1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Google redirect

Discussion in 'Virus & Other Malware Removal' started by kakuzu666, Nov 6, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. kakuzu666

    kakuzu666 Thread Starter

    Joined:
    Nov 6, 2011
    Messages:
    3
    Hi,

    recently I have been sharing a computer with my sister and she told me that something poped up saying trojan found go to this. Seemed obvious that it was some type of a rogue but yet it disabled all of my Avs. I put SAS (SUPERantispyware) and MB (Malwarebytes) on a flash drive and they couldn't find anything. I did a system restore to about a week before I was infected. My Avs were working and all so I brought up the browser and it redirects me everytime I click on a link So some type of a rootkit? I ran the rootkit scan by Kaspersky and it was not able to find anything.

    Running 64-bit Win7 so gmer doesn't work.

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
    Run by Adam at 19:31:19 on 2011-11-05
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5886.4951 [GMT -7:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\FBAgent.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = hxxp://asus.msn.com
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No File
    BHO: Yontoo Layers (Drop Down Deals): {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll
    uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1 184.16.33.54
    TCP: Interfaces\{898ADEAD-261F-4909-98B4-BF445BDC8201} : DhcpNameServer = 192.168.1.1 184.16.33.54
    TCP: Interfaces\{898ADEAD-261F-4909-98B4-BF445BDC8201}\356535E45647 : DhcpNameServer = 192.168.16.2 192.168.2.2
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No File
    BHO-X64: Yontoo Layers (Drop Down Deals): {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll
    BHO-X64: Yontoo Layer (Drop Down Deals)s - No File
    mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\h8weh3ej.default\
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
    R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-9-22 478040]
    R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
    R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-4-15 1646056]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
    R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
    R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
    S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-11-06 02:31:35 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EED4276C-0136-49B3-A598-65634277B40D}\offreg.dll
    2011-11-05 03:34:44 -------- d-----we C:\Windows\system64
    2011-10-28 08:21:29 -------- d-----w- C:\ProgramData\MAGIX
    2011-10-28 08:21:29 -------- d-----w- C:\Program Files (x86)\MAGIX
    2011-10-28 07:50:06 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)
    2011-10-28 07:50:05 -------- d-----w- C:\ProgramData\Tarma Installer
    2011-10-28 06:16:21 57344 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
    2011-10-28 06:16:20 60273 ----a-w- C:\Windows\SysWow64\pthreadGC2.dll
    2011-10-28 06:16:20 -------- d-----w- C:\Program Files (x86)\ffdshow
    2011-10-28 06:16:10 -------- d-----w- C:\Program Files (x86)\Haali
    2011-10-28 06:16:03 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
    2011-10-28 06:15:33 147456 ----a-w- C:\Windows\SysWow64\stQTSource.ax
    2011-10-28 06:15:32 70656 ----a-w- C:\Windows\SysWow64\RLAPEDec.ax
    2011-10-28 06:15:32 438272 ----a-w- C:\Windows\SysWow64\Mpeg2DecFilter.ax
    2011-10-28 06:15:32 290816 ----a-w- C:\Windows\SysWow64\stFLVSource.ax
    2011-10-28 06:15:32 217088 ----a-w- C:\Windows\SysWow64\CoreFLACDecoder.ax
    2011-10-28 06:15:32 1184984 ----a-w- C:\Windows\SysWow64\wvc1dmod.dll
    2011-10-28 06:15:32 -------- d-----w- C:\Program Files (x86)\Sothink Movie DVD Maker
    2011-10-28 06:15:32 -------- d-----w- C:\Program Files (x86)\Common Files\SourceTec
    2011-10-28 03:21:55 -------- d-----w- C:\Windows\SysWow64\URTTEMP
    2011-10-28 00:14:47 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
    2011-10-27 23:05:43 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EED4276C-0136-49B3-A598-65634277B40D}\mpengine.dll
    2011-10-27 22:37:23 -------- d-----w- C:\ProgramData\Blizzard Entertainment
    2011-10-27 22:24:01 -------- d-----w- C:\Users\Adam\AppData\Roaming\Malwarebytes
    2011-10-27 22:23:55 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-10-27 21:48:53 -------- d-----w- C:\Users\Adam\AppData\Local\ElevatedDiagnostics
    2011-10-27 18:00:14 -------- d-----w- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
    2011-10-27 17:58:04 -------- d-----w- C:\Program Files (x86)\Lame For Audacity
    2011-10-27 17:45:56 -------- d-----w- C:\Users\Adam\AppData\Roaming\NCH Software
    2011-10-27 06:00:52 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c7ebde851cc946d12\bingbarsetup.exe
    2011-10-27 06:00:24 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
    2011-10-27 06:00:24 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
    2011-10-27 06:00:24 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
    2011-10-27 06:00:24 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
    2011-10-27 06:00:09 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\af0e26101cc946d11\MeshBetaRemover.exe
    2011-10-27 05:59:53 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a50c5b4d1cc946d10\DSETUP.dll
    2011-10-27 05:59:53 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a50c5b4d1cc946d10\DXSETUP.exe
    2011-10-27 05:59:53 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a50c5b4d1cc946d10\dsetup32.dll
