Solved Google hijacked

J

jajangmien

New member
Local time
10:59 AM
Messages
8
So I recently got the google hijack malware. Basically anytime I went to google or most common sites I get a message saying the site may contain maleware and is dangerous blah blah blah.

But then I realized another problem some of my windows services won't start like bits service. Basically microsoft security essentials, Microsoft firewall, and Microsoft updater all give me errors and won't run.

Now I reinstalled security essentials and it works now as far as I can tell, and I ran malewarebytes and removed the google hijack as far as I know. But the services are still missing as well as things like desktop icons keep rearranging and won't stay in place as well as folders won't stay in the preferred method of viewing ie. Group by type and sort by date modified (resets to sort by name and detail view).

I've also run a repair and restore point from a windows ISO on a USB from boot to avail.

I'm running windows 7 64bit pro sp1.

I would format but I've lost my key and can't recover it.

Thanks for any help

Edit: I also get a error code 0x80070424 when trying to start up windows firewall
 

My Computer

OS
windows 7 pro 64bit sp1

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
It worries me that you have all the MS protection in place and it still get through and hijacks your system
 

My Computer

Computer Manufacturer/Model Number
Proline
OS
Windows 7 Pro 64 bit
CPU
Intel(R) Core(TM) i7 CPU 870 @ 2.93GHz
Motherboard
H55-G43(MS-7638)
Memory
4GB
Graphics Card(s)
NVIDIA GeForce GTX 470
Sound Card
Onboard
Monitor(s) Displays
Proline LCD 19 inch
Screen Resolution
1280 x 1024
Hard Drives
2 x SATA 250 Gig 1 x External 2TB
PSU
RX 730 SS
Case
Proline
Cooling
Standard
Keyboard
PS2
Mouse
PS2
Internet Speed
To embarrassed to tell lol
I will run the mgdiag when I get back from work.

But yeah it concerns me as well. I'm currently working and living in China but unless they have some new technique for intrusion then I've got no clue.

Im not inexperienced when it comes to computers. I'm working towards a degree in computer engineering/science but still have a lot to learn.

Basically I had no problem with my pc one day. Shut it off and turned it on the next day and that's when all the problems arose. I'm assuming it waiting till startup to do its damage.
 

My Computer

OS
windows 7 pro 64bit sp1
Please download Rkill by Grinler and save it to your desktop.

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • The log should be saved on the desktop
  • Post it here
 

My Computer

OS
32 bit
Ok i am copying and pasting both logs here

MGADIA

Code: 
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-*****-*****-3FDVB
Windows Product Key Hash: zMqXYtYEDgdAH3DdMtEa+1hpce8=
Windows Product ID: 55041-146-3246346-86969
Windows Product ID Type: 6
Windows License Type: Volume MAK
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {7F6ACEAD-DE38-46CE-B0D8-59679219A225}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Professional
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.120503-2030
TTS Error: 
Validation Diagnostic: 
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\Meh\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{7F6ACEAD-DE38-46CE-B0D8-59679219A225}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-BBBBB</PKey><PID>55041-146-3246346-86969</PID><PIDType>6</PIDType><SID>S-1-5-21-674352357-4045067315-2804868904</SID><SYSTEM><Manufacturer>Gigabyte Technology Co., Ltd.</Manufacturer><Model>GA-970A-D3</Model></SYSTEM><BIOS><Manufacturer>Award Software International, Inc.</Manufacturer><Version>F8e</Version><SMBIOSVersion major="2" minor="4"/><Date>20111227000000.000000+000</Date></BIOS><HWID>D1400600018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>China Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Professional edition
Description: Windows Operating System - Windows(R) 7, VOLUME_MAK channel
Activation ID: 9abf5984-9c16-46f2-ad1e-7fe15931a8dd
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 55041-00172-146-324634-03-1033-7601.0000-0412012
Installation ID: 014422797384934144756980466071858005562454646433673185
Processor Certificate URL: [URL]http://go.microsoft.com/fwlink/?LinkID=88338[/URL]
Machine Certificate URL: [URL]http://go.microsoft.com/fwlink/?LinkID=88339[/URL]
Use License URL: [URL]http://go.microsoft.com/fwlink/?LinkID=88341[/URL]
Product Key Certificate URL: [URL]http://go.microsoft.com/fwlink/?LinkID=88340[/URL]
Partial Product Key: 3FDVB
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 8/28/2012 8:59:12 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 6:20:2012 18:53
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: MAAAAAAABAABAAEAAAABAAAAAgABAAEAln0GjNzf3BUQM1TyGrnuP86aWsKuPiAh

