Alex79 Posted March 19, 2008 Report Share Posted March 19, 2008 I didn't want to spam too much info Easier this way or not? Link to comment Share on other sites More sharing options...
DreadWingKnight Posted March 19, 2008 Report Share Posted March 19, 2008 It's VERY annoying trying to handle upload sites for text documents. Link to comment Share on other sites More sharing options...
Alex79 Posted March 19, 2008 Report Share Posted March 19, 2008 Sorry. I'll post them here.Hijack Info:Running processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\BigFix\bigfix.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Grisoft\AVG7\avgcc.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\PC-Checkup\PCCheckUp.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Windows\RtHDVCpl.exeC:\Windows\System32\rundll32.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Windows\System32\rundll32.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exeC:\Program Files\Speeditup Free\SearchDefender.exeC:\Program Files\AIM6\aim6.exeC:\Users\Alex Smith\Program Files\DNA\btdna.exeC:\Program Files\Trillian\trillian.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exeC:\Program Files\AIM6\aolsoftware.exeC:\Program Files\mIRC\mirc.exeC:\sysreset\mirc.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Alex Smith\Program Files\uTorrent\uTorrent.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Windows\system32\SearchFilterHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchgateway.net/searchR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchgateway.net/searchR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_CA&Sys=DTP&M=GT5634HR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_CA&Sys=DTP&M=GT5634HR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_CA&Sys=DTP&M=GT5634HR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search-Google-Gateway.php?sa=Search+Here&client=pub-4642981363251965&forid=1&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A11&q=%sR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO1 - Hosts: ::1 localhostO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [bigFix] c:\program files\Bigfix\bigfix.exe /atstartupO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /autoO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [PC-Checkup] "C:\PC-Checkup\PCCheckUp.exe" -miniO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [skytel] Skytel.exeO4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStartO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKCU\..\Run: [search Defender] "C:\Program Files\Speeditup Free\SearchDefender.exe"O4 - HKCU\..\Run: [speedItUpEX] C:\Program Files\Speeditup Free\SpeedItUp.exe -MINIO4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp /HIDEBLO4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Alex Smith\Program Files\DNA\btdna.exe"O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exeO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exeO9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exeO13 - Gopher Prefix: O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dllO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exeO23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exeO23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exeO23 - Service: WinFtp Server Service (WinFTP Server Service) - Unknown owner - C:\Program Files\WinFtp Server\WFTPSRV.exe (file missing)O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exeProcess Explorer Info:Process PID CPU Description Company NameSystem Idle Process 0 97.02 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 440 csrss.exe 512 csrss.exe 560 wininit.exe 568 services.exe 648 svchost.exe 828 WmiPrvSE.exe 2612 ehmsas.exe 3340 Media Center Media Status Aggregator Service Microsoft Corporation NMIndexStoreSvr.exe 2516 Nero Home Nero AG dllhost.exe 3108 COM Surrogate Microsoft Corporation svchost.exe 888 svchost.exe 932 svchost.exe 1024 audiodg.exe 1144 svchost.exe 1052 WUDFHost.exe 2160 dwm.exe 2956 0.78 Desktop Window Manager Microsoft Corporation svchost.exe 1068 taskeng.exe 1492 taskeng.exe 2400 Task Scheduler Engine Microsoft Corporation SLsvc.exe 1188 svchost.exe 1260 svchost.exe 1420 vsmon.exe 1440 aawservice.exe 1776 spoolsv.exe 1932 svchost.exe 1964 AppleMobileDeviceService.exe 692 avgamsvr.exe 816 avgupsvc.exe 1064 avgrssvc.exe 1308 avgrssvc.exe 1344 avgemc.exe 1400 mDNSResponder.exe 1224 NBService.exe 928 svchost.exe 2004 svchost.exe 1532 ViewpointService.exe 2084 svchost.exe 2100 SearchIndexer.exe 2120 SearchProtocolHost.exe 5012 SearchFilterHost.exe 3040 XAudio.exe 2232 wmpnetwk.exe 2968 NMIndexingService.exe 2360 iPodService.exe 4192 usnsvc.exe 5460 lsass.exe 660 lsm.exe 668 winlogon.exe 608 explorer.exe 2872 0.78 Windows Explorer Microsoft Corporation MSASCui.exe 1588 Windows Defender User Interface Microsoft Corporation bigfix.exe 3124 BigFix Client Application BigFix Inc. zlclient.exe 3524 ZoneAlarm Client Check Point Software Technologies LTD winampa.exe 3596 avgcc.exe 1736 AVG Control Center GRISOFT, s.r.o. jusched.exe 756 Java Platform SE binary Sun Microsystems, Inc. realsched.exe 2456 RealNetworks Scheduler RealNetworks, Inc. PCCheckUp.exe 3572 MicroSmarts LLC. wmpnscfg.exe 2840 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation iTunesHelper.exe 1516 iTunesHelper Module Apple Inc. RtHDVCpl.exe 976 HD Audio Control Panel Realtek Semiconductor rundll32.exe 1740 Windows host process (Rundll32) Microsoft Corporation msnmsgr.exe 3260 Windows Live Messenger Microsoft Corporation ehtray.exe 2836 Media Center Tray Applet Microsoft Corporation NMBgMonitor.exe 4028 Nero Home Nero AG SearchDefender.exe 2780 Defend your IE Search Bar. Search Defender aim6.exe 2812 AIM AOL LLC aolsoftware.exe 4444 AOL AOL LLC btdna.exe 3736 trillian.exe 780 Trillian Cerulean Studios mirc.exe 5888 mIRC mIRC Co. Ltd. mirc.exe 5044 mIRC mIRC Co. Ltd. firefox.exe 5304 Firefox Mozilla Corporation uTorrent.exe 5104 notepad.exe 5504 Notepad Microsoft Corporation cmd.exe 1852 Windows Command Processor Microsoft Corporation conime.exe 2884 Console IME Microsoft Corporation procexp.exe 6112 2.33 Sysinternals Process Explorer Sysinternals - www.sysinternals.comrundll32.exe 3032 Windows host process (Rundll32) Microsoft Corporationnotepad.exe 5544 Notepad Microsoft Corporation Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 19, 2008 Report Share Posted March 19, 2008 Zone Alarm, GDS, Nero Scout...... Incompatible Software c/o FAQ Did you install PCCheckup and SpeeditUp? Link to comment Share on other sites More sharing options...
