Another IEXPLORE.EXE problem..

Here’s my HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:45:08 PM, on 10/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Nick\Desktop\Jewels\Yod’m 3D\Yodm3D.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\InstantEyedropper\InstantEyedropper.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ultimate-guitar.com/
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/itunes/download/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 – BHO: btorbit.com – {000123B4-9B42-4900-B3F7-F4B073EFC214} – C:\Program Files\Orbitdownloader\orbitcth.dll
O2 – BHO: (no name) – {02478D38-C3F9-4efb-9B51-7695ECA05670} – (no file)
O2 – BHO: StumbleUpon Launcher – {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} – C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 – BHO: Pop-Up Blocker BHO – {3C060EA2-E6A9-4E49-A530-D4657B8C449A} – C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 – BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 – BHO: solution Class – {99C6D1BB-7555-474C-91DA-D8FB62A9CC75} – C:\WINDOWS\system32\4jfODnGM.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – c:\program files\google\googletoolbar3.dll
O2 – BHO: HpWebHelper – {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} – C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll
O3 – Toolbar: &Google – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – c:\program files\google\googletoolbar3.dll
O3 – Toolbar: StumbleUpon Toolbar – {5093EB4C-3E93-40AB-9266-B607BA87BDC8} – C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 – HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 – HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe"
O4 – HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 – HKLM\..\Run: [Srv32Win] C:\Program Files\csrss.exe
O4 – HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 – HKLM\..\Run: [SSC_UserPrompt] "c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 – HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 – HKLM\..\Run: [IS CfgWiz] c:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
O4 – HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 – HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 – HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 – HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 – HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 – HKLM\..\Run: [Verizon Internet Security Suite] "C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe"
O4 – HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 – HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [I&F Viewer toolbar] "C:\Nick\Photo Toolkit\ivbar\phototoolkitmem.exe" -start
O4 – HKCU\..\Run: [Yodm3D] C:\Documents and Settings\Nick\Desktop\Jewels\Yod’m 3D\Yodm3D.exe
O4 – HKCU\..\Run: [instanteyedropper] "C:\Program Files\InstantEyedropper\InstantEyedropper.exe"
O4 – .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User ‘Default user’)
O4 – Global Startup: hiresfs.exe
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 – Extra context menu item: &Download by Orbit – res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 – Extra context menu item: &Google Search – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Grab video by Orbit – res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 – Extra context menu item: &Translate English Word – res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Do&wnload selected by Orbit – res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 – Extra context menu item: Down&load all by Orbit – res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: StumbleUpon PhotoBlog It! – res://StumbleUponIEBar.dll/blogimage
O8 – Extra context menu item: Translate Page into English – res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Run IMVU – {d9288080-1baa-4bc4-9cf8-a92d743db949} – C:\Documents and Settings\Nick\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 – Extra button: Internet Connection Help – {E2D4D26B-0180-43a4-B05F-462D6D54C789} – C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 – Extra ‘Tools’ menuitem: Internet Connection Help – {E2D4D26B-0180-43a4-B05F-462D6D54C789} – C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} (Panasonic Network Camera) – http://208.0.229.84/SysCamInst.cab
O16 – DPF: {1DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) – http://www.activeworlds.com/products…dsDownload.cab
O16 – DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KXHCM10 Control) – http://vhshop.cmauto.com:8002/kxhcm10.ocx
O16 – DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) – http://disney.go.com/pirates/online/…nlineGames.cab
O16 – DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) – http://www2.snapfish.com/SnapfishActivia.cab
O16 – DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} – http://wb17pier.axiscam.net:8080//activex/AMC.cab
O16 – DPF: {BCEF5CDE-BAD4-4532-A30B-9D16D502DE69} (BugsInstallEx Control) – http://install.bugs.co.kr/install/BugsInstallerEx.cab
O21 – SSODL: zip – {2c523136-fc88-48a7-b41d-b9f143c0eea5} – C:\WINDOWS\Installer\{2c523136-fc88-48a7-b41d-b9f143c0eea5}\zip.dll (file missing)
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: Apple Mobile Device – Apple Inc. – C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 – Service: Bonjour Service – Apple Inc. – C:\Program Files\Bonjour\mDNSResponder.exe
O23 – Service: CSIScanner – Prevx – C:\Program Files\PrevxCSI\prevxcsi.exe
O23 – Service: DvpApi (dvpapi) – Authentium, Inc. – C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 – Service: Intel® Quick Resume Technology Drivers (ELService) – Intel Corporation – C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 – Service: FLEXnet Licensing Service – Macrovision Europe Ltd. – C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 – Service: Google Updater Service (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 – Service: iPod Service – Apple Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) – CA, Inc. – C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 – Service: LightScribeService Direct Disc Labeling Service (LightScribeService) – Hewlett-Packard Company – C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: PDAgent – Raxco Software, Inc. – C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 – Service: PDEngine – Raxco Software, Inc. – C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 – Service: Verizon Internet Security Suite (Radialpoint Security Services) – Radialpoint Inc. – C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAware.exe
O23 – Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) – CACE Technologies – C:\Program Files\WinPcap\rpcapd.exe
O23 – Service: Verizon Internet Security Suite Update Service (RPSUpdaterR) – Radialpoint Inc. – C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
O23 – Service: Verizon Internet Security Suite Firewall (RP_FWS) – Verizon – C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
O23 – Service: Viewpoint Manager Service – Viewpoint Corporation – C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 – Desktop Component 0: (no name) – http://img3.musiciansfriend.com/dbas…7/8/504678.jpg
O24 – Desktop Component 1: (no name) – C:\Documents and Settings\Nick\My Documents\My Pictures\Copy of gibson les paul heritage cherry.jpg
O24 – Desktop Component 2: (no name) – C:\Documents and Settings\Nick\My Documents\My Pictures\slideshow\edge-u2[1].jpg
O24 – Desktop Component 3: (no name) – C:\Documents and Settings\Nick\My Documents\My Pictures\Answer_to_Life.png
O24 – Desktop Component 4: (no name) – http://content.answers.com/main/cont…Halen_logo.jpg

–
End of file – 14908 bytes

Метки: bit, Blog, boot, company, content, date, default, device, DNS, Doc, download, drive, driver, file, FREE, google, GUI, help, Internet, Licensing, lid, life, mess, Microsoft, Name, net, Office, Online, page, picture, platform, point, port, process, product, RAM, read, RSS, running, search, software, system, target, task, time, Top, use, user, version, Windows, world

This entry was posted on Thursday, October 2nd, 2008 at 11:48 pm and is filed under Hi-Tech blog. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

hi-tech blog

Another IEXPLORE.EXE problem..

Calendar

Archives

RSS

Recent Posts

Counter

October 2008
M	T	W	T	F	S	S
« Sep				Nov »
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31