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information: 
  ACPI Table Name    OEMID Value    OEMTableID Value
  APIC            GBT           GBTUACPI
  FACP            GBT           GBTUACPI
  HPET            GBT           GBTUACPI
  MCFG            GBT           GBTUACPI
  MSDM            GBT           GBTUACPI
  MATS            GBT           
  TAMG            GBT           GBT   B0
  MATS            GBT           
  SSDT            AMD           POWERNOW


Rkill LOG

Rkill 2.3.3 by Lawrence Abrams (Grinler)
[URL="http://www.bleepingcomputer.com/"]Bleeping Computer - Computer Help and Discussion[/URL]
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 [URL="http://www.bleepingcomputer.com/forums/topic308364.html"]RKill - What it does and What it Doesn't - A brief introduction to the program[/URL]

Program started at: 08/28/2012 10:21:07 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop.

 * No malware services found to stop.

Checking for processes to terminate.

 * C:\Users\Meh\Local Settings\Apps\F.lux\flux.exe (PID: 5012) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Meh\Desktop\rkill\rkill-08-28-2012-10-21-19.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\ [ZA Dir]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\@ [ZA File]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\L\ [ZA Dir]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\L\00000004.@ [ZA File]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\U\ [ZA Dir]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\U\00000004.@ [ZA File]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\U\00000008.@ [ZA File]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\U\000000cb.@ [ZA File]
     * C:\Users\Meh\AppData\Local\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\U\80000064.@ [ZA File]
     * C:\Windows\installer\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\ [ZA Dir]
     * C:\Windows\installer\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\@ [ZA File]
     * C:\Windows\installer\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\L\ [ZA Dir]
     * C:\Windows\installer\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\L\00000004.@ [ZA File]
     * C:\Windows\installer\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\L\201d3dde [ZA File]
     * C:\Windows\installer\{1d4e8859-da19-7bf9-2a70-e6be9b449c29}\U\ [ZA Dir]

Checking Windows Service Integrity: 

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

 * BFE [Missing Service]
 * BITS [Missing Service]
 * iphlpsvc [Missing Service]
 * MpsSvc [Missing Service]
 * WinDefend [Missing Service]
 * wscsvc [Missing Service]
 * wuauserv [Missing Service]

Searching for Missing Digital Signatures: 

 * No issues found.

Program finished at: 08/28/2012 10:21:33 PM
Execution time: 0 hours(s), 0 minute(s), and 25 seconds(s)
-------------------------------------------------------------------------------

dang i have more missing services then i thought. any advice on how to restore them?
 

My Computer

OS
windows 7 pro 64bit sp1
Hi,

You have posted an edited version of the MGADIAG report which shows several inconsistencies - please post the full unedited MGADIAG report.

Regards,
Golden
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
i posted it just like the directions explained, but here it is again. thanks~!

