Plug Posted May 26, 2008 Report Share Posted May 26, 2008 Hi all I've looked about on this Forum and also the rest of the Internet to try and find out why uTorrent keeps freezing. I'm using version 1.7.7 which I believe is the latest version.Everything was alright until my other computer packed in running XP Pro, I bought this custom made PC and I installed Vista Ultimate on it. This entailed upgrading all my software from XP to Vista and a lot of downloading the upgrades from all the sites where my software originated, which is a lot as I've just over 100GB of software installed on my PC. Everything was working fine until I installed uTorrent, uTorrent is always freezing up and when I try to bring a web page up while uTorrent is running in the background the web page that I'm trying to access also freezes too.Any input to this problem will be much appreciated, and thanks in advance for any replies.Regards Plug Link to comment Share on other sites More sharing options...
DreadWingKnight Posted May 26, 2008 Report Share Posted May 26, 2008 Hijackthis log and process explorer process list please Link to comment Share on other sites More sharing options...
nonan Posted May 27, 2008 Report Share Posted May 27, 2008 This is the fix, guys:Patch TCPIP.SYS to raise the half-open limit from 10 to 40, using a free proggie like Event ID 4226 Patcher from www.lvllord.de.Leave uTorrent's settings alone.This actually works, but be careful.It may impede HTTP uploading if you set it too high.Good luck.I'm not sure if this proggie works on Vista, but if it doesn't, you'll still know what to fix. There are other freebie patchers out there. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted May 27, 2008 Report Share Posted May 27, 2008 tcpip.sys patching is not a cureall. Link to comment Share on other sites More sharing options...
Switeck Posted May 27, 2008 Report Share Posted May 27, 2008 Patching TCPIP.SYS may make other networking problems FAR more severe!For troubleshooting problems, it's better to reduce uTorrent's half open rate from the default of 8 down to 1-4.And disable extra features that generate extra traffic ...such as UPnP, DHT, Local Peer Discovery, and Resolve IPs in uTorrent. Link to comment Share on other sites More sharing options...
Plug Posted June 2, 2008 Author Report Share Posted June 2, 2008 Hi I am sorry about the delay in responding to your answers, but I had to do a clean install but the problem still persists. Thanks the replies but I'm not very keen on using patches only as a last resort, below is the highjack this report if someone can make any sense of it. uTorrent works in a fashion as it gives me download speeds of between 550kbs/ps and 650kbs/ps, but it keeps not responding every few seconds that I've got up on the screen. It will download a 700MB file in about half an hour to forty minutes, depending how many are seeding. Which brings me to another problem, since I re-installed my operating system the completed torrents are no longer listed on uTorrent when I start uTorrent up I have to go to the websites to find the torrent to relist them in uTorrent so I can seed them which is a bit of a pain.Regards Plug-----------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:29:26, on 01/06/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\System32\rundll32.exeC:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exeC:\Windows\RtHDVCpl.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Panda Security\Panda Internet Security 2008\apvxdwin.exeC:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exeC:\Program Files\Logitech\QuickCam\Quickcam.exeC:\Program Files\InkSaver\InkSaver.exeC:\Program Files\Thomson\ST330\diagnostics\diagnostics.exeC:\Program Files\TalkTalk\bin\sprtcmd.exeC:\Program Files\Norton Ghost\Agent\VProTray.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\System32\mobsync.exeC:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exeC:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXEC:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exeC:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exeC:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exeC:\Program Files\Internet Explorer\IEUser.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [skytel] Skytel.exeO4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /sO4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hideO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [inkSaver] C:\Program Files\InkSaver\InkSaver.exe hideO4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:enO4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalkO4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenterO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO13 - Gopher Prefix: O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-gb/wlscctrl2.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{7BD7907E-62DB-4DE3-96BB-3AE91DE5B8B9}: NameServer = 62.24.218.50 62.24.218.51O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exeO23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeO23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeO23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exeO23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exeO23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exeO23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrvx86.exeO23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exeO23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXEO23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exeO23 - Service: Panda PSK service (PskSvcRetail) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PskSvc.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: SupportSoft Sprocket Service (TalkTalk) (sprtsvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\TalkTalk\bin\sprtsvc.exeO23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exeO23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exeO23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exeO23 - Service: SupportSoft Repair Service (TalkTalk) (tgsrvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exeO23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exeO23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe--End of file - 10017 bytes Link to comment Share on other sites More sharing options...
