Aero Posted April 7, 2014 Posted April 7, 2014 Hi Some programs on my pc are not working for me. I tend to think my fatal error was installing win 8.1 but I just wanted to check it was nothing obvious here. I went through the steps in the AMT to the best of my ability (the instructions didn't always seem to match up with what I was seeing). Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:07:50, on 07/04/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:Program Files (x86)ASUSAI Suite IIDIGI+ VRMPowerControlHelp.exe C:Program Files (x86)ASUSAI Suite IIAsRoutineController.exe C:Program Files (x86)EPSONMyEPSON Connectmep.exe C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe C:Program Files (x86)mIRCmirc.exe C:Program Files (x86)SteamSteam.exe C:Program Files (x86)ASUSAI Suite IITurboV EVOTurboVHelp.exe C:Program Files (x86)ASUSAI Suite IINetwork iControlNetSvcHelpNetSvcHelp.exe C:Program Files (x86)ASUSAI Suite IINetwork iControlNetSvcHelpNetiCtrlTray.exe C:Program Files (x86)ASUSAI Suite IIEPUEPUHelp.exe C:Program Files (x86)ASUSAI Suite IIAI Suite II.exe C:Program Files (x86)EPSON SoftwareEvent ManagerEEventManager.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)GoogleChromeApplicationchrome.exe C:Program Files (x86)ASUSAI Suite IISensorAlertHelperAlertHelper.exe C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe C:UsersAeronwenDesktopDownloadHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = Preserve R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:Tabs R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:PROGRA~2MICROS~1Office14GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:PROGRA~2MICROS~1Office14URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" O4 - HKLM..Run: [vProt] "C:Program Files (x86)AVG Secure Searchvprot.exe" O4 - HKLM..Run: [Adobe Creative Cloud] "C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM..Run: [KeePass 2 PreLoad] "C:Program Files (x86)KeePass Password Safe 2KeePass.exe" --preload O4 - HKLM..Run: [EEventManager] "C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe" O4 - HKCU..Run: [steam] "C:Program Files (x86)Steamsteam.exe" -silent O4 - HKCU..Run: [EPLTargetP0000000000000001] C:WINDOWSsystem32spoolDRIVERSx643E_IATILQE.EXE /EPT "EPLTargetP0000000000000001" /M "XP-610 Series" /EF "HKCU" O4 - HKCU..Run: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun O4 - Startup: Dropbox.lnk = AeronwenAppDataRoamingDropboxbinDropbox.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:Program Files (x86)Common FilesAVG Secure SearchViProtocolInstaller18.0.5ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program Files (x86)Common FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL O20 - AppInit_DLLs: d3dgearload.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:Program FilesSUPERAntiSpywareSASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WINDOWSSysWOW64MacromedFlashFlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WINDOWSSystem32alg.exe (file missing) O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:Program Files (x86)ASUSAXSP1.00.19atkexComSvc.exe O23 - Service: ASGT - Unknown owner - C:WindowsSysWOW64ASGT.exe O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:Program Files (x86)ASUSAAHM1.00.20aaHMSvc.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:Program Files (x86)ASUSAsSysCtrlService1.00.13AsSysCtrlService.exe O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:Program Files (x86)ASUSAsusFanControlService1.01.10AsusFanControlService.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:WINDOWSsystem32EasyAntiCheat.exe O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WINDOWSSystem32lsass.exe (file missing) O23 - Service: Epson Sc r Service (EpsonScanSvc) - Unknown owner - C:WINDOWSsystem32EscSvc64.exe (file missing) O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:WINDOWSsystem32fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:Program Files (x86)IntelIntel® Integrated Clock Controller ServiceICCProxy.exe O23 - Service: @%SystemRoot%system32ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:WINDOWSsystem32IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WINDOWSSystem32msdtc.exe (file missing) O23 - Service: MyEPSON Connect Service - SEIKO EPSON CORPORATION - C:Program Files (x86)EPSONMyEPSON ConnectmepService.exe O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:WINDOWSsystem32nvvsvc.exe (file missing) O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:WINDOWSsystem32locator.exe (file missing) O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:Program Files (x86)SkypeUpdaterUpdater.exe O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WINDOWSSystem32snmptrap.exe (file missing) O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WINDOWSSystem32spoolsv.exe (file missing) O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:WINDOWSsystem32sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:WINDOWSsystem32UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing) O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WINDOWSSystem32vds.exe (file missing) O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:WINDOWSsystem32vssvc.exe (file missing) O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater18.0.5ToolbarUpdater.exe O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:WINDOWSsystem32wbengine.exe (file missing) O23 - Service: @%ProgramFiles%Windows DefenderMpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:Program Files (x86)Windows DefenderNisSrv.exe (file missing) O23 - Service: @%ProgramFiles%Windows DefenderMpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:Program Files (x86)Windows DefenderMsMpEng.exe (file missing) O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:WINDOWSsystem32wbemWmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing) -- End of file - 11362 bytes
Administrator Tarun Posted April 7, 2014 Administrator Posted April 7, 2014 Not seeing anything malicious. Might be worth switching from AVG to either Microsoft Security Essentials or avast. What parts of the guide didn't match up? I've been attempting to update them when I have the time to (which isn't often lately) and a complete overhaul is planned for the PC Cleanup guide.
Aero Posted April 7, 2014 Author Posted April 7, 2014 Tarun, thanks very much for checking it out. I thought I was using microsoft security essentials, so now I am confused. I didn't make notes on the instructions but I will try to go through it again soon. But if I could pretty much work it out there can't be much wrong ^^
Administrator Tarun Posted April 8, 2014 Administrator Posted April 8, 2014 Glad to help! Ah, you are using MSE. Momentary lapse in memory that Windows 8 has MSE bundled in with it by default. The only issues with the PC Cleanup page is that it needs to be updated as many of the applications listed have had major version updates.
Aero Posted April 8, 2014 Author Posted April 8, 2014 Tarun, could you assume I am an idiot and have no idea what that means and tell me what to do? The only issues with the PC Cleanup page is that it needs to be updated as many of the applications listed have had major version updates.
Administrator Tarun Posted April 8, 2014 Administrator Posted April 8, 2014 Sure. What do you need clarification on? The PC Cleanup page mentioned? If so, some of the applications listed such as CCleaner and Malwarebytes have been updated to new major versions (MBAM updated from 1.75 -> 2.0) and they have a new User Interface.
Administrator Tarun Posted April 19, 2014 Administrator Posted April 19, 2014 The issue this thread has been opened for has been resolved.If you need continued support, please start a new thread and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here: PC CleanupIt is recommended that you review our PC Security wiki page to help secure your computer and protect it.
Recommended Posts