Alex79 Posted March 19, 2008 Report Share Posted March 19, 2008 Yes I installed those.. I can uninstall them.Edit: What is GDS? Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 19, 2008 Report Share Posted March 19, 2008 Can you edit your post above with the list, to include the DLL list for uTorrent.exe. In Process Explorer, Ctrl-D and click on uTorrent.exe then re-save the logfile.If after you get rid of nero scout and google search and the problem persists you can choose which to uninstall first. But you will need to uninstall each of them (at least temporarily) if the problem still does not go away. Link to comment Share on other sites More sharing options...
josegee Posted March 19, 2008 Report Share Posted March 19, 2008 HIJACK INFOLogfile of Trend Micro HijackThis v2.0.2Scan saved at 9:55:29 AM, on 3/19/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16609)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Grisoft\AVG7\avgcc.exeC:\Program Files\Steam\Steam.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Ventrilo\Ventrilo.exeC:\Program Files\Winamp\winamp.exeC:\Program Files\BearShare\BearShare.exeC:\Program Files\mIRC\mirc.exeC:\Program Files\Steam\GameOverlayUI.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Grisoft\AVG7\avginet.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Windows\system32\SearchFilterHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5662R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5662R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5662R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dllO3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /autoO4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exeO4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silentO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exeO13 - Gopher Prefix: O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dllO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exeO23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe--End of file - 5875 bytesProcess ExplorerProcess PID CPU Description Company NameSystem Idle Process 0 72.45 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 416 csrss.exe 512 wininit.exe 568 services.exe 612 svchost.exe 792 svchost.exe 848 svchost.exe 900 Ati2evxx.exe 936 Ati2evxx.exe 1528 svchost.exe 980 audiodg.exe 1212 svchost.exe 1032 WUDFHost.exe 1616 WUDFHost.exe 2304 dwm.exe 3032 0.77 Desktop Window Manager Microsoft Corporation svchost.exe 1056 taskeng.exe 2544 taskeng.exe 2964 Task Scheduler Engine Microsoft Corporation SLsvc.exe 1244 svchost.exe 1304 svchost.exe 1408 spoolsv.exe 1956 svchost.exe 1980 avgamsvr.exe 1068 avgupsvc.exe 1396 avgrssvc.exe 1812 avgrssvc.exe 268 avgemc.exe 2016 svchost.exe 680 svchost.exe 1452 svchost.exe 1196 SearchIndexer.exe 1716 SearchProtocolHost.exe 6052 SearchFilterHost.exe 5404 XAudio.exe 2060 wmpnetwk.exe 3524 SteamService.exe 3856 vsmon.exe 5372 lsass.exe 624 lsm.exe 636 csrss.exe 580 winlogon.exe 972 explorer.exe 3152 0.39 Windows Explorer Microsoft Corporation avgcc.exe 3368 AVG Control Center GRISOFT, s.r.o. avginet.exe 1432 24.66 AVG Update downloader GRISOFT, s.r.o. Steam.exe 3408 Steam Valve Corporation GameOverlayUI.exe 5236 wmpnscfg.exe 3416 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation Ventrilo.exe 2632 0.39 Ventrilo by Flagship Industries, Inc. winamp.exe 2960 Winamp Nullsoft BearShare.exe 3492 BearShare Free Peers, Inc. mirc.exe 1568 mIRC mIRC Co. Ltd. uTorrent.exe 3564 zlclient.exe 3392 ZoneAlarm Client Check Point Software Technologies LTD firefox.exe 4876 Firefox Mozilla CorporationHijackThis.exe 6000 notepad.exe 2816 procexp.exe 4900 1.54 Sysinternals Process Explorer Sysinternals - www.sysinternals.comand i cant find the dmp either all i see is just the utorrent.exe in my utorrent folder.. kinda odd tho. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted March 19, 2008 Report Share Posted March 19, 2008 You have zonealarm installed. Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 19, 2008 Report Share Posted March 19, 2008 Should clean up those BHOs too:O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dllO3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)After that's done you should post the actual DLL list from Process Explorer (Ctrl-D, click utorrent.exe) as asked in the How-To. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.