Jump to content

Pc freezes using utorrent


simon1905

Recommended Posts

Posted

Hi all. I am getting the same problem a lot of other people are getting on here. I have been using utorrent about 2 years now with no problems then all of a sudden about 2 weeks ago when I run utorrent between 5 minutes or an hour later my PC freezes. All I can do is unplug it from the mains the restart it again. After trying to sort this out and looking round on your forum I decided to format the pc.With only windows xp home back on it and updated by windows update and Norton 360 back on it I then install utorrent then run it but it still freezes after a while. When using my pc without utorrent running there is no problem. Has any body got any idea's what is causing this if I have only got xp and Norton installed, Have looked in event viewer but no problems showing up at that time. I have tried utorrent on my laptop which has Norton 360 running on it and it is fine. Any help would be greatly appreciated.

P4 /1 GB ram /3 GHz

Thank you Simon

Posted

Norton is considered "problematic" when it comes to file-sharing in general.

But that may not be the only reason you're having problems.

Have you run HijackThis! and Process Explorer and looked for possible incompatible software for uTorrent? (as well as malware typical antivirus software misses.)

Have you run Speed Guide (CTRL+G) and set your settings based on your max UPLOAD speed?

(Note: Download is often much higher and people mistakenly use download, overloading their connection because of it!)

Posted

Thank you for replying.I downloaded Process Explorer and Hijackthis and got this:Sorry but it does not mean a thing to me.

Process PID CPU Description Company Name

System Idle Process 0 97.73

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 728 Windows NT Session Manager Microsoft Corporation

csrss.exe 788 Client Server Runtime Process Microsoft Corporation

winlogon.exe 832 Windows NT Logon Application Microsoft Corporation

services.exe 876 0.76 Services and Controller app Microsoft Corporation

ati2evxx.exe 1044 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 1076 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1128 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1188 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1304 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1392 Generic Host Process for Win32 Services Microsoft Corporation

ccSvcHst.exe 1648 Symantec Service Framework Symantec Corporation

AppSvc32.exe 1964 Symantec Application Core Service Symantec Corporation

spoolsv.exe 360 Spooler SubSystem App Microsoft Corporation

AluSchedulerSvc.exe 1148 Automatic LiveUpdate Scheduler Service Symantec Corporation

ccSvcHst.exe 768 Symantec Service Framework Symantec Corporation

HidService.exe 1276

VProSvc.exe 1420 Service Module Symantec Corporation

NPROTECT.EXE 1664 Norton Protection Status Symantec Corporation

slserv.exe 1588 User-Level Modem Service

NOPDB.exe 1940 NOPDB Symantec Corporation

alg.exe 2704 Application Layer Gateway Service Microsoft Corporation

symlcsvc.exe 2736 Symantec Core Component Symantec Corporation

svchost.exe 3188 Generic Host Process for Win32 Services Microsoft Corporation

msiexec.exe 3652 Windows® installer Microsoft Corporation

OSE.EXE 1916 Office Source Engine Microsoft Corporation

svchost.exe 536 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 888 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 1328 ATI External Event Utility EXE Module ATI Technologies Inc.

explorer.exe 1772 Windows Explorer Microsoft Corporation

jusched.exe 324

SOUNDMAN.EXE 380 Realtek Sound Manager Realtek Semiconductor Corp.

ALCWZRD.EXE 580 RealTek AlcWzrd Application RealTek Semicoductor Corp.

ccApp.exe 748 Symantec User Session Symantec Corporation

NSRTray.exe 1460 Tray Application Symantec Corporation

ctfmon.exe 1468 CTF Loader Microsoft Corporation

utility.exe 1564 WLANSTAT CONFIGURATION UTILITY Belkin

uTorrent.exe 3104

procexp.exe 2548 1.52 Sysinternals Process Explorer Sysinternals

Process: uTorrent.exe Pid: 3104

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.0258

ctype.nls

DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.2938

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3159

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180

Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119

locale.nls

LPK.DLL Language Pack Microsoft Corporation 5.01.2600.2180

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.2180

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.2180

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726

oleaut32.dll Microsoft Corporation 5.01.2600.3139

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3231

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.2180

uTorrent.exe

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180

Logfile of HijackThis v1.99.1

Scan saved at 22:05:07, on 10/01/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\PROGRA~1\NORTON~1\NSR\Agent\VProSvc.exe

