Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hjt - Dll Error On Windows Shutdown/restart


  • This topic is locked This topic is locked
2 replies to this topic

#1 jwalters69

jwalters69

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 25 September 2008 - 11:18 PM

I'm receiving a DLL error when I shutdown / restart my Windows XP box. While not disastrous in any way, it's just sort of irritating that my computer isn't running perfectly (yes, I'm a.nal like that :thumbsup:)

I've posted my HJT logs to see if anyone can find a problem with it. I've gone through and marked an asterisk (*) on the lines which I know are good, due to the software I know I've purposely installed on my system, but would appreciate any and all feedback, nonetheless.

What can I get rid of from here to optimize everything?
BONUS QUESTION: Strange occurrence - when I hit the '*' asterisk key on the keypad followed by the down arrow and left arrow in rapid succession (as I did below marking the lines), the CALCULATOR application will frequently pop up for no darn reason at all! This is incredibly annoying, and I've checked the properties of the calculator program to ensure that there are no shortcut keys associated with it, which would cause this to occur.

Thanks for your time!

Running processes:
*C:\WINDOWS\System32\smss.exe
*C:\WINDOWS\system32\winlogon.exe
*C:\WINDOWS\system32\services.exe
*C:\WINDOWS\system32\lsass.exe
*C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\spoolsv.exe
*C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
*C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
*C:\Program Files\Bonjour\mDNSResponder.exe
*C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
*C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
*C:\Program Files\Network Associates\VirusScan\Mcshield.exe
*C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
*D:\Program Files\Envy24\EnMixCPL.exe
*C:\Program Files\SnapStream Media\Firefly Mini\FireflyMini.exe
*C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
*C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
*C:\WINDOWS\system32\WDBtnMgr.exe
*C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
*C:\Program Files\SnapStream Media\Firefly\Firefly.exe
*C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
*C:\Program Files\MSN Messenger\MsnMsgr.Exe
*C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
*C:\Program Files\Winamp Remote\bin\OrbTray.exe
*C:\Program Files\Google\Google Updater\GoogleUpdater.exe
*C:\Program Files\PowerMenu\PowerMenu.exe
*C:\Program Files\My Book\WD Backup\uBBMonitor.exe
*D:\Program Files\SpywareGuard\sgmain.exe
*D:\Program Files\SpywareGuard\sgbhp.exe
*C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
*C:\Program Files\Winamp Remote\bin\Orb.exe
*C:\Program Files\iPod\bin\iPodService.exe
*C:\PROGRA~1\COMMON~1\SNAPST~1\Common\x10nets.exe
C:\Program Files\MSN Messenger\usnsvc.exe
*C:\Documents and Settings\Jeff\Desktop\HiJackThis.exe
*C:\Program Files\Internet Explorer\IEXPLORE.EXE
*C:\Program Files\Mozilla Firefox\firefox.exe

*R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
*R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
*O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
*O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - d:\Program Files\SpywareGuard\dlprotect.dll
*O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
*O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
*O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
*O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
*O4 - HKLM\..\Run: [EnvyHFCPL] D:\Program Files\Envy24\EnMixCPL.exe
*O4 - HKLM\..\Run: [FireflyMini] "C:\Program Files\SnapStream Media\Firefly Mini\FireflyMini.exe"
*O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
*O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
*O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
*O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
*O4 - HKLM\..\Run: [NuonSoft ShellEnhancer StartupHelper] C:\Program Files\NuonSoft\ShellEnhancer\StartupHelper.exe
*O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
*O4 - HKLM\..\Run: [WD Spindown Utility] "C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe"
*O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
*O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
*O4 - HKLM\..\Run: [Firefly] C:\Program Files\SnapStream Media\Firefly\Firefly.exe
*O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
*O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
*O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
*O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
*O4 - HKCU\..\Run: [FireflyMini] "C:\Program Files\SnapStream Media\Firefly Mini\FireflyMini.exe"
*O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
*O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
*O4 - Startup: SpywareGuard.lnk = D:\Program Files\SpywareGuard\sgmain.exe
*O4 - Global Startup: APC UPS Status.lnk = ?
*O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
*O4 - Global Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe
*O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://moneycentral.msn.com/cabs/pmupd806.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
*O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
*O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
*O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
*O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
*O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
*O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
*O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
*O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
*O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\SNAPST~1\Common\x10nets.exe

BC AdBot (Login to Remove)

 


#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:06:42 PM

Posted 05 October 2008 - 01:20 PM

Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new HijackThis log. Please see Preparation Guide for use before posting about your potential Malware problem. Thank you for your patience.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:06:42 PM

Posted 15 October 2008 - 06:31 AM

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users