Switeck Posted June 2, 2008 Report Share Posted June 2, 2008 File indexers play havoc on uTorrent, as they prevent uTorrent from reading/writing torrents at odd times:O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeI've heard that Panda AV doesn't play nice with uTorrent...nor does almost anything by Norton. Could be trouble?:O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) Link to comment Share on other sites More sharing options...
jewelisheaven Posted June 2, 2008 Report Share Posted June 2, 2008 Ooooh... two possible culprits. Panda doesn't seem to play well on Vista. However to find out what module is the problem may take some time... so if you want to rule it out you can uninstall the whole thing. Then if the crashing still occurs install all of it but turn on only 1 or 2 of those services on at once. . . when you see the problem remanifest you know what did it.The other software which seems to be at fault is the webroot washer or spy sweeper package. Link to comment Share on other sites More sharing options...
Plug Posted June 2, 2008 Author Report Share Posted June 2, 2008 Thanks guysI had a feeling about:O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeWhich I usually disable anyway but I've disabled it now, you both mention Panda I've been using Panda for the last 4 years both on XP Pro and now on Vista. I never had any problems on XP over the past 4 years and I've got Panda configured for uTorrent as it is now on Vista.You also mention Spy Sweeper, does the same apply to CCleaner because that cleans just as good as Spy Sweeper.How does Zone Alarm handle with uTorrent as I used that before Panda?As for the:O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)A search in the registry showed it intact, and just for good measure I ran SFC /SCANNOW on my computer and everything came back clear. The above is an extension file in the registry and intact to do with Internet Explorer7, I'll go to the Microsoft website to see if there is a tool to check IE7.And thanks again for the advice. Regards Plug Link to comment Share on other sites More sharing options...
Firon Posted June 2, 2008 Report Share Posted June 2, 2008 Zone Alarm is even worse than Panda, as not only will it cause weird problems, it often crashes the entire computer with a blue screen of death. Also, Panda works perfectly fine on XP... But it does not on Vista, and works even worse with SP1. THis only applies to the firewall; I think the AV part should work fine.Spy Sweeper should not cause any issues, no need to remove it. Link to comment Share on other sites More sharing options...
Plug Posted June 4, 2008 Author Report Share Posted June 4, 2008 Thanks for the input there Firon, but by the sound of things which ever Internet Security System one chooses they are going to have these problems by the look of things.I have tried another torrent downloader who's name starts with an "A", I don't want to get banned for using what maybe a trade name hence the "A" will suffice. But that downloaded torrents from its own website at the rate of 5 to 700kbs/ps, but would not recognise other torrents and no freezing; and that's with my setup now.I guess I'll have to read all the FAQ and the Search like DreadWingNight pointed out underneath my initial post, so thanks again for the input I'll get it sorted eventually.Regards Plug Link to comment Share on other sites More sharing options...
DreadWingKnight Posted June 4, 2008 Report Share Posted June 4, 2008 Thanks for the input there Firon, but by the sound of things which ever Internet Security System one chooses they are going to have these problems by the look of things.The side-effect of big businesses only caring about lining their own pockets.I guess I'll have to read all the FAQ and the Search like DreadWingNight pointed out underneath my initial post, so thanks again for the input I'll get it sorted eventually.What is it with people thinking that signatures are part of forum posts? Link to comment Share on other sites More sharing options...
