Jump to content

utorrent and outlook and windows become zombie


jackrobinson

Recommended Posts

I sent similar message before but can't see it posted...

After many hours of being away from home I come back to discover that outlook 2003 is stuck during send/receive. i then attempt to kill both and gui exits but process continue to be un-killable. windows won't shut down and then only sollution is to hard poweroff pc.

Can someone please help?

Logs below (no .dmp exists).

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:40:44, on 17/03/2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Babylon\Babylon-Pro\Babylon.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe

C:\WINDOWS\rdr_1259267535.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\allSnap\allSnap.exe

C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe

D:\MY DOCUMENTS\TEMP\PROCEXP.EXE

D:\My Documents\Portable\USBDeview 1.43 Portable\USBDeview.exe

C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe

C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Mozilla Firefox\firefox.exe

D:\My Documents\Temp\HijackThis.exe

D:\MY DOCUMENTS\TEMP\PROCEXP.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot

O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [CPU] C:\WINDOWS\rdr_1259267535.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: allSnap.lnk = C:\Program Files\allSnap\allSnap.exe

O4 - Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe

O4 - Startup: Task Manager.lnk = C:\WINDOWS\system32\taskmgr.exe

O4 - Startup: USB Devices.lnk = D:\My Documents\Portable\USBDeview 1.43 Portable\USBDeview.exe

O4 - User Startup: allSnap.lnk = C:\Program Files\allSnap\allSnap.exe

O4 - User Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe

O4 - User Startup: Task Manager.lnk = C:\WINDOWS\system32\taskmgr.exe

O4 - User Startup: USB Devices.lnk = D:\My Documents\Portable\USBDeview 1.43 Portable\USBDeview.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258072961734

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{2548C880-C8EB-4263-9FC2-65F30B579EEE}: NameServer = 194.90.1.5 212.143.212.143

O17 - HKLM\System\CS1\Services\Tcpip\..\{2548C880-C8EB-4263-9FC2-65F30B579EEE}: NameServer = 194.90.1.5 212.143.212.143

O17 - HKLM\System\CS2\Services\Tcpip\..\{2548C880-C8EB-4263-9FC2-65F30B579EEE}: NameServer = 212.143.212.143 194.90.1.5

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: webserver - Unknown owner - C:\Program Files\webserver\webserver.exe (file missing)

--

End of file - 8336 bytes

Process PID CPU Description Company Name

System Idle Process 0 93.94

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 496 Windows NT Session Manager Microsoft Corporation

csrss.exe 800 Client Server Runtime Process Microsoft Corporation

winlogon.exe 836 Windows NT Logon Application Microsoft Corporation

services.exe 884 1.52 Services and Controller app Microsoft Corporation

ati2evxx.exe 1056 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 1076 Generic Host Process for Win32 Services Microsoft Corporation

LVComSX.exe 1716 LVCom Server Logitech Inc.

COCIManager.exe 2324 Camera Control Interface Logitech Inc.

hpqbam08.exe 3952 HP CUE Alert Popup Window Objects Hewlett-Packard Co.

svchost.exe 1156 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1272 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1384 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1440 Generic Host Process for Win32 Services Microsoft Corporation

vsmon.exe 1504 0.76 TrueVector Service Check Point Software Technologies LTD

ScanningProcess.exe 264 Kaspersky AV Scanner Kaspersky Lab.

ScanningProcess.exe 568 Kaspersky AV Scanner Kaspersky Lab.

spoolsv.exe 396 Spooler SubSystem App Microsoft Corporation

LVPrcSrv.exe 556 Logitech LVPrcSrv Module. Logitech Inc.

svchost.exe 3448 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 3636 Generic Host Process for Win32 Services Microsoft Corporation

jqs.exe 3660 Java Quick Starter Service Sun Microsystems, Inc.

svchost.exe 3736 Generic Host Process for Win32 Services Microsoft Corporation

NMSAccessU.exe 3784

svchost.exe 3868 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 3928 Generic Host Process for Win32 Services Microsoft Corporation

wdfmgr.exe 4008 Windows User Mode Driver Manager Microsoft Corporation

alg.exe 3224 Application Layer Gateway Service Microsoft Corporation

lsass.exe 896 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 1592 ATI External Event Utility EXE Module ATI Technologies Inc.

procexp.exe 2292 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

procexp.exe 1668 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

explorer.exe 1944 Windows Explorer Microsoft Corporation

Communications_Helper.exe 728 Communications Manager Logitech Inc.

QuickCam10.exe 764 Camera Software Logitech Inc.

RTHDCPL.exe 768 Realtek HD Audio Control Panel Realtek Semiconductor Corp.

Babylon.exe 1140 Babylon Information Tool Babylon Ltd.

zlclient.exe 1176 1.52 ZoneAlarm Client Check Point Software Technologies LTD

hpwuSchd2.exe 1460 hpwuSchd Application Hewlett-Packard

jusched.exe 1492 Java Platform SE binary Sun Microsystems, Inc.

ctfmon.exe 1652 CTF Loader Microsoft Corporation

rdr_1259267535.exe 1728

hpqtra08.exe 2980 HP Digital Imaging Monitor Hewlett-Packard Co.

hpqste08.exe 3528 HP CUE Status Root Hewlett-Packard Co.

allSnap.exe 3028 allSnap: makes all windows snap together Ivan Heckman

SnagIt32.exe 3172 SnagIt 8 TechSmith Corporation

TscHelp.exe 3488 TechSmith HTML Help Helper TechSmith Corporation

SnagPriv.exe 4004 SnagIt RPC Helper TechSmith Corporation

procexp.exe 2212 0.76 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

USBDeview.exe 2456 Lists USB Devices NirSoft

Skype.exe 3940 0.76 Skype. Take a deep breath Skype Technologies S.A.

uTorrent.exe 2488 0.76 µTorrent BitTorrent, Inc.

firefox.exe 1372 Firefox Mozilla Corporation

HijackThis.exe 3348 HijackThis Trend Micro Inc.

notepad.exe 196 Notepad Microsoft Corporation

MOM.exe 680 Catalyst Control Center: Monitoring program ATI Technologies Inc.

CCC.exe 2992 Catalyst Control Centre: Host application ATI Technologies Inc.

Process: uTorrent.exe Pid: 2488

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.1.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.1.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.3520

appHelp.dll Application Compatibility Client Library Microsoft Corporation 5.1.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.2

browseui.dll Shell Browser UI Library Microsoft Corporation 6.0.2900.3627

c_1252.nls

Captlib.dll Babylon Information Tool Babylon Ltd. 7.0.0.13

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.2982

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.258

credui.dll Credential Manager User Interface Microsoft Corporation 5.1.2600.2180

CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.2180

CRYPTUI.dll Microsoft Trust UI Provider Microsoft Corporation 5.131.2600.2180

CSCDLL.dll Offline Network Agent Microsoft Corporation 5.1.2600.2180

cscui.dll Client Side Caching UI Microsoft Corporation 5.1.2600.2180

ctype.nls

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.3394

GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.3466

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.1.2600.2180

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.0.6001.18876

IMAGEHLP.dll Windows NT Image Helper Microsoft Corporation 5.1.2600.2180

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.2180

Iphlpapi.dll IP Helper API Microsoft Corporation 5.1.2600.2912

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.1.2600.3541

LINKINFO.dll Windows Volume Tracking Microsoft Corporation 5.1.2600.2751

locale.nls

LPK.DLL Language Pack Microsoft Corporation 5.1.2600.2180

LVPrcInj.dll Camera Helper Library. Logitech Inc. 10.5.1.2027

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.2180

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.3624

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.3319

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.2180

MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.2.3104.0

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.1.2600.3394

netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.3462

NETSHELL.dll Network Connections Shell Microsoft Corporation 5.1.2600.2180

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.0.5441.0

ntdll.dll NT Layer DLL Microsoft Corporation 5.1.2600.3520

ntshrui.dll Shell extensions for sharing Microsoft Corporation 5.1.2600.2180

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.2726

OLEACC.dll Active Accessibility Core Component Microsoft Corporation 4.2.5406.0

oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.2.5406.0

oleaut32.dll Microsoft Corporation 5.1.2600.3266

psapi.dll Process Status Helper Microsoft Corporation 5.1.2600.2180

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.2938

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.3555

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.2161

rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.3592

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.1.2600.2180

shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation 6.0.2900.3627

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.2900.3402

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.2180

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.3653

snap_libW.dll allSnap hook dll Ivan Heckman 1.3.0.5

sortkey.nls

sorttbls.nls

unicode.nls

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 8.0.6001.18876

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.3099

USERENV.dll Userenv Microsoft Corporation 5.1.2600.2180

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.2180

uTorrent.exe µTorrent BitTorrent, Inc. 2.0.0.18488

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.2180

WININET.dll Internet Extensions for Win32 Microsoft Corporation 8.0.6001.18876

WINTRUST.dll Microsoft Trust Verification APIs Microsoft Corporation 5.131.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.2180

xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.1.2600.2180

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...