C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe

C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE

C:\WINDOWS\system32\slserv.exe

C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Simon\Desktop\hijackthis_sfx.exe

C:\Program Files\HijackThis\HijackThis.exe

C:\Program Files\uTorrent\uTorrent.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=UK&range=AD&phase=6&key=SEARCH

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\APPS\IE\offline\uk.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://utorrent/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NSRKey] C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [Norton Save and Restore] "C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll

O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Premier\Norton Cleanup\WCQuick.lnk

O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Premier\Norton Cleanup\WCQuick.lnk

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1199826886343

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Norton Save and Restore - Symantec Corporation - C:\PROGRA~1\NORTON~1\NSR\Agent\VProSvc.exe

O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

Posted

You should have a router and/or software firewall ALWAYS active if connected to the internet, so make sure there's not a moment of vulnerability.

(Disconnect the computer from the internet while you reconfigure if need be.)

Posted

Thank you all for you help.I got home completly uninstalled norton and then put AVG on instead.My pc only now has windows xp home(all up to date) and AVG on it and It is still freezing up. Any idea's.This is the results i got:

Process PID CPU Description Company Name

System Idle Process 0 96.92

Interrupts n/a Hardware Interrupts

DPCs n/a 1.54 Deferred Procedure Calls

System 4

smss.exe 660 Windows NT Session Manager Microsoft Corporation

csrss.exe 728 Client Server Runtime Process Microsoft Corporation

winlogon.exe 772 Windows NT Logon Application Microsoft Corporation

services.exe 816 Services and Controller app Microsoft Corporation

ati2evxx.exe 996 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 1016 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1068 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1128 Generic Host Process for Win32 Services Microsoft Corporation

wuauclt.exe 2680 Windows Update Automatic Updates Microsoft Corporation

svchost.exe 1264 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1332 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1640 Spooler SubSystem App Microsoft Corporation

avgamsvr.exe 1808 AVG Alert Manager GRISOFT, s.r.o.

avgupsvc.exe 168 AVG Update Service GRISOFT, s.r.o.

avgemc.exe 256 AVG E-Mail Scanner GRISOFT, s.r.o.

HidService.exe 412

slserv.exe 456 User-Level Modem Service

alg.exe 1964 Application Layer Gateway Service Microsoft Corporation

svchost.exe 2096 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 828 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 1204 ATI External Event Utility EXE Module ATI Technologies Inc.

explorer.exe 2016 Windows Explorer Microsoft Corporation

jusched.exe 1468

SOUNDMAN.EXE 884 Realtek Sound Manager Realtek Semiconductor Corp.

ALCWZRD.EXE 1432 RealTek AlcWzrd Application RealTek Semicoductor Corp.

avgcc.exe 1596 AVG Control Center GRISOFT, s.r.o.

ctfmon.exe 1524 CTF Loader Microsoft Corporation

utility.exe 1996 WLANSTAT CONFIGURATION UTILITY Belkin

uTorrent.exe 3476 0.77

procexp.exe 556 0.77 Sysinternals Process Explorer Sysinternals

Process: uTorrent.exe Pid: 3476

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.0258

ctype.nls

DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.2938

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3159

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180

Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119

locale.nls

LPK.DLL Language Pack Microsoft Corporation 5.01.2600.2180

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.2180

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.2180

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726

oleaut32.dll Microsoft Corporation 5.01.2600.3139

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3231

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.2180

uTorrent.exe

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180

Logfile of HijackThis v1.99.1

Scan saved at 18:22:42, on 11/01/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\WINDOWS\system32\slserv.exe

C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=UK&range=AD&phase=6&key=SEARCH

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\APPS\IE\offline\uk.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://utorrent/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NSRKey] C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1199826886343

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Posted

That is a lean install ;) Nothing in the DLLs list which is good in that uT is not being corrupted from the inside. However it does mean you will have to experiment with what program is coinciding with the problems. I see slserv, hidservice, and utility which may be it...or may not be. If you use msconfig to temporarily disable them running and see if the problem stops.. that will definitely help to finger what is the problem to see if there is a reported incompatibility with the program in general, or a specific function of the program (presumably which mucks with internet packets)... I look forward to your results.

