uTorrent Keeps Freezing

Hi all

I've looked about on this Forum and also the rest of the Internet to try and find out why uTorrent keeps freezing. I'm using version 1.7.7 which I believe is the latest version.

Everything was alright until my other computer packed in running XP Pro, I bought this custom made PC and I installed Vista Ultimate on it. This entailed upgrading all my software from XP to Vista and a lot of downloading the upgrades from all the sites where my software originated, which is a lot as I've just over 100GB of software installed on my PC. Everything was working fine until I installed uTorrent, uTorrent is always freezing up and when I try to bring a web page up while uTorrent is running in the background the web page that I'm trying to access also freezes too.

Any input to this problem will be much appreciated, and thanks in advance for any replies.

Regards Plug

Hijackthis log and process explorer process list please

This is the fix, guys:

Patch TCPIP.SYS to raise the half-open limit from 10 to 40, using a free proggie like

Event ID 4226 Patcher from www.lvllord.de.

Leave uTorrent's settings alone.

This actually works, but be careful.

It may impede HTTP uploading if you set it too high.

Good luck.

I'm not sure if this proggie works on Vista, but if it doesn't, you'll still know what to fix. There are other freebie patchers out there.

tcpip.sys patching is not a cureall.

Patching TCPIP.SYS may make other networking problems FAR more severe!

For troubleshooting problems, it's better to reduce uTorrent's half open rate from the default of 8 down to 1-4.

And disable extra features that generate extra traffic ...such as UPnP, DHT, Local Peer Discovery, and Resolve IPs in uTorrent.

Hi I am sorry about the delay in responding to your answers, but I had to do a clean install but the problem still persists. Thanks the replies but I'm not very keen on using patches only as a last resort, below is the highjack this report if someone can make any sense of it.

uTorrent works in a fashion as it gives me download speeds of between 550kbs/ps and 650kbs/ps, but it keeps not responding every few seconds that I've got up on the screen. It will download a 700MB file in about half an hour to forty minutes, depending how many are seeding.

Which brings me to another problem, since I re-installed my operating system the completed torrents are no longer listed on uTorrent when I start uTorrent up I have to go to the websites to find the torrent to relist them in uTorrent so I can seed them which is a bit of a pain.

Regards Plug

-----------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:29:26, on 01/06/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\apvxdwin.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\InkSaver\InkSaver.exe

C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe

C:\Program Files\TalkTalk\bin\sprtcmd.exe

C:\Program Files\Norton Ghost\Agent\VProTray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe

C:\Program Files\Internet Explorer\IEUser.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [inkSaver] C:\Program Files\InkSaver\InkSaver.exe hide

O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en

O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk

O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-gb/wlscctrl2.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7BD7907E-62DB-4DE3-96BB-3AE91DE5B8B9}: NameServer = 62.24.218.50 62.24.218.51

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrvx86.exe

O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

O23 - Service: Panda PSK service (PskSvcRetail) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PskSvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: SupportSoft Sprocket Service (TalkTalk) (sprtsvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\TalkTalk\bin\sprtsvc.exe

O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe

O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

O23 - Service: SupportSoft Repair Service (TalkTalk) (tgsrvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--

End of file - 10017 bytes

File indexers play havoc on uTorrent, as they prevent uTorrent from reading/writing torrents at odd times:

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

I've heard that Panda AV doesn't play nice with uTorrent...nor does almost anything by Norton.

Could be trouble?:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Ooooh... two possible culprits. Panda doesn't seem to play well on Vista. However to find out what module is the problem may take some time... so if you want to rule it out you can uninstall the whole thing. Then if the crashing still occurs install all of it but turn on only 1 or 2 of those services on at once. . . when you see the problem remanifest you know what did it.

The other software which seems to be at fault is the webroot washer or spy sweeper package.

Thanks guys

I had a feeling about:O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

Which I usually disable anyway but I've disabled it now, you both mention Panda I've been using Panda for the last 4 years both on XP Pro and now on Vista. I never had any problems on XP over the past 4 years and I've got Panda configured for uTorrent as it is now on Vista.

