Jump to content

HJT LOG - Having explore has encounted a problem error

devilheart14

By devilheart14
in Tech and Computers

 Share

Recommended Posts

devilheart14

devilheart14

Posted
Posted

Hay i was wondering if someone could take a look over this HJT log for me cheers.

 

 

 

Also im getting "Explorer has encounted a problem and needs to close" problem. (not IE but windows explorer). Happens when frequently no real pattern atm. But did some googling and hopefully if someone can look through this log it will help.

 

 

 

Cheers,

 

Phil

 

 

 

Logfile of HijackThis v1.99.1

 

Scan saved at 6:05:34 PM, on 6/20/2006

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

MSIE: Internet Explorer v7.00 (7.00.5346.0005)

 

 

 

Running processes:

 

C:\WINDOWS\System32\smss[Caution: Executable File]

 

C:\WINDOWS\system32\winlogon[Caution: Executable File]

 

C:\WINDOWS\system32\services[Caution: Executable File]

 

C:\WINDOWS\system32\lsass[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File]

 

C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

C:\Program Files\CyberLink\Shared files\RichVideo[Caution: Executable File]

 

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\WINDOWS\system32\UAService7[Caution: Executable File]

 

C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File]

 

C:\WINDOWS\RTHDCPL[Caution: Executable File]

 

C:\Program Files\Logitech\G-series Software\LGDCore[Caution: Executable File]

 

C:\Program Files\Logitech\G-series Software\LCDMon[Caution: Executable File]

 

C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]

 

C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: Executable File]

 

C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]

 

C:\Program Files\Logitech\G-series Software\Applets\LCDClock[Caution: Executable File]

 

C:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4[Caution: Executable File]

 

C:\Program Files\Logitech\G-series Software\Applets\LCDMedia[Caution: Executable File]

 

C:\WINDOWS\system32\RUNDLL32[Caution: Executable File]

 

C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]

 

C:\WINDOWS\system32\LVCOMSX[Caution: Executable File]

 

C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File]

 

C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File]

 

C:\Program Files\MSN Messenger\MsnMsgr[Caution: Executable File]

 

C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor[Caution: Executable File]

 

C:\Program Files\Logitech\SetPoint\SetPoint[Caution: Executable File]

 

C:\Program Files\WinZip\WZQKPICK[Caution: Executable File]

 

C:\Program Files\Logitech\Video\FxSvr2[Caution: Executable File]

 

C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR[Caution: Executable File]

 

C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

C:\WINDOWS\system32\ZoneLabs\isafe[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File]

 

C:\WINDOWS\system32\mspaint[Caution: Executable File]

 

C:\WINDOWS\explorer[Caution: Executable File]

 

C:\Program Files\LimeWire\LimeWire[Caution: Executable File]

 

C:\Documents and Settings\Phillip\Local Settings\Temp\wzd446\HijackThis[Caution: Executable File]

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}

 

O2 - BHO: XBTP05231 - {031F120A-BBAF-45d8-B306-375F2A6B9398} - C:\PROGRA~1\ALCOHO~1\ALCOHO~1\CABINW~1.DLL

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

 

O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\cab.in.work.temp.dll

 

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL[Caution: Executable File]

 

O4 - HKLM\..\Run: [Alcmtr] ALCMTR[Caution: Executable File]

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install

 

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore[Caution: Executable File]" /SHOWHIDE

 

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon[Caution: Executable File]"

 

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR[Caution: Executable File]

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]"

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: Executable File]" -atboottime

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: Executable File]

 

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]"

 

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language[Caution: Executable File]"

 

O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4[Caution: Executable File]

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck[Caution: Executable File]

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon[Caution: Executable File]" -lang 1033

 

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX[Caution: Executable File]

 

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart[Caution: Executable File]

 

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray[Caution: Executable File]

 

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File]"

 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: Executable File]" /background

 

O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor[Caution: Executable File]"

 

O4 - HKCU\..\Run: [steam] C:\Program Files\Valve\Steam\\Steam[Caution: Executable File] -silent

 

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine[Caution: Executable File]" boot

 

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File]

 

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: Executable File]

 

O4 - Global Startup: Logitech SetPoint.lnk = ?

 

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK[Caution: Executable File]

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL[Caution: Executable File]/3000

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

 

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O11 - Options group: [iNTERNATIONAL] International*

 

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab

 

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6739501140

 

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab

 

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab

 

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

 

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

 

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

 

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

 

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File]

 

O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe[Caution: Executable File]

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT[Caution: Executable File]

 

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File]

 

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo[Caution: Executable File]

 

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: Executable File]

 

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7[Caution: Executable File]

 

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File]

Aussie Aussie Aussie,

 

:D

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept