G
Guest
Hello, I am running Vista Ultimate x64.
I seem to have quite a few missing files of what seem to be important
windows executables. Corruption? I cannot seem to delete these from my log,
they continue to reappear.
Logfile of HijackThis v1.99.1
Scan saved at 5:16:51 PM, on 3/20/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Running processes:
C:\Program Files (x86)\AIM6\aim6.exe
C:\Program Files\Samurize\Client.exe
C:\Users\Administrator\Desktop\LCD Smartie\LCDSmartie.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files (x86)\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files (x86)\AIM6\aolsoftware.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Administrator\Desktop\Assorted
Files\Cleaning\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files (x86)\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files
(x86)\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Aim6] "C:\Program Files (x86)\AIM6\aim6.exe" /d
locale=en-US ee://aol/imApp
O4 - Startup: Client Default.lnk = C:\Program Files\Samurize\Client.exe
O4 - Startup: LCD Smartie.lnk = C:\Users\Administrator\Desktop\LCD
Smartie\LCDSmartie.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files (x86)\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files
(x86)\Java\jre1.6.0\bin\npjpi160.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Broken Internet access because of LSP provider 'c:\program files
(x86)\bonjour\mdnsnsp.dll' missing
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} -
C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner -
C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program
Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FAH@C:+Program Files+FAH+FAH504-Console.exe - Stanford
University - C:\Program Files\FAH\FAH504-Console.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -
C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown
owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner -
%windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown
owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner
- C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner
- C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown
owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner -
C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division
Software - C:\Program Files\Alcohol Soft\Alcohol
120\StarWind\StarWindService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) -
Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -
C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -
C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown
owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -
Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101
(WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media
Player\wmpnetwk.exe (file missing)
What can I do? I've tied memory fixes, defragments, error checks, system
file checker, spyware and virus scans. The whole bit.
Thanks!
I seem to have quite a few missing files of what seem to be important
windows executables. Corruption? I cannot seem to delete these from my log,
they continue to reappear.
Logfile of HijackThis v1.99.1
Scan saved at 5:16:51 PM, on 3/20/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Running processes:
C:\Program Files (x86)\AIM6\aim6.exe
C:\Program Files\Samurize\Client.exe
C:\Users\Administrator\Desktop\LCD Smartie\LCDSmartie.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files (x86)\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files (x86)\AIM6\aolsoftware.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Administrator\Desktop\Assorted
Files\Cleaning\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files (x86)\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files
(x86)\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Aim6] "C:\Program Files (x86)\AIM6\aim6.exe" /d
locale=en-US ee://aol/imApp
O4 - Startup: Client Default.lnk = C:\Program Files\Samurize\Client.exe
O4 - Startup: LCD Smartie.lnk = C:\Users\Administrator\Desktop\LCD
Smartie\LCDSmartie.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files (x86)\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files
(x86)\Java\jre1.6.0\bin\npjpi160.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Broken Internet access because of LSP provider 'c:\program files
(x86)\bonjour\mdnsnsp.dll' missing
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} -
C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner -
C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program
Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FAH@C:+Program Files+FAH+FAH504-Console.exe - Stanford
University - C:\Program Files\FAH\FAH504-Console.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -
C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown
owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner -
%windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown
owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner
- C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner
- C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown
owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner -
C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division
Software - C:\Program Files\Alcohol Soft\Alcohol
120\StarWind\StarWindService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) -
Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -
C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -
C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown
owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -
Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101
(WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media
Player\wmpnetwk.exe (file missing)
What can I do? I've tied memory fixes, defragments, error checks, system
file checker, spyware and virus scans. The whole bit.
Thanks!