TrickTrash Posted June 21, 2008 Report Posted June 21, 2008 I've seen this post http://forum.utorrent.com/viewtopic.php?id=41726 that covers the same ground.I only get this with utorrent. It doesn't matter what stress I put the system under with other apps [such as Orthos or TAT, or Crysis\CoD 4] I can't recreate it; it only happens after a few minutes of utorrent.PROCESS EXPLORER LOG:Process PID CPU Description Company NameSystem Idle Process 0 77.69 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 2.31 smss.exe 1268 Windows NT Session Manager Microsoft Corporation csrss.exe 1520 Client Server Runtime Process Microsoft Corporation winlogon.exe 1792 Windows NT Logon Application Microsoft Corporation services.exe 1868 3.08 Services and Controller app Microsoft Corporation ati2evxx.exe 424 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 436 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 540 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 704 Generic Host Process for Win32 Services Microsoft Corporation snarfer.exe 2140 Snarfer 1.0.2 Snarfware LLC svchost.exe 816 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 996 Generic Host Process for Win32 Services Microsoft Corporation vsmon.exe 1040 TrueVector Service Zone Labs, LLC spoolsv.exe 1396 Spooler SubSystem App Microsoft Corporation guard.exe 880 AVG Anti-Spyware guard GRISOFT s.r.o. ekrn.exe 1020 Eset Service ESET sp_rsser.exe 1556 Spyware Terminator Realtime Shield Service Crawler.com alg.exe 2992 Application Layer Gateway Service Microsoft Corporation svchost.exe 2216 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 2616 Generic Host Process for Win32 Services Microsoft Corporation lsass.exe 1880 LSA Shell (Export Version) Microsoft Corporation ati2evxx.exe 908 ATI External Event Utility EXE Module ATI Technologies Inc.explorer.exe 1412 Windows Explorer Microsoft Corporation NetMeter.exe 3240 type32.exe 3356 Type32.exe Microsoft Corporation avgas.exe 3640 AVG Anti-Spyware GRISOFT s.r.o. SpywareTerminatorShield.Exe 3748 Spyware Terminator Realtime Shield Crawler.com egui.exe 3800 Eset GUI ESET zlclient.exe 808 ZoneAlarm Client Zone Labs, LLC mantispm.exe 3212 Spam Filter Mmm.exe 3224 ATnotes.exe 3376 ATnotes Thomas Ascher ctfmon.exe 1844 CTF Loader Microsoft Corporation te.exe 3492 Acesoft Automate.exe 4048 AutoMate Task Service Unisyn Software, LLC removeit.exe 3784 Perfy.exe 4068 Performance Monitor Jan G.P. Sijm taskmgr.exe 2024 Windows TaskManager Microsoft Corporation xplorer2_UC.exe 728 x2 - explorer replacement ZabKat qtracker.exe 1012 Qtracker Ronald E. Mercer pg2.exe 948 PeerGuardian 2 Methlabs procexp.exe 1984 3.08 Sysinternals Process Explorer Sysinternals - www.sysinternals.comfirefox.exe 2248 Firefox Mozilla CorporationuTorrent.exe 2796 13.85 Process: uTorrent.exe Pid: 2796Name Description Company Name VersionADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.5512AMNT.dll AutoMate Action and Trigger Support Library Unisyn Software, LLC 4.03.0000.0004CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0700COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.5512comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.5512COMRes.dll Microsoft Corporation 2001.12.4414.0700ctype.nls DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.5512GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.5512hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.5512kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.5512locale.nls mlfhook.dll Spam Filter Hook 5.00.0006.8903MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.5512mslbui.dll LangageBar Add In Microsoft Corporation 5.01.2600.5512msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.5512mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.5512ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.5512ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.5512oleaut32.dll Microsoft Corporation 5.01.2600.5512rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.5512RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.5512Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.5512SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.5512SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.5512SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.5512sortkey.nls sorttbls.nls unicode.nls USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.5512uTorrent.exe uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.5512VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.5512winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.5512WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.5512WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.5512WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.5512wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.5512HIJACKTHIS LOGLogfile of Trend Micro HijackThis v2.0.2Scan saved at 17:48:56, on 20/06/08Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exed:\Program Files\AVG Anti-Spyware\guard.exeD:\Program Files\ESET\Antivirus\ekrn.exeC:\Program Files\Spyware Terminator\sp_rsser.exeD:\Program Files\NetMeter\NetMeter.exeC:\Program Files\Microsoft IntelliType Pro\type32.exeD:\Program Files\AVG Anti-Spyware\avgas.exeC:\Program Files\Spyware Terminator\SpywareTerminatorShield.exeD:\Program Files\ESET\Antivirus\egui.exeD:\Program Files\ZoneAlarm\zlclient.exeD:\Program Files\Mmm\Mmm.exeD:\Program Files\ATnotes\ATnotes.exeC:\WINDOWS\system32\ctfmon.exeD:\Program Files\Tracks Eraser Pro\te.exeD:\Program Files\AutoMate\Automate.exeD:\Program Files\Perfy\Perfy.exeC:\WINDOWS\system32\taskmgr.exeD:\Program Files\xplorer2\xplorer2_UC.exeC:\WINDOWS\system32\svchost.exed:\Program Files\ZoneAlarm\MailFrontier\mantispm.exeC:\WINDOWS\System32\svchost.exeD:\Program Files\Qtracker\qtracker.exeD:\Program Files\Mozilla\Firefox\firefox.exeD:\Program Files\Snarfer\snarfer.exeD:\Program Files\PeerGuardian\pg2.exeC:\Program Files\uTorrent\uTorrent.exeC:\WINDOWS\system32\NOTEPAD.EXED:\Program Files\HijackThis\HijackThis.exeD:\Program Files\HijackReader\HijackReader.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.bt.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.bt.yahoo.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;2R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dllR3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - (no file)O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dllO2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dllO2 - BHO: CKeyScramblerBHO Object - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - D:\Program Files\KeyScrambler\KeyScramblerIE.dllO2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dllO2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - C:\Program Files\McAfee\Anti-Phishing Filter\McAfeeAntiPhishingBHO.dllO2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - D:\Program Files\Desktop Sidebar\sbhelp.dllO2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - d:\Program Files\SpywareGuard\dlprotect.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot\SDHelper.dllO2 - BHO: jZip Webmail plugin - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - d:\Program Files\jZip\WebmailPlugin.dllO2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Roboform\roboform.dllO2 - BHO: IconixBHOClass Class - {761233B6-F228-49E4-8F6B-668499D4E55A} - d:\Program Files\Iconix eMail ID\IEAddOn\IconixBHO_32.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\bin\ssv.dllO2 - BHO: SecureBrowsingBho Helper - {7632ABCA-B104-4fbc-9C70-419C4147061B} - d:\Program Files\Finjan Secure Browsing\bho.dllO2 - BHO: NXIECatcher Class - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - d:\Program Files\NetXfer\NXIEHelper.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: tyBit Browser Helper Class - {AC56597E-E7A9-4F2E-B829-8872DCCCD488} - d:\Program Files\tyBit Unified Search\tyBit.Browser.Helper.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dllO2 - BHO: IEPlugin Class - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - d:\Program Files\Advanced System Optimizer\IEHelper.dllO2 - BHO: GooglePreviewIE Toolbar Helper - {D476B977-AF6C-481A-8472-2ABAB5E89F20} - C:\Program Files\GooglePreviewIE Toolbar\v3.2.0.0\GooglePreviewIE_Toolbar.dllO2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dllO2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\PROGRA~1\Star Downloader\SDIEInt.dllO3 - Toolbar: (no name) - {AEC32322-9D72-4C55-A108-33875F07BC03} - (no file)O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dllO3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\SnagIt\SnagItIEAddin.dllO3 - Toolbar: OnShareToolbar 1.0 - {B1A0CB06-2A5F-4D80-AAA2-1B05D78314CC} - (no file)O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: (no name) - -{855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)O3 - Toolbar: (no