| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 136054 | 2014-01-13 22:44:00 | HJT Log | SP8's (9836) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1365168 | 2014-01-13 22:44:00 | Hi All Posted the second HJT logfile but nobody has left any comments on my previous thread ... would really like some assistance before having to hit the restore button back to factory settings. |
SP8's (9836) | ||
| 1365169 | 2014-01-13 23:05:00 | I'm far from an expert at deciphering hj logs, but what is the problem you are having. | Driftwood (5551) | ||
| 1365170 | 2014-01-14 00:34:00 | I'm getting error messages all over the place ... I originally thought it was a launch Manager program that was causing the problem - LMutilps32 .x and on someones advice I uninstalled re-installed. I've tried scanning with everything but they all come up clean 2nd time around, tried installing / reinstalling drivers, updating drivers ... etc. etc. The problem doesn't happen in safe mode, and can't get win8 to give me safe with networking even though it's listed as an option. The main error messages and codes are :- ETDCtrlHelper .x 0xc0150004 LMutilps32 .x 0x00000000 memory could not be written Googled both, tried all "remedies" and still getting them coming up and can't get into most programs. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 1:19:27 PM, on 12/01/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) FIREFOX: 25.0.1 (en-US) Boot mode: Normal (Unable to list running processes) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = home.tb.ask.com 7C7F1B-D818-4C8F-A0AC-8A566A4F6435&si=CLjjvqfFvboCFYQdpQodYygAbg R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [BakupManagerTray] "C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe" -k -h O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - download.eset.com O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe -- End of file - 7773 bytes |
SP8's (9836) | ||
| 1365171 | 2014-01-14 00:45:00 | You can update FF, it's up to 26 now O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Reset IE's settings Dont think this should be there R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = home.tb.ask.com 7C7F1B-D818-4C8F-A0AC-8A566A4F6435&si=CLjjvqfFvboCFYQdpQodYygAbg Is ask toolbar installed?? If you want put teamviewer on it, run it then give me the ID and password in a PM I'll have a look and see what's in startup and whats running at the mo |
Speedy Gonzales (78) | ||
| 1365172 | 2014-01-14 00:47:00 | I've just managed to get the piece of $h!t to scan & repair C: I'll see what happens after that, but I'm not holding my breath for success ! There does seem to be a lot of (file missing) throughout the HJT and a few I wouldn't have a clue what they are ... but then again, I know diddly squat about 8 apart from never to put it on my own computer ! | SP8's (9836) | ||
| 1365173 | 2014-01-14 00:48:00 | Dont worry about the missing files they're there. HJT needs to be updated to support later versions of windows | Speedy Gonzales (78) | ||
| 1365174 | 2014-01-14 00:53:00 | Thanks Speedy ... I'll try to get TV onto it and get back to you. It finished the scan & repair and looks even worse than before ! | SP8's (9836) | ||
| 1365175 | 2014-01-14 04:46:00 | Did you verify hardware eg: RAM and Hard drive? Corruption in system files can also cause weird virus-like problems. | Agent_24 (57) | ||
| 1365176 | 2014-01-14 05:42:00 | I checked it out with Teamviewer. And nearly everything failed. Firefox / event viewer wouldn't open. And this annoying error message to do with this LMutilps32.exe file. Did a sfc /scannow. It got to 52% and said files were corrupt, and stopped Event viewer brought up errors. I think some version of net framework was borked. Possibly 4 client / 4 full. Some of the errors (when event viewer wouldnt open), looked like net framework errors. So got a program to remove the net framework installs. Dont know what happened after a reboot. Or whether things went back to normal. After ticking the NF option under programs and features / or if updating windows fixed anything If that doesnt fixed it, it sounds like a clean install is / will be next. or maybe another hdd. |
Speedy Gonzales (78) | ||
| 1365177 | 2014-01-15 12:11:00 | If that doesnt fixed it, it sounds like a clean install is / will be next. or maybe another hdd. Quite correct Speedy ... I'll back up the drive and use the recovery partition if the bloody thing lets me ! One question ... If I back up C: is there much of a chance of putting a nasty back on when I transfer files back ... e.g. Video, music, documents, etc. ?? |
SP8's (9836) | ||
| 1 2 | |||||