Help with Windows Defender, it will not run!

Discussion in 'Windows Vista Security' started by Justin, May 20, 2007.

  1. Justin

    kiwi Guest

    Hi Guys,
    Here is a of hijackthis which shows some missing files (bottom of
    list/system 32/vds.exe,wbem etc etc).......do you think this could be my
    problem? and how do I fix these missing files (via Hijack???).
    Hope you came help. CheersLogfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:24:04 PM, on 12/06/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal
    Running processes:
    c:\Program Files (x86)\Bioscrypt\VeriSoft\Bin\AsGHost.exe
    C:\Program Files
    (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    'MSN.com' (http://go.microsoft.com/fwlink/?LinkId=69157)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
    = 'Live Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 'Live
    Search' (http://go.microsoft.com/fwlink/?LinkId=54896)
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    'MSN.com' (http://go.microsoft.com/fwlink/?LinkId=69157)
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
    =
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper -
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common
    Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) -
    {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files
    (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -
    {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files
    (x86)\AVG\AVG8\avgssie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
    file)
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E}
    - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper -
    {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files
    (x86)\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO -
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files
    (x86)\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: VeriSoft Access Manager -
    {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files
    (x86)\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
    c:\program files (x86)\google\googletoolbar1.dll
    O3 - Toolbar: AVG Security Toolbar -
    {A057A204-BACC-4D26-9990-79A187E2698E} -
    C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files
    (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
    Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe
    oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
    Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send image to &Bluetooth Device... -
    C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... -
    C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console -
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files
    (x86)\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -
    C:\Program Files (x86)\Skype\Toolbars\Internet
    Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Send To Bluetooth -
    {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
    Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... -
    {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
    Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data
    Collection Control) -
    https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection
    Class) -
    http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    C:\Program Files (x86)\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
    C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown
    owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files
    (x86)\Common Files\Apple\Mobile Device
    Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ,
    s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. -
    C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. -
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch
    Buttons\Com4Qlb.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown
    owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
    Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program
    Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. -
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel
    Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage
    Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    Corporation - C:\Program Files (x86)\Common
    Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files
    (x86)\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -
    C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service
    (LightScribeService) - Hewlett-Packard Company - C:\Program Files
    (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -
    C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) -
    Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300
    (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file
    missing)
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) -
    Unknown owner - C:\Program Files
    (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner
    - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files
    (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) -
    Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown
    owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown
    owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) -
    Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) -
    Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program
    Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) -
    Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown
    owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown
    owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) -
    Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv)
    - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: WMPNetworkSvc - Unknown owner - (no file)
    O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc.
    - C:\Windows\system32\wwSecure.exe
     
    kiwi, Jun 12, 2008
    #21
    1. Advertisements

  2. Justin

    kiwi Guest

    Hi Guys
    For your info....just ran hijackthis on my (other) PC and there is N
    missing files
    Are we onto something here
    cheer
     
    kiwi, Jun 12, 2008
    #22
    1. Advertisements

  3. Justin

    kiwi Guest

    FALSE ALARM....Forget the last 2 posts PLEAS
    I found a person who had missing files with Hijackthis and they foun
    that Hijack was not good for 64bit system and that missing files wer
    infact still in the system
    I checked my folders and indeed the missing files were still there
    I am giving up on windows defender now....thanks for all yr hel
    Cheer
     
    kiwi, Jun 12, 2008
    #23
  4. Are the *exact same* programs and software installed on both systems ?

    Please, do NOT post HJT logs here. If you want to post them, do so to a
    Windows Defender forum such as :
    http://www.bleepingcomputer.com/forums/index.php?showforum=66

    Missing files in HJT are not uncommon.


    MowGreen [MVP 2003-2008]
    ===============
    *-343-* FDNY
    Never Forgotten
    ===============
     
    MowGreen [MVP], Jun 14, 2008
    #24
  5. Hi Gang !
    I am having very similar problems with Windows Defender. Even though I have
    done everything in my power and knowledge to disable it and let my Norton
    Symantec 2008 wall to wall Security program control things, I can't get the
    remaining 8,9 drivers etc., uninstalled. [Windows will NOT let me change
    attributes so I can finish uninstalling Win Def. completely !] : neither as
    an administrator, or even as the creator/owner ? What's up with this ? Norton
    has new definitions, updates every day or at least three times week with
    REAL updated protection. Windows Defender doesn't do anything even close to
    that. All it does is sit there and give my nb's security software problems as
    it attempts to disable/close Norton and open itself as the #1 protector in
    the security heirarchy; hence my decision to get RID of Windows Defender. It
    was great for early XP when WinDef was first released, however it cannot
    handle the vast amount of realtime protection when running VISTA HomePremium
    and MS Office, MS Gallery, etc., which really slow down my dv9548us HP
    notebook. I was going to order 4 g's of RAM but after an honest discussion
    with a REAL American customer rep @ Hewlett-Packard who told me about the 3.5
    g ceiling on usuable RAM for 32 bit systems ,so I did not. I have been
    putting off d/l & installing Win VISTA SP1 update
    up until now hoping that MS would produce a revised version that REALLY
    works and doesn't wreak havoc on other drivers and Windows programs.
    Unfortunately it looks as though MS is pushing VISTA into the curb and
    focusing all their attention on Windows "7". Somebody please tell me that
    downloading and installing SP1 is really a good idea and has made your VISTA
    experience so much better...anyone out there ??"

    Mark
    Albuquerque, NM
    _______________________________________________________________________
     
    Markus Maximus09, Jul 1, 2008
    #25
  6. Justin

    Paolo Guest

    Ok Justin,
    I understand your problem, and I can help you fix it, go to Start, Control
    Panel, Make sure control panel is on "classic view" then go to administrative
    tools, then services, find Windows Defender, double click it, make sure the
    startup type is on Automatic, and then press start up windows defender if it
    is off.



    For more help please go to: www.computerpit.wordpress.com
     
    Paolo, Jul 24, 2008
    #26
  7. Justin

    PAOLO Guest

    Justin, aslo try going to the even log, under start, control panel, classic
    view, administrative tools, system events.
     
    PAOLO, Jul 24, 2008
    #27
  8. Unable to enable Windows Defender application in Windows Vista
    http://support.microsoft.com/kb/555962


    MowGreen [MVP 2003-2008]
    ===============
    *-343-* FDNY
    Never Forgotten
    ===============
     
    MowGreen [MVP], Jul 24, 2008
    #28
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.