wastedgnome Posted June 8, 2008 Report Share Posted June 8, 2008 hey guys,i've been having this problem after upgrading to vista as well. i had no idea what the problem was, but was suspicious of vista since utorrent has always worked well for me under winxp.i'm now thinking that it might be the inbuilt vista indexing service that's causing problems? i've just disabled it on my two utorrent folders and hopefully i'll see an improvement. that said, vista asked me if i wanted to disable indexing on all files and subfolders.my query is whether or not the files themselves are flagged as being non indexed, or if it is just the location in which they are stored. if the files themselves carry the attribute then that could be quite annoying - i'd rather only have the two specified folders not being indexed. Link to comment Share on other sites More sharing options...
gem88 Posted July 2, 2008 Report Share Posted July 2, 2008 hi!i used highjack this software. please tell me if i need to remove anything. thanksLogfile of Trend Micro HijackThis v2.0.2Scan saved at 2:39:17 PM, on 7/2/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\WINDOWS\444.470C:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\portsv.exeC:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Canon\CAL\CALMAIN.exeC:\WINDOWS\system32\uoyzsydz.exeC:\WINDOWS\Explorer.EXEC:\Documents and Settings\All Users\Application Data\wlwrsbit\stijwlsz.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Digital Media Reader\readericon45G.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\CyberLink\PCM4Everio\EverioService.exeC:\WINDOWS\System32\Rundll32.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\SightSpeed\SightSpeed.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\WINDOWS\system32\xwfotgfo.exeC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\BigFix\bigfix.exeC:\Program Files\Olympus\DeviceDetector\DevDtct2.exeC:\Program Files\Google\Google Updater\GoogleUpdater.exeC:\Program Files\Nikon\PictureProject\NkbMonitor.exeC:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exeC:\Program Files\Skype\Plugin Manager\skypePM.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Owner\Desktop\HiJackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def … .yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\uoyzsydz.exe,O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)O2 - BHO: 459849 helper - {2839B753-1D7A-4C28-8F8D-86CEFFE5F205} - (no file)O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)O2 - BHO: (no name) - {305FFA8A-BFDF-4F15-87D9-12901374B1F9} - C:\WINDOWS\system32\qoMgGwwx.dll (file missing)O2 - BHO: (no name) - {467faeb2-5f5b-4c81-bae0-2a4752ca7f4e} - (no file)O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLLO2 - BHO: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: (no name) - {5876E289-BF90-4F90-02D7-037EA8E41BE8} - C:\Documents and Settings\All Users\Application Data\dscdb\ApiChkSh.dllO2 - BHO: (no name) - {587dbf2d-9145-4c9e-92c2-1f953da73773} - (no file)O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: (no name) - {6cc1c91a-ae8b-4373-a5b4-28ba1851e39a} - (no file)O2 - BHO: (no name) - {79369d5c-2903-4b7a-ade2-d5e0dee14d24} - (no file)O2 - BHO: (no name) - {799a370d-5993-4887-9df7-0a4756a77d00} - (no file)O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)O2 - BHO: (no name) - {a55581dc-2cdb-4089-8878-71a080b22342} - (no file)O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dllO2 - BHO: (no name) - {ACED1C9F-2718-4512-9F69-F4E28C1F484F} - C:\WINDOWS\system32\yayvUKcy.dll (file missing)O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dllO2 - BHO: InlineSearchHandleHotKey - {B6FFE2AE-4D12-451F-B457-FE6125FFB1CF} - C:\Program Files\IEForge\Inline Search\InlineSearch.dllO2 - BHO: (no name) - {b847676d-72ac-4393-bfff-43a1eb979352} - (no file)O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)O2 - BHO: (no name) - {bf3f9e3d-b202-d690-1f1d-7d27f3160e6c} - (no file)O2 - BHO: targetedbanner browser optimizer - {cb4f59ee-82bd-db44-a534-5100ac0dae10} - C:\WINDOWS\system32\mnwixakzwkkma.dllO2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dllO3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLLO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exeO4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXEO4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hideO4 - HKLM\..