Sirus Log 01

March 5, 201313 yr

I was hoping I could get some help with this log file. Thanks.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:07:38 PM, on 3/5/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:Program FilesAVAST SoftwareAvastAvastUI.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:Program Files (x86)Mozilla Firefoxplugin-container.exe
C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_6_602_171.exe
C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_6_602_171.exe
C:UserspimpinDesktopPC MaintenceDownloadHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/?fr=fp-ydwnld&type=7zipOrganic
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yahoo.com/?fr=fp-ydwnld&type=7zipOrganic
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/?fr=fp-ydwnld&type=7zipOrganic
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
O4 - HKLM..Run: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui
O4 - HKCU..Run: [sUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'NETWORK SERVICE')
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:Program FilesSUPERAntiSpywareSASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:Program FilesAVAST SoftwareAvastAvastSvc.exe
O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:Windowssystem32fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:Program Files (x86)SkypeUpdaterUpdater.exe
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

--
End of file - 6189 bytes

March 6, 201313 yr

Administrator

Log looks fine. Did Malwarebytes or SUPERAntiSpyware return any results?

March 6, 201313 yr

Author

Yeah, 23 between the two of em. All removed now. Problem is I keep getting this blue screen of death and all. Not sure what all's causing it.

March 6, 201313 yr

Administrator

Scan once more with Malwarebytes and post the log.

When you get the bluescreen next, post the minidump. You can find it in C:WindowsMinidump. Copy it to your desktop, zip it and upload it to a file sharing service.

March 6, 201313 yr

Author

Still trying to do a malwarebytes log, the program keeps crashing -.-. Anyway though the minidump link is http://www.filedropper.com/030613-18174-01

March 7, 201313 yr

Administrator

Based on the minidump, either malware has altered numerous files on your computer, or there's some bad hardware. A /sfc scannow may fix it, but if the malware also replaced the good backup, it may not. You may be better off simply formatting and reinstalling Windows 7 and installing Service Pack 1 immediately.

March 9, 201313 yr

Author

well the /scannow found no problems so I'm guessing that means a hardware problem then?

March 9, 201313 yr

Administrator

Honestly, I'd say format and go with a clean slate. Make sure you install SP1 and all updates immediately.

March 21, 201313 yr

Administrator

Due to lack of response this topic is now closed.

If you need continued support, please start a new thread and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here: PC Cleanup

Sirus Log 01

Featured Replies

Recently Browsing 0

Account

Navigation

Search

Configure browser push notifications

Chrome (Android)

Chrome (Desktop)

Safari (iOS 16.4+)

Safari (macOS)

Edge (Android)

Edge (Desktop)

Firefox (Android)

Firefox (Desktop)