name) - -{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)O3 - Toolbar: (no name) - -{E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} - (no file)O3 - Toolbar: tyBit Search - {7969FC37-F7A5-468E-A79F-285F64008ECD} - d:\Program Files\tyBit Unified Search\tyBit Bar2_0.dllO3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\Program Files\Veoh\Plugins\reg\VeohToolbar.dllO3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - d:\Program Files\NetXfer\NXToolBar.dllO3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - d:\Program Files\ReGet\iebar.dllO3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - D:\Program Files\Styler\TB\StylerTB.dllO3 - Toolbar: Finjan Secure Browsing - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - d:\Program Files\Finjan Secure Browsing\bho.dllO3 - Toolbar: (no name) - {CB789373-04D5-4ef4-9C16-871463FD0830} - (no file)O3 - Toolbar: (no name) - {3F756BC4-26CB-497E-9409-8F09C1850C80} - (no file)O3 - Toolbar: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - (no file)O3 - Toolbar: (no name) - {2977A961-7304-49C3-9BA5-C957E5277A76} - (no file)O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dllO3 - Toolbar: (no name) - {3E7609CA-FEAE-4204-88AE-68EEB7B077A3} - (no file)O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Roboform\roboform.dllO4 - HKLM\..\Run: [NetMeter] "D:\Program Files\NetMeter\NetMeter.exe"O4 - HKLM\..\Run: [Type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"O4 - HKLM\..\Run: [bootSkin Startup Jobs] "D:\Program Files\BootSkin\BootSkin.exe" /StartupJobsO4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\AVG Anti-Spyware\avgas.exe" /minimizedO4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\Antivirus\egui.exe" /hide /waitserviceO4 - HKLM\..\Run: [ZoneAlarm Client] "d:\Program Files\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKCU\..\Run: [Mmm] "D:\Program Files\Mmm\Mmm.exe"O4 - HKCU\..\Run: [ATnotes] "D:\Program Files\ATnotes\ATnotes.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Tracks Eraser Pro] D:\Program Files\Tracks Eraser Pro\te.exe minO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [sSS7] "D:\Program Files\Steganos Security Suite\SSS7.exe" -firstboot (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [sSS7] "D:\Program Files\Steganos Security Suite\SSS7.exe" -firstboot (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [sSS7] "D:\Program Files\Steganos Security Suite\SSS7.exe" -firstboot (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [sSS7] "D:\Program Files\Steganos Security Suite\SSS7.exe" -firstboot (User 'Default user')O4 - Startup: Perfy.lnk = D:\Program Files\Perfy\Perfy.exeO4 - Startup: Task Manager.lnk = ?O4 - Startup: xplorer2.lnk = ?O4 - Global Startup: AutoMate.lnk = D:\Program Files\AutoMate\Automate.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htmO8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htmO8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htmO8 - Extra context menu item: &Get file size - res://d:\Program Files\InternetFileSize\IFSIEMenuStub.dll/201O8 - Extra context menu item: &ieSpell Options - res://d:\Program Files\IESpell\iespell.dll/SPELLOPTION.HTMO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: Check &Spelling - res://d:\Program Files\IESpell\iespell.dll/SPELLCHECK.HTMO8 - Extra context menu item: Customize Menu - file://D:\Program Files\Roboform\RoboFormComCustomizeIEMenu.htmlO8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\Program Files\Common Files\ReGet Shared\CC_Link.htmO8 - Extra context menu item: Download A&ll by ReGet Deluxe - C:\Program Files\Common Files\ReGet Shared\CC_All.htmO8 - Extra context menu item: Download All Files by HiDownload - d:\Program Files\HiDownload\HDGetAll.htmO8 - Extra context menu item: Download by HiDownload - d:\Program Files\HiDownload\HDGet.htmO8 - Extra context menu item: Download with Star Downloader - D:\Program Files\Star Downloader\sdie.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://d:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Enqueue in Star Downloader - D:\Program Files\Star Downloader\sdieenq.htmO8 - Extra context menu item: Fill Forms - file://D:\Program Files\Roboform\RoboFormComFillForms.htmlO8 - Extra context menu item: Leech with Star Downloader - D:\Program Files\Star Downloader\leechie.htmO8 - Extra context menu item: Lookup on Merriam Webster - file://d:\Program Files\IESpell\Merriam Webster.HTMO8 - Extra context menu item: Lookup on Wikipedia - file://d:\Program Files\IESpell\wikipedia.HTMO8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?8fa0e486e93e42a08987b429fd252e7cO8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?8fa0e486e93e42a08987b429fd252e7cO8 - Extra context menu item: RoboForm Toolbar - file://D:\Program Files\Roboform\RoboFormComShowToolbar.htmlO8 - Extra context menu item: Save Forms - file://D:\Program Files\Roboform\RoboFormComSavePass.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\bin\ssv.dllO9 - Extra button: Insert Fun Smiley into Email - {08F64E75-0A83-4214-B06F-BCC11F652582} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Program Files\Desktop Sidebar\sbhelp.dllO9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - D:\Program Files\Desktop Sidebar\sbhelp.dllO9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - d:\Program Files\IESpell\iespell.dllO9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - d:\Program Files\IESpell\iespell.dllO9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - d:\Program Files\IESpell\iespell.dllO9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - d:\Program Files\IESpell\iespell.dllO9 - Extra button: Spy - {16664849-0E00-11D2-8059-000000000000} - C:\Program Files\Common Files\ReGet Shared\Catcher.dllO9 - Extra 'Tools' menuitem: MSIE &Spy - {16664849-0E00-11D2-8059-000000000000} - C:\Program Files\Common Files\ReGet Shared\Catcher.dllO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Roboform\RoboFormComFillForms.htmlO9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Roboform\RoboFormComFillForms.htmlO9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Roboform\RoboFormComSavePass.htmlO9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Roboform\RoboFormComSavePass.htmlO9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra button: Desktop Currency Converter - {38C06FA6-BF6E-479a-9F32-494E09FC30CB} - D:\Program Files\Currency Converter\Desktop Currency Converter.exeO9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\Program Files\McAfee\Anti-Phishing Filter\McAfeeAntiPhishingBHO.dllO9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:\Program Files\McAfee\Anti-Phishing Filter\McAfeeAntiPhishingBHO.dllO9 - Extra button: (no name) - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - d:\Program Files\Iconix eMail ID\IEAddOn\IconixBHO_32.dllO9 - Extra 'Tools' menuitem: Email ID Preferences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - d:\Program Files\Iconix eMail ID\IEAddOn\IconixBHO_32.dllO9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - d:\Program Files\Paltalk\Paltalk.exeO9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - D:\Program Files\KeyScrambler\KeyScramblerIE.dllO9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - D:\Program Files\KeyScrambler\KeyScramblerIE.dllO9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Roboform\RoboFormComShowToolbar.htmlO9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Roboform\RoboFormComShowToolbar.htmlO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - d:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - d:\Program Files\Iconix eMail ID\IEAddOn\IconixBHO_32.dllO9 - Extra 'Tools' menuitem: About Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - d:\Program Files\Iconix eMail ID\IEAddOn\IconixBHO_32.dllO9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\Program Files\ICQ\ICQ6\ICQ.exeO9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\Program Files\ICQ\ICQ6\ICQ.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{CF94F5FB-0B7E-4FE0-9F56-72B3C275453D}: NameServer = 194.72.0.114,194.74.65.69O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dllO23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exeO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - d:\Program Files\AVG Anti-Spyware\guard.exeO23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exeO23 - Service: Bonjour Service - Apple Computer, Inc. - d:\Program Files\Gizmo\mDNSResponder.exeO23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exeO23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\Antivirus\ekrn.exeO23 - Service: Flexcrypt - Unknown owner - D:\Program Files\Flexcrypt\TProxy.exeO23 - Service: Folder Size (FolderSize) - Brio - D:\Program Files\FolderSize\FolderSizeSvc.