia. Kumbos\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: PiccShare - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\Flia. Kumbos\AppData\Local\ext_piccshare\ext_piccshare.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SCheck] "C:\Users\Flia. Kumbos\AppData\Roaming\SCheck\SCheck.exe" check
O4 - HKCU\..\Run: [SSync] "C:\Users\Flia. Kumbos\AppData\Roaming\SSync\SSync.exe"
O4 - HKCU\..\Run: [DataMgr] "C:\Users\Flia. Kumbos\AppData\Roaming\DataMgr\DataMgr.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Flia. Kumbos\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Intermediate] "C:\Users\Flia. Kumbos\AppData\Roaming\Intermediate\Intermediate.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe
O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Unknown owner - C:\Program Files\Ralink\Common\RaMediaServer.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 21208 bytes

Malwarebytes Anti-Malware (Versión de Prueba) 1.75.0.1300
www.malwarebytes.org

Versión de la Base de Datos: v2013.04.04.07

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Flia. Kumbos :: FLIAKUMBOS1 [administrador]

Protección: Habilitado

22/06/2013 11:14:53
mbam-log-2013-06-22 (11-14-53).txt

Tipos de Análisis: Análisis Completo (C:\|)
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 282134
Tiempo transcurrido: 46 minuto(s), 47 segundo(s)

Procesos en Memoria Detectados: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 1524 -> Se eliminarán al reiniciar.

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Se eliminarán al reiniciar.

fin)

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18639
Run by Flia. Kumbos at 16:05:27 on 2013-06-22
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.34.3082.18.1986.292 [GMT -3:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Ralink\Common\RaRegistry.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Flia. Kumbos\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Flia. Kumbos\Downloads\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer provided by
BHO: PiccShare BHO: {553318DA-D010-469E-84B1-496563CAE1C0} - c:\users\flia. kumbos\appdata\local\ext_piccshare\ext_piccshare.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [ares] "c:\program files\ares\Ares.exe" -h
uRun: [SCheck] "c:\users\flia. kumbos\appdata\roaming\scheck\SCheck.exe" check
uRun: [SSync] "c:\users\flia. kumbos\appdata\roaming\ssync\SSync.exe"
uRun: [DataMgr] "c:\users\flia. kumbos\appdata\roaming\datamgr\DataMgr.exe"
uRun: [uTorrent] "c:\users\flia. kumbos\appdata\roaming\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Intermediate] "c:\users\flia. kumbos\appdata\roaming\intermediate\Intermediate.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [snpstd] c:\windows\vsnpstd.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Enviar a OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: E&xportar a Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{22B4C2C4-F83C-446E-BA9B-5DC7CE271303} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C218522B-B62E-4F1C-A153-35456DE2472D} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-6-22 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-6-22 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-6-22 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-6-22 368944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-6-22 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-6-22 66336]
R3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\drivers\IntcDAud.sys [2013-4-15 269824]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-22 22856]
R3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2013-4-15 41088]
R3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2013-4-15 1542720]
.
=============== Created Last 30 ================
.
2013-06-22 16:23:50 -------- d-----w- c:\program files\CCleaner
2013-06-22 14:10:47 -------- d-----w- c:\users\flia. kumbos\appdata\roaming\Malwarebytes
2013-06-22 14:10:11 -------- d-----w- c:\programdata\Malwarebytes
2013-06-22 14:10:02 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-22 14:10:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-22 13:53:05 -------- d-s---w- c:\users\flia. kumbos\Google Drive
2013-06-22 13:41:27 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-22 13:41:27 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-22 13:41:25 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-22 13:41:17 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-22 13:37:25 41664 ----a-w- c:\windows\avastSS.scr
2013-06-22 13:36:45 -------- d-----w- c:\program files\AVAST Software
2013-06-22 13:35:43 -------- d-----w- c:\programdata\AVAST Software
2013-06-21 03:12:48 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{58b89e2e-31a3-4cac-96bb-3677581fd7af}\offreg.dll
.
==================== Find3M ====================
.
2013-05-06 22:05:25 8192 ----a-w- c:\windows\system32\srvany.exe
2013-05-02 05:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-21 21:38:00 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-21 21:38:00 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-15 19:31:54 319456 ----a-w- c:\windows\DIFxAPI.dll
.
============= FINISH: 16:07:43,28 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 15/04/2013 16:15:07
System Uptime: 22/06/2013 12:03:41 (4 hours ago)
.
Motherboard: ECS | | H61H2-CM
Processor: Intel(R) Pentium(R) CPU G630 @ 2.70GHz | CPU 1 | 2500/400mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 371,231 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Dispositivo de almacenamiento USB
Device ID: USB\VID_05E3&PID_0722\000000009833
Manufacturer: Dispositivo de almacenamiento USB compatible
Name: Dispositivo de almacenamiento USB
PNP Device ID: USB\VID_05E3&PID_0722\000000009833
Service: USBSTOR
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Ares 2.2.4
µTorrent
avast! Free Antivirus
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Chrome
Google Drive
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Malwarebytes Anti-Malware versión 1.75.0.1300
Microsoft .NET Framework 3.5 Language Pack SP1 - esn
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile ESN Language Pack
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Spanish) 2010
Microsoft Office Excel MUI (Spanish) 2010
Microsoft Office Groove MUI (Spanish) 2010
Microsoft Office InfoPath MUI (Spanish) 2010
Microsoft Office OneNote MUI (Spanish) 2010
Microsoft Office Outlook MUI (Spanish) 2010
Microsoft Office PowerPoint MUI (Spanish) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Basque) 2010
Microsoft Office Proof (Catalan) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Galician) 2010
Microsoft Office Proof (Portuguese (Brazil)) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (Spanish) 2010
Microsoft Office Publisher MUI (Spanish) 2010
Microsoft Office Shared MUI (Spanish) 2010
Microsoft Office Word MUI (Spanish) 2010
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
PiccShare
Ralink RT2860 Wireless LAN Card
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2478663)
Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2518870)
Skype™ 6.3
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
.
==== End Of File ===========================
Back to Top
 