    2011-10-27 05:59:32 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\984488551cc946d0f\DSETUP.dll
    2011-10-27 05:59:32 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\984488551cc946d0f\DXSETUP.exe
    2011-10-27 05:59:32 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\984488551cc946d0f\dsetup32.dll
    2011-10-27 05:59:20 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll
    2011-10-27 05:59:20 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
    2011-10-27 05:59:20 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
    2011-10-27 05:59:20 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
    2011-10-27 03:08:53 -------- d-----w- C:\Program Files (x86)\NCH Software
    2011-10-27 03:07:36 -------- d-----w- C:\Program Files (x86)\MP3 Audio Recorder
    2011-10-26 19:56:00 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
    2011-10-26 19:55:50 -------- d-----w- C:\Users\Adam\AppData\Roaming\TP
    2011-10-25 03:54:03 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2011-10-25 03:53:13 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2011-10-25 03:51:55 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2011-10-25 03:51:44 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-10-25 01:16:01 -------- d-----w- C:\Program Files (x86)\RosettaStoneLtdServices
    2011-10-23 20:13:19 -------- d-----w- C:\Program Files (x86)\Aurora
    2011-10-21 20:40:16 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-19 21:44:43 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2011-10-19 21:44:43 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2011-10-13 23:46:07 -------- d-----w- C:\Users\Adam\AppData\Roaming\SUPERAntiSpyware.com
    2011-10-13 23:37:40 -------- d-----w- C:\Users\Adam\AppData\Local\GameMaker8.1
    2011-10-13 23:37:38 -------- d-----w- C:\Users\Adam\AppData\Local\YoYo_Games_Ltd
    2011-10-13 23:37:00 -------- d-----w- C:\Users\Adam\GameMaker 8.1
    2011-10-13 23:37:00 -------- d-----w- C:\Users\Adam\AppData\Roaming\GameMaker
    2011-10-13 21:11:49 -------- d-----w- C:\Users\Adam\AppData\Local\Diagnostics
    2011-10-11 20:09:36 -------- d-----w- C:\Users\Adam\AppData\Roaming\OpenOffice.org
    2011-10-11 20:04:21 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
    2011-10-11 20:03:49 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2011-10-11 19:45:12 3134976 ----a-w- C:\Windows\System32\win32k.sys
    .
    ==================== Find3M ====================
    .
    2011-10-27 23:02:33 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2011-10-27 23:02:33 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2011-10-11 19:47:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-10-11 19:47:54 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2011-10-11 19:47:54 482816 ----a-w- C:\Windows\System32\html.iec
    2011-10-11 19:47:54 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2011-10-11 19:47:54 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2011-10-11 19:47:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-10-11 19:47:54 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-10-11 19:47:54 1197568 ----a-w- C:\Windows\System32\wininet.dll
    2011-10-06 18:15:02 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
    2011-10-06 18:15:02 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
    2011-10-06 18:15:02 48960 ----a-w- C:\Windows\System32\netfxperf.dll
    2011-10-06 18:15:02 444752 ----a-w- C:\Windows\System32\mscoree.dll
    2011-10-06 18:15:02 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
    2011-10-06 18:15:02 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
    2011-10-06 18:15:02 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
    2011-10-06 18:15:02 1942856 ----a-w- C:\Windows\System32\dfshim.dll
    2011-10-06 18:15:02 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
    2011-10-06 18:15:02 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
    2011-09-22 17:00:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-09-22 17:00:18 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-09-22 16:59:02 5507968 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-09-22 16:59:02 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-09-22 16:59:02 3902336 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-09-22 16:58:15 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2011-09-22 16:55:17 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
    2011-09-22 16:55:17 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
    2011-09-22 16:55:17 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
    2011-09-22 16:55:17 212992 ----a-w- C:\Windows\System32\odbctrac.dll
    2011-09-22 16:55:17 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
    2011-09-22 16:55:17 163840 ----a-w- C:\Windows\System32\odbccp32.dll
    2011-09-22 16:55:17 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
    2011-09-22 16:55:17 106496 ----a-w- C:\Windows\System32\odbccu32.dll
    2011-09-22 16:55:17 106496 ----a-w- C:\Windows\System32\odbccr32.dll
    2011-09-22 16:53:41 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2011-09-22 16:53:41 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2011-09-22 16:53:41 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2011-09-22 16:48:48 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
    2011-09-22 16:48:48 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
    2011-09-22 16:47:49 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
    2011-09-22 16:47:49 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2011-09-22 16:47:49 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2011-09-22 16:47:15 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys
    2011-09-22 16:46:47 499712 ----a-w- C:\Windows\System32\drivers\afd.sys
    2011-09-22 16:44:56 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2011-09-22 16:44:56 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2011-09-22 16:44:29 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2011-09-22 16:44:12 142336 ----a-w- C:\Windows\System32\poqexec.exe
    2011-09-22 16:44:12 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
    2011-09-22 16:43:37 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
    2011-09-22 16:43:37 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
    2011-09-22 16:43:07 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
    2011-09-22 16:43:07 31232 ----a-w- C:\Windows\System32\prevhost.exe
    2011-09-22 16:42:37 2870272 ----a-w- C:\Windows\explorer.exe
    2011-09-22 16:42:37 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
    2011-09-22 16:42:08 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
    2011-09-22 16:42:08 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
    2011-09-22 16:42:08 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
    2011-09-22 16:41:43 612352 ----a-w- C:\Windows\System32\vbscript.dll
    2011-09-22 16:41:43 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2011-09-22 16:41:08 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2011-09-22 16:41:08 367104 ----a-w- C:\Windows\System32\atmfd.dll
    2011-09-22 16:41:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2011-09-22 16:41:08 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2011-09-22 16:40:08 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
    2011-09-22 16:39:42 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
    2011-09-22 16:39:07 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2011-09-22 16:39:07 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2011-09-22 16:39:07 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2011-09-22 16:39:07 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2011-09-22 16:38:36 640896 ----a-w- C:\Windows\System32\winload.efi
    2011-09-22 16:38:36 603976 ----a-w- C:\Windows\System32\winload.exe
    2011-09-22 16:38:36 556928 ----a-w- C:\Windows\System32\winresume.efi
    2011-09-22 16:38:36 518160 ----a-w- C:\Windows\System32\winresume.exe
    2011-09-22 16:38:36 20352 ----a-w- C:\Windows\System32\kdusb.dll
    2011-09-22 16:38:36 19328 ----a-w- C:\Windows\System32\kd1394.dll
    2011-09-22 16:38:36 17792 ----a-w- C:\Windows\System32\kdcom.dll
    2011-09-22 16:38:05 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
    2011-09-22 16:38:05 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
    2011-09-22 16:37:33 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2011-09-22 16:37:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2011-09-22 16:37:33 1540608 ----a-w- C:\Windows\System32\DWrite.dll
    2011-09-22 16:37:33 1135104 ----a-w- C:\Windows\System32\FntCache.dll
    2011-09-22 16:37:33 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2011-09-22 16:37:05 3138048 ----a-w- C:\Windows\System32\mstscax.dll
    2011-09-22 16:37:05 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
    2011-09-22 16:37:05 1097216 ----a-w- C:\Windows\System32\mstsc.exe
    2011-09-22 16:37:05 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
    2011-09-22 16:36:30 961024 ----a-w- C:\Windows\System32\CPFilters.dll
    2011-09-22 16:36:30 850432 ----a-w- C:\Windows\SysWow64\sbe.dll
    2011-09-22 16:36:30 723968 ----a-w- C:\Windows\System32\EncDec.dll
    2011-09-22 16:36:30 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
    2011-09-22 16:36:30 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
    2011-09-22 16:36:30 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
    2011-09-22 16:36:30 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
    2011-09-22 16:36:30 1118720 ----a-w- C:\Windows\System32\sbe.dll
    2011-09-22 16:35:58 1739176 ----a-w- C:\Windows\System32\ntdll.dll
    2011-09-22 16:35:58 1293120 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2011-09-22 16:33:42 97280 ----a-w- C:\Windows\System32\wscsvc.dll
    .
    ============= FINISH: 19:38:40.68 ===============
     

    Attached Files:

  2. kakuzu666

    kakuzu666 Thread Starter

    Joined:
    Nov 6, 2011
    Messages:
    3
    Sorry, here is a report of Hijackthis.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:03:02 PM, on 11/5/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16869)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file)
    O2 - BHO: Yontoo Layer (Drop Down Deals)s - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O4 - Global Startup: SRS Premium Sound.lnk = ?
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - (no file)
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 8464 bytes
     
  3. kakuzu666

    kakuzu666 Thread Starter

    Joined:
    Nov 6, 2011
    Messages:
    3
    Bump. Has been 32 hrs and I'm pretty sure I just need a scan from Combofix to fix this issue.
     
  4. Blade81

    Blade81 Malware Specialist

    Joined:
    Oct 27, 2006
    Messages:
    924
    Hi,

    Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.


    Download DDS and save it to your desktop from here or here or here.
    Disable any script blocker, and then double click dds file to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop. Post them back to your topic.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1025655

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice