ChaosDvS Posted February 21, 2008 Report Share Posted February 21, 2008 Hi, I`ve searched around a bit and still can`t find asolution to my problem. Well kind of.I don`t currently have Nero Scout installed. I tried changing the directory from and to read only (is there now). I`m still getting this message.It seems to work perfectly fine when I disable UAC, but I don`t understand how to fix this problem without having to turn it off, if in fact I can do that.Any suggestions?BTW: I am running Vista Home Premium. Link to comment Share on other sites More sharing options...
jewelisheaven Posted February 21, 2008 Report Share Posted February 21, 2008 ... Changing the WINDOWS permissions to read only means you cant write in uT, so turn that back to normal. Aside from media indexers and media players, search indexers and some resident scanners cause trouble too. Did you see the part at the bottom of the how-to for logs to copy-paste into the thread if you didn't get any leads on a solution on your own? Please switch to DLL mode (Ctrl-D) in process explorer before clicking on utorrent.exe and saving the logfile. Link to comment Share on other sites More sharing options...
ChaosDvS Posted February 22, 2008 Author Report Share Posted February 22, 2008 I'm not certain I follow you on the DLL mode in process explorer.Hope this helps though,my logfile from HiJackThis.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:35:52 AM, on 22/02/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16609)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\system32\Dwm.exeC:\WINDOWS\RtHDVCpl.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\System32\rundll32.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Stardock\CursorFX\CursorFx.exeC:\WINDOWS\ehome\ehtray.exeC:\WINDOWS\System32\rundll32.exeC:\Program Files\Bigfoot Networks\Killer Driver\KillerTray.exeC:\Program Files\Xfire\xfire.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Xfire\xfire.exeC:\PROGRA~1\MOZILL~1\FIREFOX.EXEC:\Windows\system32\taskeng.exeC:\Windows\system32\conime.exeC:\Program Files\Winamp\winamp.exeC:\Program Files\uTorrent\uTorrent.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34343633383026706F3D35343434303241R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/mothershipR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothershipR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO1 - Hosts: 172.31.254.2 mykillernicO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStartO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\winvnc.exe" -servicehelperO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKCU\..\Run: [WindowBlinds] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe autoO4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exeO4 - Global Startup: Launch KillerTray.exe.lnk = ?O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dllO13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cabO23 - Service: Killer Port Manager - Unknown owner - C:\Windows\Bigfoot\PortManager.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeO23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe--End of file - 6400 bytes Link to comment Share on other sites More sharing options...
jewelisheaven Posted February 24, 2008 Report Share Posted February 24, 2008 Killer Driver, Windows Defender, windows search indexer, windows blinds? All those have been reported to not work all the time.Additionally remove Nero Scout (the indexer)... If that doesn't remove the problem, try stopping windows blinds. I don't know waht this bigfoot software is, but it injected into your LSP, so be sure it's legit. Remove multiple entries, ONE is plenty. Link to comment Share on other sites More sharing options...
Ultima Posted February 24, 2008 Report Share Posted February 24, 2008 And then there's this:O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeIt's known to cause "access denied" issues. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.