Posted

Multicore PC? Try the affinity solution (http://forum.utorrent.com/viewtopic.php?pid=292244#p292244)

Also, I see some traces of Norton still remain (nothing unexpected there, that's how its crappy uninstaller works). Try running this tool from Symantec (ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe) to make sure all traces of Norton are gone, then reboot and check.

Posted

Hi all again,I have all ready used the norton removal tool but can now see the parts you noticed that still remain on my system.I have manually deleted these now.I have also stopped "slserv, hidservice, and utility". It froze again after about 30 minutes. (If i delete any more stuff of my pc it will have to be the operating system) .Also tryed bitcomet but that is also doing the same.Please any other idea's this is doing my head in. Thankyou all for you help.Simon

Posted

If you are worried about your functionality you can re-enable those 3 services.. in which case you should check out MemTest86 to verify your memory... If it's a PSU problem or connection issue --you're not running splitters between your PSU and your harddrives are you?? Did setting the affinity to either of your hyper-threaded cores affect the freezing? Upon reinspection are you sure you know what O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe is or expect it to run on your system startup? :/ Since you weren't running any other applications at the time and if the affinity doesn't change the freezing, it may indeed be some hardware problem that has cropped up due to normal usage.

Posted

Hi all, I'm giving up,it wins.Formated pc again last night to make sure no norton is still on it. re-installed xp and got it upto date again by windows update.installed AVG antivirus and that is all i have installed.Tried utorrent and bitcomet but they both froze the pc with in an hour.I have no splitter between the psu and harddrive.I have downloaded memtest86 and ran it.There was no errors found on them.Below is the results i just got with hijackthis and processexplorer.I think you may be right now,it's got to be hardware problem.But pc runs fine all other times.Thank you all again for your suggestion.

Process PID CPU Description Company Name

System Idle Process 0 97.01

Interrupts n/a 0.75 Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 652 Windows NT Session Manager Microsoft Corporation

csrss.exe 720 Client Server Runtime Process Microsoft Corporation

winlogon.exe 760 Windows NT Logon Application Microsoft Corporation

services.exe 808 0.75 Services and Controller app Microsoft Corporation

ati2evxx.exe 972 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 992 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1044 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1116 Generic Host Process for Win32 Services Microsoft Corporation

wuauclt.exe 3476 Windows Update Automatic Updates Microsoft Corporation

wscntfy.exe 2392 Windows Security Center Notification App Microsoft Corporation

svchost.exe 1248 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1308 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1616 Spooler SubSystem App Microsoft Corporation

avgamsvr.exe 1928 AVG Alert Manager GRISOFT, s.r.o.

avgupsvc.exe 220 AVG Update Service GRISOFT, s.r.o.

avgemc.exe 344 AVG E-Mail Scanner GRISOFT, s.r.o.

HidService.exe 432

slserv.exe 496 User-Level Modem Service

alg.exe 1904 Application Layer Gateway Service Microsoft Corporation

svchost.exe 2940 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 820 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 1180 ATI External Event Utility EXE Module ATI Technologies Inc.

explorer.exe 1820 Windows Explorer Microsoft Corporation

jusched.exe 1572

avgcc.exe 1692 AVG Control Center GRISOFT, s.r.o.

SOUNDMAN.EXE 1656 Realtek Sound Manager Realtek Semiconductor Corp.

ALCWZRD.EXE 1784 RealTek AlcWzrd Application RealTek Semicoductor Corp.

ctfmon.exe 252 CTF Loader Microsoft Corporation

utility.exe 1164 WLANSTAT CONFIGURATION UTILITY Belkin

iexplore.exe 2816 Internet Explorer Microsoft Corporation

BitComet.exe 2168 0.75 BitComet - a BitTorrent Client www.BitComet.com

procexp.exe 3524 0.75 Sysinternals Process Explorer Sysinternals

Process: BitComet.exe Pid: 2168

Name Description Company Name Version

~DFACBB.tmp

~DFACBB.tmp

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180

appHelp.dll Application Compatibility Client Library Microsoft Corporation 5.01.2600.2180

asycfilt.dll Microsoft Corporation 5.01.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000

BitComet.exe BitComet - a BitTorrent Client www.BitComet.com 0.97.0012.0007

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.0258

CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.2180

CRYPTUI.dll Microsoft Trust UI Provider Microsoft Corporation 5.131.2600.2180

ctype.nls

DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.2938

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3159

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180

ieframe.dll Internet Explorer Microsoft Corporation 7.00.6000.16574

ieframe.dll.mui Internet Explorer Microsoft Corporation 7.00.6000.16414

ieframe.dll.mui Internet Explorer Microsoft Corporation 7.00.6000.16414

iepeers.dll Internet Explorer Peer Objects Microsoft Corporation 7.00.5730.0013

iepeers.dll Internet Explorer Peer Objects Microsoft Corporation 7.00.5730.0013

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6000.16574

IMAGEHLP.dll Windows NT Image Helper Microsoft Corporation 5.01.2600.2180

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180

index.dat

index.dat

index.dat

index.dat

inetcomm.dll Microsoft Internet Messaging API Microsoft Corporation 6.00.2900.3198

inetres.dll Microsoft Internet Messaging API Resources Microsoft Corporation 6.00.2900.2180

iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912

jscript.dll Microsoft ® JScript Microsoft Corporation 5.07.0000.5730

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119

locale.nls

LPK.DLL Language Pack Microsoft Corporation 5.01.2600.2180

mlang.dll Multi Language Support DLL Microsoft Corporation 6.00.2900.2180

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.01.2600.2180

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.2180

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180

mshtml.dll Microsoft ® HTML Viewer Microsoft Corporation 7.00.6000.16587

msimtf.dll Active IMM Server DLL Microsoft Corporation 5.01.2600.2180

msls31.dll Microsoft Line Services library file Microsoft Corporation 3.10.0349.0000

MSOERT2.dll Microsoft Outlook Express RT Lib Microsoft Corporation 6.00.2900.2180

msv1_0.dll Microsoft Authentication Package v1.0 Microsoft Corporation 5.01.2600.2180

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180

MSWSOCK.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.2180

netapi32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.00.5441.0000

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726

OLEAUT32.dll Microsoft Corporation 5.01.2600.3139

oledlg.dll Microsoft Windows OLE 2.0 User Interface Support Microsoft Corporation 5.01.2600.3016

PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938

RASAPI32.dll Remote Access API Microsoft Corporation 5.01.2600.2180

rasman.dll Remote Access Connection Manager Microsoft Corporation 5.01.2600.2180

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.2161

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180

sensapi.dll SENS Connectivity API DLL Microsoft Corporation 5.01.2600.2180

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180

shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation 6.00.2900.3231

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3231

sortkey.nls

sorttbls.nls

SXS.DLL Fusion 2.5 Microsoft Corporation 5.01.2600.3019

TAPI32.dll Microsoft® Windows Telephony API Client DLL Microsoft Corporation 5.01.2600.2180

unicode.nls

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.00.6000.16574

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099

USERENV.dll Userenv Microsoft Corporation 5.01.2600.2180

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.2180

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180

WININET.dll Internet Extensions for Win32 Microsoft Corporation 7.00.6000.16574

WINMM.dll MCI API DLL Microsoft Corporation 5.01.2600.2180

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180

WINSPOOL.DRV Windows Spooler Driver Microsoft Corporation 5.01.2600.2180

WINTRUST.dll Microsoft Trust Verification APIs Microsoft Corporation 5.131.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180

xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.01.2600.2180

Logfile of HijackThis v1.99.1

Scan saved at 19:18:59, on 13/01/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\WINDOWS\system32\slserv.exe

C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\BitComet\BitComet.exe

C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=UK&range=AD&phase=6&key=SEARCH

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\APPS\IE\offline\uk.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1200222661145

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1200225621656

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...