I post here because I'm not quite sure what is going on with my computer. Something is conflicting with my search indexer and causing it to crash multiple times. This of course, happens when I am using it (I suppose) when I'm using something like Windows Photo Gallery or Nero, but not always. error diaglogue says that esent.dll is the cause of SearchIndexer.exe. Anyway, I'll upload the hjt log, and if you don't think it's some kind of malware or something, I'll move my query to a different area. Thanks!
PS-It seems HJT has detected quite a few errors, but I won't do anything until I get a reply from you
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:30 PM, on 10/20/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\AIM6\aim6.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Symantec\Backup Exec System Recovery\Agent\VProTray.exe
C:\Program Files (x86)\AIM6\aolsoftware.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Mozilla Firefox 3.5 Beta 4\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/HardAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WinSSHD Activation State Checker] "C:\Program Files (x86)\Bitvise WinSSHD\WinsshdActStateCheck.exe"
O4 - HKLM\..\Run: [Symantec Backup Exec System Recovery 8.0] "C:\Program Files (x86)\Symantec\Backup Exec System Recovery\Agent\VProTray.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Aim6] "C:\Program Files (x86)\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: En&queue current page with BID - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm
O8 - Extra context menu item: Enqueue link tar&get with BID - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
O8 - Extra context menu item: Open &link target with BID - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm
O8 - Extra context menu item: Open current page with BI&D - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm
O8 - Extra context menu item: Open current page with BID Link Explorer - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://s0.2mdn.net
O15 - ESC Trusted Zone: http://js.adsonar.com
O15 - ESC Trusted Zone: http://servedby.advertising.com
O15 - ESC Trusted Zone: http://uac.advertising.com
O15 - ESC Trusted Zone: http://o.aolcdn.com
O15 - ESC Trusted Zone: http://rmd.atdmt.com
O15 - ESC Trusted Zone: http://view.atdmt.com
O15 - ESC Trusted Zone: http://at.atwola.com
O15 - ESC Trusted Zone: http://cdn.at.atwola.com
O15 - ESC Trusted Zone: http://launcher.champions-online.com
O15 - ESC Trusted Zone: http://www.champions-online.com
O15 - ESC Trusted Zone: http://ad.doubleclick.net
O15 - ESC Trusted Zone: http://blogs.battlefield.ea.com
O15 - ESC Trusted Zone: http://www.google-analytics.com
O15 - ESC Trusted Zone: http://www.gowindowslive.com
O15 - ESC Trusted Zone: http://rad.msn.com
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://edge.quantserve.com
O15 - ESC Trusted Zone: http://an.tacoda.net
O15 - ESC Trusted Zone: http://anrtx.tacoda.net
O15 - ESC Trusted Zone: http://m.webtrends.com
O15 - ESC Trusted Zone: http://client.winamp.com
O15 - ESC Trusted Zone: http://media.winamp.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://launcher.worldofwarcraft.com
O15 - ESC Trusted Zone: http://runonce.msn.com (HKLM)
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E49047E-A6B1-48AB-83EE-F89B5A2ABD23}: Domain = thedeathstar
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E49047E-A6B1-48AB-83EE-F89B5A2ABD23}: NameServer = 68.105.28.11,68.105.29.11
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFC24E37-37A2-4155-8D80-C39D08F5F9E8}: NameServer = 68.5.28.11,68.5.29.11
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E49047E-A6B1-48AB-83EE-F89B5A2ABD23}: Domain = thedeathstar
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E49047E-A6B1-48AB-83EE-F89B5A2ABD23}: NameServer = 68.105.28.11,68.105.29.11
O17 - HKLM\System\CS2\Services\Tcpip\..\{5E49047E-A6B1-48AB-83EE-F89B5A2ABD23}: Domain = thedeathstar
O17 - HKLM\System\CS2\Services\Tcpip\..\{5E49047E-A6B1-48AB-83EE-F89B5A2ABD23}: NameServer = 68.105.28.11,68.105.29.11
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Backup Exec System Recovery - Symantec Corporation - C:\Program Files (x86)\Symantec\Backup Exec System Recovery\Agent\VProSvc.exe
O23 - Service: @%systemroot%\system32\dfssvc.exe,-101 (Dfs) - Unknown owner - C:\Windows\system32\dfssvc.exe (file missing)
O23 - Service: @dfsrress.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSRs.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: CNG Key Isolation (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Netlogon - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%windir%\system32\nfsrc.dll,-5001 (NfsClnt) - Unknown owner - C:\Windows\system32\nfsclnt.exe (file missing)
O23 - Service: @%windir%\system32\nfsrc.dll,-5007 (NfsService) - Unknown owner - C:\Windows\system32\nfssvc.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Resultant Set of Policy Provider (RSoPProv) - Unknown owner - C:\Windows\system32\RSoPProv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: SNMP Trap (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%windir%\system32\srm.dll,-3022 (SrmReports) - Unknown owner - C:\Windows\system32\srmhost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SymSnapService - Symantec - C:\Program Files (x86)\Symantec\Backup Exec System Recovery\Shared\Drivers\SymSnapServicex64.exe
O23 - Service: Interactive Services Detection (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Virtual Disk (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: WinSSHD - Bitvise - C:\Program Files (x86)\Bitvise WinSSHD\WinSSHD.exe
O23 - Service: WMI Performance Adapter (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 11187 bytes