Jump to content
Aero

Aero - log 01

Recommended Posts

Hi

 

Some programs on my pc are not working for me.  I tend to think my fatal error was installing win 8.1 but I just wanted to check it was nothing obvious here.

 

I went through the steps in the AMT to the best of my ability (the instructions didn't always seem to match up with what I was seeing).

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:07:50, on 07/04/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
 
Running processes:
C:Program Files (x86)ASUSAI Suite IIDIGI+ VRMPowerControlHelp.exe
C:Program Files (x86)ASUSAI Suite IIAsRoutineController.exe
C:Program Files (x86)EPSONMyEPSON Connectmep.exe
C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
C:Program Files (x86)mIRCmirc.exe
C:Program Files (x86)SteamSteam.exe
C:Program Files (x86)ASUSAI Suite IITurboV EVOTurboVHelp.exe
C:Program Files (x86)ASUSAI Suite IINetwork iControlNetSvcHelpNetSvcHelp.exe
C:Program Files (x86)ASUSAI Suite IINetwork iControlNetSvcHelpNetiCtrlTray.exe
C:Program Files (x86)ASUSAI Suite IIEPUEPUHelp.exe
C:Program Files (x86)ASUSAI Suite IIAI Suite II.exe
C:Program Files (x86)EPSON SoftwareEvent ManagerEEventManager.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)ASUSAI Suite IISensorAlertHelperAlertHelper.exe
C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe
C:UsersAeronwenDesktopDownloadHijackThis.exe
 
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = Preserve
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:Tabs
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = 
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = 
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:PROGRA~2MICROS~1Office14GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:PROGRA~2MICROS~1Office14URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"
O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"
O4 - HKLM..Run: [vProt] "C:Program Files (x86)AVG Secure Searchvprot.exe"
O4 - HKLM..Run: [Adobe Creative Cloud] "C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM..Run: [KeePass 2 PreLoad] "C:Program Files (x86)KeePass Password Safe 2KeePass.exe" --preload
O4 - HKLM..Run: [EEventManager] "C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe"
O4 - HKCU..Run: [steam] "C:Program Files (x86)Steamsteam.exe" -silent
O4 - HKCU..Run: [EPLTargetP0000000000000001] C:WINDOWSsystem32spoolDRIVERSx643E_IATILQE.EXE /EPT "EPLTargetP0000000000000001" /M "XP-610 Series" /EF "HKCU"
O4 - HKCU..Run: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun
O4 - Startup: Dropbox.lnk = AeronwenAppDataRoamingDropboxbinDropbox.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:Program Files (x86)Common FilesAVG Secure SearchViProtocolInstaller18.0.5ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program Files (x86)Common FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL
O20 - AppInit_DLLs: d3dgearload.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:Program FilesSUPERAntiSpywareSASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WINDOWSSysWOW64MacromedFlashFlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WINDOWSSystem32alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:Program Files (x86)ASUSAXSP1.00.19atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:WindowsSysWOW64ASGT.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:Program Files (x86)ASUSAAHM1.00.20aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:Program Files (x86)ASUSAsSysCtrlService1.00.13AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:Program Files (x86)ASUSAsusFanControlService1.01.10AsusFanControlService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:WINDOWSsystem32EasyAntiCheat.exe
O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WINDOWSSystem32lsass.exe (file missing)
O23 - Service: Epson Sc r Service (EpsonScanSvc) - Unknown owner - C:WINDOWSsystem32EscSvc64.exe (file missing)
O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:WINDOWSsystem32fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:Program Files (x86)IntelIntel® Integrated Clock Controller ServiceICCProxy.exe
O23 - Service: @%SystemRoot%system32ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:WINDOWSsystem32IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WINDOWSSystem32msdtc.exe (file missing)
O23 - Service: MyEPSON Connect Service - SEIKO EPSON CORPORATION - C:Program Files (x86)EPSONMyEPSON ConnectmepService.exe
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:WINDOWSsystem32nvvsvc.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:WINDOWSsystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:Program Files (x86)SkypeUpdaterUpdater.exe
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WINDOWSSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WINDOWSSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:WINDOWSsystem32sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:WINDOWSsystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:WINDOWSsystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WINDOWSSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:WINDOWSsystem32vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater18.0.5ToolbarUpdater.exe
O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:WINDOWSsystem32wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%Windows DefenderMpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:Program Files (x86)Windows DefenderNisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows DefenderMpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:Program Files (x86)Windows DefenderMsMpEng.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:WINDOWSsystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
 
--
End of file - 11362 bytes
 

Share this post


Link to post
Share on other sites

Not seeing anything malicious. Might be worth switching from AVG to either Microsoft Security Essentials or avast.

 

What parts of the guide didn't match up? I've been attempting to update them when I have the time to (which isn't often lately) and a complete overhaul is planned for the PC Cleanup guide.

Share this post


Link to post
Share on other sites

Tarun, thanks very much for checking it out.

 

I thought I was using microsoft security essentials, so now I am confused.

 

I didn't make notes on the instructions but I will try to go through it again soon.  But if I could pretty much work it out there can't be much wrong ^^ 

Share this post


Link to post
Share on other sites

Glad to help!

 

Ah, you are using MSE. Momentary lapse in memory that Windows 8 has MSE bundled in with it by default.

 

The only issues with the PC Cleanup page is that it needs to be updated as many of the applications listed have had major version updates.

Share this post


Link to post
Share on other sites

Tarun, could you assume I am an idiot and have no idea what that means and tell me what to do?

 

 

 

 

The only issues with the PC Cleanup page is that it needs to be updated as many of the applications listed have had major version updates.

Share this post


Link to post
Share on other sites

Sure. What do you need clarification on? The PC Cleanup page mentioned? If so, some of the applications listed such as CCleaner and Malwarebytes have been updated to new major versions (MBAM updated from 1.75 -> 2.0) and they have a new User Interface.

Share this post


Link to post
Share on other sites

The issue this thread has been opened for has been resolved.

If you need continued support, please start a new thread and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here: PC Cleanup

It is recommended that you review our PC Security wiki page to help secure your computer and protect it.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×