You also mention Spy Sweeper, does the same apply to CCleaner because that cleans just as good as Spy Sweeper.

How does Zone Alarm handle with uTorrent as I used that before Panda?

As for the:O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

A search in the registry showed it intact, and just for good measure I ran SFC /SCANNOW on my computer and everything came back clear. The above is an extension file in the registry and intact to do with Internet Explorer7, I'll go to the Microsoft website to see if there is a tool to check IE7.

And thanks again for the advice. Regards Plug

Zone Alarm is even worse than Panda, as not only will it cause weird problems, it often crashes the entire computer with a blue screen of death.

Also, Panda works perfectly fine on XP... But it does not on Vista, and works even worse with SP1. THis only applies to the firewall; I think the AV part should work fine.

Spy Sweeper should not cause any issues, no need to remove it.

Thanks for the input there Firon, but by the sound of things which ever Internet Security System one chooses they are going to have these problems by the look of things.

I have tried another torrent downloader who's name starts with an "A", I don't want to get banned for using what maybe a trade name hence the "A" will suffice. But that downloaded torrents from its own website at the rate of 5 to 700kbs/ps, but would not recognise other torrents and no freezing; and that's with my setup now.

I guess I'll have to read all the FAQ and the Search like DreadWingNight pointed out underneath my initial post, so thanks again for the input I'll get it sorted eventually.

Regards Plug

Thanks for the input there Firon, but by the sound of things which ever Internet Security System one chooses they are going to have these problems by the look of things.

The side-effect of big businesses only caring about lining their own pockets.

I guess I'll have to read all the FAQ and the Search like DreadWingNight pointed out underneath my initial post, so thanks again for the input I'll get it sorted eventually.

What is it with people thinking that signatures are part of forum posts?

hey guys,

i've been having this problem after upgrading to vista as well. i had no idea what the problem was, but was suspicious of vista since utorrent has always worked well for me under winxp.

i'm now thinking that it might be the inbuilt vista indexing service that's causing problems? i've just disabled it on my two utorrent folders and hopefully i'll see an improvement. that said, vista asked me if i wanted to disable indexing on all files and subfolders.

my query is whether or not the files themselves are flagged as being non indexed, or if it is just the location in which they are stored. if the files themselves carry the attribute then that could be quite annoying - i'd rather only have the two specified folders not being indexed.

hi!

i used highjack this software. please tell me if i need to remove anything. thanks

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:39:17 PM, on 7/2/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\WINDOWS\444.470

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\portsv.exe

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\uoyzsydz.exe

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\All Users\Application Data\wlwrsbit\stijwlsz.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Digital Media Reader\readericon45G.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\CyberLink\PCM4Everio\EverioService.exe

C:\WINDOWS\System32\Rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\SightSpeed\SightSpeed.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\system32\xwfotgfo.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\BigFix\bigfix.exe

C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Owner\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def … .yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\uoyzsydz.exe,

O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)

O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)

O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)

O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)

O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)

O2 - BHO: 459849 helper - {2839B753-1D7A-4C28-8F8D-86CEFFE5F205} - (no file)

O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)

O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)

O2 - BHO: (no name) - {305FFA8A-BFDF-4F15-87D9-12901374B1F9} - C:\WINDOWS\system32\qoMgGwwx.dll (file missing)

O2 - BHO: (no name) - {467faeb2-5f5b-4c81-bae0-2a4752ca7f4e} - (no file)

O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL

O2 - BHO: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5876E289-BF90-4F90-02D7-037EA8E41BE8} - C:\Documents and Settings\All Users\Application Data\dscdb\ApiChkSh.dll

O2 - BHO: (no name) - {587dbf2d-9145-4c9e-92c2-1f953da73773} - (no file)

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: (no name) - {6cc1c91a-ae8b-4373-a5b4-28ba1851e39a} - (no file)

O2 - BHO: (no name) - {79369d5c-2903-4b7a-ade2-d5e0dee14d24} - (no file)

O2 - BHO: (no name) - {799a370d-5993-4887-9df7-0a4756a77d00} - (no file)

O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)