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero 7\Nero 7\InCD\InCDsrv.exeO23 - Service: Kaspersky AVP Tool 7.0.0.180_05.03.2008_01-17 - Unknown owner - D:\Program Files\Kaspersky Lab Tool\Kaspersky AVP Tool 7.0.0.180_05.03.2008_01-17.exe (file missing)O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exeO23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exeO23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeO23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exeO23 - Service: NMSAccessU - Unknown owner - d:\Program Files\CDBurnerXP\NMSAccessU.exeO23 - Service: PDEngine - Raxco Software, Inc. - d:\Program Files\PerfectDisk\PDEngine.exeO23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - d:\Program Files\PerfectDisk\PDSched.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exeO23 - Service: Trend Micro RUBotted Service (RUBotted) - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exeO23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - d:\Program Files\SiSoftware\Sandra\Win32\RpcDataSrv.exeO23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - d:\Program Files\SiSoftware\Sandra\RpcSandraSrv.exeO23 - Service: ScsiAccess - Unknown owner - d:\Program Files\ProShowGold\ScsiAccess.exeO23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exeO23 - Service: Steganos Live Encryption Engine 8.1 [service] (SLEE_81_SERVICE) - Unknown owner - C:\WINDOWS\system32\SLEE81.exeO23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exeO23 - Service: Streamload Service (StreamloadService) - Streamload - D:\Program Files\MediaMax XL\StreamloadService.exeO23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeO23 - Service: BT Auto Backup Service (VaultClientSRV) - Unknown owner - d:\Program Files\BT Auto Backup\VaultClientSRV.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exeO23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPcservice.exe--End of file - 22453 bytesI've investigated every item in the HijackThis log and can account for all of them. [i used HijackReader to check everything on CastleCops] I've since removed a couple of leftover entries, without affect.I have XP Pro SP3, with all the latest security updates. NOD32 updated to today. And many other security apps that I run daily.I don't believe for a moment that this is anything to do with failing hardware. This system is mostly a new build and I can't recreate the event with any other software.Nothing useful in the Event logs from the crash.I'd appreciate any help you might be able to give; this is my favorite torrent app.Thank you
jewelisheaven Posted June 21, 2008 Report Posted June 21, 2008 Automater is injected, same with that spam filter thing.... neither should cause it but you never know.Did you uninstall ZA to test if it's causing the problems?Are you using wifi or USB to connect to your internet?... got enough browser toolbars?!
Firon Posted June 21, 2008 Report Posted June 21, 2008 It's probably Zone Alarm. ZA is known to crash systems when put under stress by P2P apps (because it's that buggy...)
TrickTrash Posted June 21, 2008 Author Report Posted June 21, 2008 LOL jewelisheaven! I have road-tested a lot of browser toolbars, but I hardly use IE, so I don't worry about it. [though you're right, of course, I should get rid of some of them]As for ZA guys; why would it suddenly start causing this? I'd been happily using the app for ages with the current setup and haven't updated ZA recently.I appreciate your replies I only posted the HijackThis and the ProcessExplorer since the guys who are looking at this needed it, but I know every item in these logs and have used them all for ages. Including ZA; does anyone have any other ideas? I do need to do a clean install and will also try it without ZA.Thanks chaps
jewelisheaven Posted June 21, 2008 Report Posted June 21, 2008 Hmm... ZA updates in the background, like all programs these days, doesn't it?First try without ZA (completely uninstall it) to see. If that doesn't solve the problem more poking is required.
TrickTrash Posted June 21, 2008 Author Report Posted June 21, 2008 I've got auto update turned off ATM with ZA; I'll give your suggestions a go; thank you!___________________________________________________________________________Following on form this, I recreated the conditions to see more details about the error number and got a BSOD again, but this time the error was a Bad Pool Caller error; does that make any sense to anyone?Thank you
Recommended Posts
Archived
This topic is now archived and is closed to further replies.