Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Please check my hijackthis log
New Posts  All Forums:Forum Nav:

Please check my hijackthis log

post #1 of 2
Thread Starter 
I'm using wondows XP professional and whenever I shut down or log off my computer , This thing appears to me



could anyone tell me what is causing this thing appear before my computer log off or shutdown ? And how could I fix this ?


Here is my hijackthis log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:48:49 PM, on 12/24/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\
vsvc32.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\Program Files\\Java\\jre6\\bin\\jqs.exe
C:\\WINDOWS\\system32\\srvany.exe
C:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe
C:\\WINDOWS\\KMService.exe
C:\\WINDOWS\\system32\\PnkBstrA.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\system32\\wscntfy.exe
C:\\WINDOWS\\system32\\ctfmon.exe
C:\\WINDOWS\\Explorer.EXE
C:\\WINDOWS\\system32\
undll32.exe
C:\\Program Files\\CyberLink\\PowerDVD9\\PDVD9Serv.exe
C:\\Program Files\\IDT\\WDM\\sttray.exe
C:\\PROGRA~1\\ALWILS~1\\Avast5\\avastUI.exe
C:\\WINDOWS\\system32\\RUNDLL32.EXE
C:\\Program Files\\Real\\RealPlayer\\update\
ealsched.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\WINDOWS\\system32\\msiexec.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HiJackThis.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = about:blank
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.d ll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\\PROGRA~1\\MICROS~2\\Office14\\URLREDIR.DLL
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\\Program Files\\Free Download Manager\\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\Program Files\\Java\\jre6\\lib\\deploy\\jqs\\ie\\jqs_plugi n.dll
O4 - HKLM\\..\\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\\..\\Run: [RemoteControl9] "C:\\Program Files\\CyberLink\\PowerDVD9\\PDVD9Serv.exe"
O4 - HKLM\\..\\Run: [PDVD9LanguageShortcut] "C:\\Program Files\\CyberLink\\PowerDVD9\\Language\\Language.ex e"
O4 - HKLM\\..\\Run: [QuickTime Task] "C:\\Program Files\\QuickTime\\QTTask.exe" -atboottime
O4 - HKLM\\..\\Run: [SysTrayApp] %ProgramFiles%\\IDT\\WDM\\sttray.exe
O4 - HKLM\\..\\Run: [avast5] C:\\PROGRA~1\\ALWILS~1\\Avast5\\avastUI.exe /nogui
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] "C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [nwiz] C:\\Program Files\\NVIDIA Corporation\
View\
wiz.exe /installquiet
O4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] "C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe"
O4 - HKLM\\..\\Run: [Adobe ARM] "C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe"
O4 - HKLM\\..\\Run: [TkBellExe] "C:\\Program Files\\Real\\RealPlayer\\update\
ealsched.exe" -osboot
O4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe
O4 - HKCU\\..\\Run: [ATI Display] C:\\DOCUME~1\\User\\LOCALS~1\\Temp\\ATI_disp.exe
O4 - HKUS\\S-1-5-19\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\\S-1-5-20\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\\S-1-5-18\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\\.DEFAULT\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\\Program Files\\Free Download Manager\\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\\Program Files\\Free Download Manager\\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\\Program Files\\Free Download Manager\\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\\Program Files\\Free Download Manager\\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office14\\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\\Program Files\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\\WINDOWS\\system32\\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\WINDOWS\\system32\\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\\Program Files\\Dragon Age\\bin_ship\\DAUpdaterSvc.Service.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\\Program Files\\Google\\Update\\GoogleUpdate.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\1150\\Intel 32\\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\Program Files\\Java\\jre6\\bin\\jqs.exe
O23 - Service: KMService - Unknown owner - C:\\WINDOWS\\system32\\srvany.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\
vsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\\WINDOWS\\system32\\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\\Program Files\\Nokia\\PC Connectivity Solution\\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\\program files\\idt\\intelxpv_v103\\wdm\\STacSV.exe

--
End of file - 7562 bytes
post #2 of 2
I don't see anything suspicious off hand. Running a good registry cleaner like Glary Utilities will probably get rid off that error.

Avast sure has a lot of bloat to it anymore though. Probably more so that AVG. And all that Nero startup crap has really got to go. Do yourself a favor and run Startuplite by Malwarebytes. I'll bet it speeds your startup by about 2 minutes.
Edited by PhillyOverclocker - 12/24/10 at 12:23pm
My System
(17 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X4 955  Gigabyte GA-MA790XT-UD4P Sapphire HD 6950 Sapphire HD 6950 
RAMHard DriveHard DriveOptical Drive
G-Skill Mushkin Callisto Deluxe WD Black LG Supermulti 
CoolingOSKeyboardPower
Rasa Black CPU water block. Rasa X20 pump/res c... Windows 7 Ultimate x64 Deck Legend Fire mechanical with Cherry Black s... Cooler Master Silent Pro Gold 1200W modular PSU. 
CaseMouseAudio
Cooler Master Storm Scout Logitech MX-518 Logitech Wireless headset for gaming and 100w M... 
  hide details  
Reply
My System
(17 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X4 955  Gigabyte GA-MA790XT-UD4P Sapphire HD 6950 Sapphire HD 6950 
RAMHard DriveHard DriveOptical Drive
G-Skill Mushkin Callisto Deluxe WD Black LG Supermulti 
CoolingOSKeyboardPower
Rasa Black CPU water block. Rasa X20 pump/res c... Windows 7 Ultimate x64 Deck Legend Fire mechanical with Cherry Black s... Cooler Master Silent Pro Gold 1200W modular PSU. 
CaseMouseAudio
Cooler Master Storm Scout Logitech MX-518 Logitech Wireless headset for gaming and 100w M... 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Please check my hijackthis log