soma137 Posted January 13, 2008 Report Share Posted January 13, 2008 I am using Vista with Avira AntiVir as my anti-virus. For some reason, when I double click uTorrent to start it, nothing shows up. Attempting again tells me it is already running. The process is there, but it cannot be shut off, end task does nothing.Thanks in advance for any help, and here is a HJT log if it is needed.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:23:55 PM, on 1/12/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16575)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exec:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exeC:\Windows\Explorer.EXEC:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\RtHDVCpl.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exeC:\Program Files\Java\jre1.6.0_02\bin\jusched.exeC:\Windows\System32\rundll32.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Windows\ehome\ehtray.exeC:\Windows\ehome\ehmsas.exeC:\Windows\system32\taskeng.exeC:\Program Files\Opera\Opera.exeC:\Users\Nathan Wilson\Desktop\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptopR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dllO2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dllO4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModuleO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exeO4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /minO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /autoO4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exeO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{BA203F29-0957-4786-9733-80F2F3541FFF}: NameServer = 166.102.165.11,166.102.165.13O20 - AppInit_DLLs: APSHook.dllO23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeO23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exeO23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exeO23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exeO23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe--End of file - 7333 bytesEdit: I also forgot to mention that I'm using ZoneAlarm firewall, though I guess it's obvious from the HJT log. I didn't see my firewall or anti-virus listed anywhere in the FAQs as having known issues. Link to comment Share on other sites More sharing options...
jewelisheaven Posted January 13, 2008 Report Share Posted January 13, 2008 Have you tried launching uT from the same path as you expect but append /BRINGTOFRONT to the command line (via shortcut or run or command prompt)? It will affect the window showing, but will not resolve the program's initial state. Are you launching it with any special parameters?ZoneAlarm frequently comes up in the forum as coinciding or being the cause of troubles. But at the same time I believe Ultima was having it coexist peacefully with uT so.. it's (as usual) a configuration dilemma.Going over your HJT, uninstall Roxio's Indexer (that also comes up on here a bit). Also disable the intenet monitor service.. what's it monitoring?Did you install this? O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe Link to comment Share on other sites More sharing options...
soma137 Posted January 13, 2008 Author Report Share Posted January 13, 2008 utorrent.exe/BRINGTOFRONT started up utorrent, but it still didn't show anything. It was stuck in the processes again. I turned off ZA before attempting it.How do I disable Roxio's indexer? Do I simply check "O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" and tell it to fix it?I don't know what the internet monitor service is.I don't think I installed that... what is it exactly? Most websites I've checked (a quick google) say it's a bad thing.I'm very sorry for my lack of knowledge on the HJT stuff, I'm still pretty new to it. Could you explain a bit more on what I need to do? Link to comment Share on other sites More sharing options...
jewelisheaven Posted January 13, 2008 Report Share Posted January 13, 2008 ok... well the flag I gave you shouldn't have started a NEW ut. It should have brought the existing uT to the foreground (i.e. you can play with and click on the main GUI). If it didn't do that then you should definitely clean off extra software.Regarding Roxio.. you should be able to turn off the indexer in the program preferences... To deal with it through windows, start->run->services.msc Then you want to search for RoxMediaDB9 (that should be its title) and right click, stop. Then I would go to properties and disable it for now.You can follow the same process for the other services (we'll start with)[ul][li]O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [li][li]O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe[li][/ul]If you haven't rebooted since this you should still have something if you go: start->run->cmd -> dir "%WINDIR%\SMINST" you can then cd %WINDIR%\SMINST AND del *.* Link to comment Share on other sites More sharing options...
Firon Posted January 13, 2008 Report Share Posted January 13, 2008 Uninstall Zone Alarm, don't just disable it Link to comment Share on other sites More sharing options...
soma137 Posted January 14, 2008 Author Report Share Posted January 14, 2008 Great! I uninstalled Zone Alarm, disabled roxio's indexer, disabled whatever "stllssvr" is, and deleted the SMINST files. It must have been one of those things, because it is working fine now.Thanks so much for your help, both of you.I only have two more things to ask. I did a google on SMINST after following your instructions and deleting the files, and I came up with some results telling me it's used for "PC Angel," a system recovery software. Since I deleted those files, am I no longer able to reformat? (the site was here http://www.neowin.net/forum/index.php?s=a4c19c198afe0ed99af4ca8d1f3e8d39&showtopic=611714&pid=589117344&st=0& )I uninstalled "Phoenix" software on my first laptop thinking it was bloatware, and it turned out to be the XP recovery software. If I just did that again, I think I'll go shoot myself.The second thing was: what firewalls are compatible with uTorrent? I liked Zone Alarm, but I'll go for any firewall that does what it's supposed to do (excludes Windows Firewall). Link to comment Share on other sites More sharing options...
Ultima Posted January 14, 2008 Report Share Posted January 14, 2008 Windows Firewall does what it's supposed to do... At any rate, I've had success using Comodo Firewall with µTorrent. Link to comment Share on other sites More sharing options...
jewelisheaven Posted January 14, 2008 Report Share Posted January 14, 2008 Recovery software?? 2K and above (iirc) includes restore points, sure they can take up to 25% of your hard drive but they are useful... The only "recovery" software is recovery console (which even some power users shy away from)... and your install media. Any OTHER software is unnecessary, IMNSHO.Regarding the firewalls you should check out the software firewalls thread Ultima posted in. If Ultima says "I can do it" you can be assured it does work, but you probably have to finagle some settings. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.