Andreea-Luciana Ostache
Forum Moderator




Date Joined Aug 2010
Total Posts : 550
 
   Posted 6/23/2013 4:56 PM (GMT +3)    Quote: KMService.exe virus, and probably more!Alert an admin about: KMService.exe virus, and probably more!
Here is a guide that you can follow to remove any toolbars, add-ons, extensions, from your browser and computer:
www.bullguard.com/support/tech-guides/how-to-remove-browser-toolbars.aspx
Note: You should remove anything that you did not install yourself.

Also, I recommend that you reset Internet Options as seen in this guide: support.microsoft.com/kb/923737

Run Hijackthis and fix the following:
O4 - HKCU\..\Run: [SSync] "C:\Users\Flia. Kumbos\AppData\Roaming\SSync\SSync.exe"
O4 - HKCU\..\Run: [DataMgr] "C:\Users\Flia. Kumbos\AppData\Roaming\DataMgr\DataMgr.exe"

Delete the following folders:
C:\Users\Flia. Kumbos\AppData\Roaming\SSync
C:\Users\Flia. Kumbos\AppData\Roaming\DataMgr

Let us know if you have any more issues afterwards.


Andreea-Luciana Ostache
Senior Support Technician EN
support@bullguard.com
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 13

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!

Back to Top
 
New Topic Post reply to : KMService.exe virus, and probably more! Printable version of : KMService.exe virus, and probably more!
 
Forum Information
Currently it is Tuesday, September 02, 2014 8:02 PM (GMT +3)
There are a total of 60,585 posts in 13,313 threads.
In the last 3 days there were 1 new threads and 4 reply posts. View Active Threads
Who's Online
This forum has 36305 registered members. Please welcome our newest member, Gordana Daniel.
3 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Bullguard Backup: 3 GB of files are "missing" but freespace calcuation seems to think they (3)8/31/2014 11:20:08 PM (Robert Mateescu)
Blocking of sites (5)8/31/2014 6:53:45 PM (Robert Mateescu)