O2 - BHO: (no name) - {a55581dc-2cdb-4089-8878-71a080b22342} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: (no name) - {ACED1C9F-2718-4512-9F69-F4E28C1F484F} - C:\WINDOWS\system32\yayvUKcy.dll (file missing)

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: InlineSearchHandleHotKey - {B6FFE2AE-4D12-451F-B457-FE6125FFB1CF} - C:\Program Files\IEForge\Inline Search\InlineSearch.dll

O2 - BHO: (no name) - {b847676d-72ac-4393-bfff-43a1eb979352} - (no file)

O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)

O2 - BHO: (no name) - {bf3f9e3d-b202-d690-1f1d-7d27f3160e6c} - (no file)

O2 - BHO: targetedbanner browser optimizer - {cb4f59ee-82bd-db44-a534-5100ac0dae10} - C:\WINDOWS\system32\mnwixakzwkkma.dll

O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)

O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)

O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)

O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)

O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)

O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)

O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe

O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [bearFlix] "C:\Program Files\BearFlix\BearFlix.exe" /pause

O4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"

O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF

O4 - HKLM\..\Run: [AntispyStorm] C:\Program Files\AntispyStorm\AntispyStorm.exe

O4 - HKLM\..\Run: [{238bfbd3-95f2-a4d5-3289-a6a3fe5f35ed}] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\mnwixakzwkkma.dll" DllStart

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [sightSpeed] C:\Program Files\SightSpeed\SightSpeed.exe -minimized

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0

O4 - HKCU\..\Run: [sijhwpta] C:\WINDOWS\system32\ubmdajcv.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [jqgsxyui] C:\WINDOWS\system32\xwfotgfo.exe

O4 - HKLM\..\Policies\Explorer\Run: [MGpbg7DnFU] C:\Documents and Settings\All Users\Application Data\wlwrsbit\stijwlsz.exe

O4 - HKUS\S-1-5-18\..\Run: [Power2GoExpress] NA (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')

O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe

O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe

O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: &Search - ?p=ZKfox000(2)

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Share … mCtl32.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: yayvUKcy - yayvUKcy.dll (file missing)

O21 - SSODL: ShAdm - {1907D505-02D8-8784-C6F8-0385CD0093D2} - C:\Program Files\qadyysb\ShAdm.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINDOWS\444.470.exe (file missing)

O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Plug and Play (RPC) (PlugPlayRPC) - Unknown owner - C:\WINDOWS\portsv.exe

O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--

End of file - 13661 bytes

please help me thanks

uoyzsydz.exe is malware. You've got other malware on your system. I suggest reinstalling Windows.

Trying to figure out HOW your system got as bad as it is .. would be a good thing to do before reinstalling so you can ascertain whether you need to fully repatch yourself to SP3, or just don't use IE, or add on all those browser toolbars...

i downloaded utorrent and downloaded adobe photoshop, sony vegas and ulead. when they were done i open the setup of adobe then there were pop ups all of a sudden. however, i installed norton in my computer and it said that it removed viruses and cookies. do u think my comp is okay nw? my computer is now slow though.

anyway, i don't have to reinstall my comp, like its my last resort. maybe i can still remove all the malware using highjackthis. please tell me all the things that i have to remove. thank you so much.

Even an expert would probably be extremely hard-pressed to get all the bad crap off your system now. And standard antivirus software is almost guaranteed to miss something.

You really need to re-read the Announcement above your first post in this forum...then edit your post/s.

Norton = crap.

You can try the expert route, or if you can get to a clean system connect the drive externally and scan it. Disable unnecessary start up items after scanning, reset the Winsock catalog. Spybot again as well as adaware. Don't run/copy anything off of it :/. Delete everything you've downloaded. Rootkit scanning. Catalog reset again. Another HJT. Kaspersky Anti-virus is said to have the highest detection rate, try a free trial if there's one.

Your PC's probably screwed though . I'd be slipstreaming SP3 into a new Windows disk and re-installing. Well.. I'd also set up an OOBE of microT and my drivers and stuff, but that's me.

It's much easier to reinstall Windows than to attempt cleaning the system up after a ton of malware.

You do need a much better AV app, though. Norton is near-useless. NOD32 and AVG are better choices.