\Run: [bearFlix] "C:\Program Files\BearFlix\BearFlix.exe" /pauseO4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPFO4 - HKLM\..\Run: [AntispyStorm] C:\Program Files\AntispyStorm\AntispyStorm.exeO4 - HKLM\..\Run: [{238bfbd3-95f2-a4d5-3289-a6a3fe5f35ed}] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\mnwixakzwkkma.dll" DllStartO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [sightSpeed] C:\Program Files\SightSpeed\SightSpeed.exe -minimizedO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0O4 - HKCU\..\Run: [sijhwpta] C:\WINDOWS\system32\ubmdajcv.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKCU\..\Run: [jqgsxyui] C:\WINDOWS\system32\xwfotgfo.exeO4 - HKLM\..\Policies\Explorer\Run: [MGpbg7DnFU] C:\Documents and Settings\All Users\Application Data\wlwrsbit\stijwlsz.exeO4 - HKUS\S-1-5-18\..\Run: [Power2GoExpress] NA (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exeO4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exeO4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exeO4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exeO8 - Extra context menu item: &Search - ?p=ZKfox000(2)O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Share … mCtl32.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - Winlogon Notify: yayvUKcy - yayvUKcy.dll (file missing)O21 - SSODL: ShAdm - {1907D505-02D8-8784-C6F8-0385CD0093D2} - C:\Program Files\qadyysb\ShAdm.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINDOWS\444.470.exe (file missing)O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Plug and Play (RPC) (PlugPlayRPC) - Unknown owner - C:\WINDOWS\portsv.exeO23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe--End of file - 13661 bytesplease help me thanks Link to comment Share on other sites More sharing options...
Firon Posted July 2, 2008 Report Share Posted July 2, 2008 uoyzsydz.exe is malware. You've got other malware on your system. I suggest reinstalling Windows. Link to comment Share on other sites More sharing options...
jewelisheaven Posted July 2, 2008 Report Share Posted July 2, 2008 Trying to figure out HOW your system got as bad as it is .. would be a good thing to do before reinstalling so you can ascertain whether you need to fully repatch yourself to SP3, or just don't use IE, or add on all those browser toolbars... Link to comment Share on other sites More sharing options...
gem88 Posted July 3, 2008 Report Share Posted July 3, 2008 i downloaded utorrent and downloaded adobe photoshop, sony vegas and ulead. when they were done i open the setup of adobe then there were pop ups all of a sudden. however, i installed norton in my computer and it said that it removed viruses and cookies. do u think my comp is okay nw? my computer is now slow though. anyway, i don't have to reinstall my comp, like its my last resort. maybe i can still remove all the malware using highjackthis. please tell me all the things that i have to remove. thank you so much. Link to comment Share on other sites More sharing options...
Switeck Posted July 3, 2008 Report Share Posted July 3, 2008 Even an expert would probably be extremely hard-pressed to get all the bad crap off your system now. And standard antivirus software is almost guaranteed to miss something.You really need to re-read the Announcement above your first post in this forum...then edit your post/s. Link to comment Share on other sites More sharing options...
GTHK Posted July 3, 2008 Report Share Posted July 3, 2008 Norton = crap.You can try the expert route, or if you can get to a clean system connect the drive externally and scan it. Disable unnecessary start up items after scanning, reset the Winsock catalog. Spybot again as well as adaware. Don't run/copy anything off of it :/. Delete everything you've downloaded. Rootkit scanning. Catalog reset again. Another HJT. Kaspersky Anti-virus is said to have the highest detection rate, try a free trial if there's one.Your PC's probably screwed though . I'd be slipstreaming SP3 into a new Windows disk and re-installing. Well.. I'd also set up an OOBE of microT and my drivers and stuff, but that's me. Link to comment Share on other sites More sharing options...
Firon Posted July 3, 2008 Report Share Posted July 3, 2008 It's much easier to reinstall Windows than to attempt cleaning the system up after a ton of malware.You do need a much better AV app, though. Norton is near-useless. NOD32 and AVG are better choices. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.