Code: 
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-*****-*****-3FDVB
Windows Product Key Hash: zMqXYtYEDgdAH3DdMtEa+1hpce8=
Windows Product ID: 55041-146-3246346-86969
Windows Product ID Type: 6
Windows License Type: Volume MAK
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {7F6ACEAD-DE38-46CE-B0D8-59679219A225}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Professional
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.120503-2030
TTS Error: 
Validation Diagnostic: 
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\Meh\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{7F6ACEAD-DE38-46CE-B0D8-59679219A225}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-BBBBB</PKey><PID>55041-146-3246346-86969</PID><PIDType>6</PIDType><SID>S-1-5-21-674352357-4045067315-2804868904</SID><SYSTEM><Manufacturer>Gigabyte Technology Co., Ltd.</Manufacturer><Model>GA-970A-D3</Model></SYSTEM><BIOS><Manufacturer>Award Software International, Inc.</Manufacturer><Version>F8e</Version><SMBIOSVersion major="2" minor="4"/><Date>20111227000000.000000+000</Date></BIOS><HWID>D1400600018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>China Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Professional edition
Description: Windows Operating System - Windows(R) 7, VOLUME_MAK channel
Activation ID: 9abf5984-9c16-46f2-ad1e-7fe15931a8dd
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 55041-00172-146-324634-03-1033-7601.0000-0412012
Installation ID: 014422797384934144756980466071858005562454646433673185
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 3FDVB
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 8/28/2012 10:47:44 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 6:20:2012 18:53
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: MAAAAAAABAABAAEAAAABAAAAAgABAAEAln0GjNzf3BUQM1TyGrnuP86aWsKuPiAh

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information: 
  ACPI Table Name	OEMID Value	OEMTableID Value
  APIC			GBT   		GBTUACPI
  FACP			GBT   		GBTUACPI
  HPET			GBT   		GBTUACPI
  MCFG			GBT   		GBTUACPI
  MSDM			GBT   		GBTUACPI
  MATS			GBT   		
  TAMG			GBT   		GBT   B0
  MATS			GBT   		
  SSDT			AMD   		POWERNOW
 

My Computer

OS
windows 7 pro 64bit sp1
Hi,

The rootkit behaviour is a worry - unless shawn77 has other suggestions, you might want to consider a clean installation after wiping the disk using DISKPART CLEAN ALL. Some rootkits are notoriously difficult to remove using conventional means.

You say you've lost your licence key. You have a MAK volume licence, usually used by organizations with more than a handfull of PC's - I don't understand why you cannot have them reinstall and reactivate your licence. Can you shed some light on that?

Regards,
Golden
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
ok i was afraid i would have to do that. ive been trying to recover my key but ive been having issues. thanks
 

My Computer

OS
windows 7 pro 64bit sp1
any idea on how i can salvage my key? ive tried a few of the free software out there for key recovery a they all come back with an unable to retrieve message.
 

My Computer

OS
windows 7 pro 64bit sp1
jajangmien said:
any idea on how i can salvage my key? ive tried a few of the free software out there for key recovery a they all come back with an unable to retrieve message.
Click to expand...

Hi,

Can you tell us where you got your Windows 7 installation from? That might help to work out a method.

Regards,
Golden
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
yes of course. i got it through the msdn program as i am a computer student, but currently im overseas working and interning, and it is quite difficult to get into everything even with a vpn
 

My Computer

OS
windows 7 pro 64bit sp1
If the license is an MSDNAA one, then the issuing authority will often require notice of intent to reinstall - it will use another activation from their allowance. Contact the system admin for assistance with the Key.

I agree with Golden - with the number of 'missing' services involved already, it's likely that other processes have also been altered, and the system can no longer be trusted, even if all is aparently well.
A full reformat and reinstall is the sefest way forward, and likely to be the fastest as well.
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
I would then also suggest you look at some additional security software as it seems what you have did not do the job for you.
 

My Computer

Computer Manufacturer/Model Number
Proline
OS
Windows 7 Pro 64 bit
CPU
Intel(R) Core(TM) i7 CPU 870 @ 2.93GHz
Motherboard
H55-G43(MS-7638)
Memory
4GB
Graphics Card(s)
NVIDIA GeForce GTX 470
Sound Card
Onboard
Monitor(s) Displays
Proline LCD 19 inch
Screen Resolution
1280 x 1024
Hard Drives
2 x SATA 250 Gig 1 x External 2TB
PSU
RX 730 SS
Case
Proline
Cooling
Standard
Keyboard
PS2
Mouse
PS2
Internet Speed
To embarrassed to tell lol
thanks for the help guys. yeah i had security essentials and ran spybot and malwarebytes at least once a week but im be looking into some other stuff before the format thanks for the help
 

My Computer

OS
windows 7 pro 64bit sp1
You must log in or register to reply here.
Back
Top