red eyed jedi Posted July 12, 2008 Report Share Posted July 12, 2008 I have looked around the forum and have not seen a post similar to my problemI can click the shortcut and start utorrentit appears in the quick launch toolbarbut then nothing...i cant access the programwindows task manager says its running but wont shut it downi have tried to uninstall it in regular and in safe mode with no lucki have tried to download a new/er version again to no availany help would be greatly appreciated...as I have exhausted my ability to solve the problem edit: works now....i went thru safe mode again and deleted the utorrent.exe file and then rebooted and dloaded again and it seems to be working fineedit: spoke too soon..it has crashed...the program sits there and will not be shut down or accessedhere is my log file from hijack thisPlatform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\system32\npkcmsvc.exeC:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\MsPMSPSv.exeC:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exeC:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\Program Files\Microsoft Windows OneCare Live\winss.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Windows Live\Messenger\usnsvc.exeC:\Program Files\uTorrent1\uTorrent.exeE:\torrents\utorrent.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\Explorer.exeC:\Program Files\Microsoft Windows OneCare Live\winssnotify.exeC:\Program Files\Apoint2K\Apoint.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Windows Live\Messenger\MsnMsgr.ExeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Apoint2K\Apntex.exeC:\WINDOWS\system32\conime.exeC:\Program Files\uTorrent1\uTorrent.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\freecell.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeF2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\WinSit.exeO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dllO3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dllO4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exeO4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Paddy\OctoshapeClient.exe" -inv:bootrunO4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1O4 - S-1-5-18 Startup: EzButton System.lnk = C:\Program Files\EzButton System V1.0\EzButton.exe (User 'SYSTEM')O4 - .DEFAULT Startup: EzButton System.lnk = C:\Program Files\EzButton System V1.0\EzButton.exe (User 'Default user')O4 - .DEFAULT User Startup: EzButton System.lnk = C:\Program Files\EzButton System V1.0\EzButton.exe (User 'Default user')O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO14 - IERESET.INF: START_PAGE_URL=http://www.averatec.comO15 - Trusted Zone: http://*.scfirstbank.comO15 - Trusted Zone: *.teacher.co.krO15 - Trusted Zone: *.unitel.co.krO15 - Trusted Zone: *.weppy.comO15 - Trusted Zone: *.cssoft.co.kr (HKLM)O15 - ESC Trusted Zone: http://*.update.microsoft.comO16 - DPF: {042D97DD-E197-411A-8298-6EE85F1C1421} (mkdsfwCtrl Class) - http://ahnlabdownload.nefficient.co.kr/asp/cab/mkdsfw.cabO16 - DPF: {04E7BADF-F3B9-420D-B82D-8D8CADEFE4F9} (CyImage2Ctl Class) - http://cyimg7.cyworld.com/ImageUpload/CyImageUpload_10217.cabO16 - DPF: {1545689F-FB2C-4941-B7B5-FE21D1F789E7} (TrustSite 1.0 Control) - http://img.telec.co.kr/file/trustsitex/trustsitex.cabO16 - DPF: {15AECD82-DA7D-4EC5-B57F-ED578D84C3F9} (DaumFileControl Control) - http://file.daum.net/down/DaumFile.cabO16 - DPF: {270EC7A6-4096-469B-865C-F9678A2C742B} (EasyPayX Control) - http://www.payzone.co.kr/EasyPayX/EasyPayX.cabO16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://www.siren24.com/initech/plugin/INIS60.cabO16 - DPF: {32D94A9F-9A18-4E12-863D-8AABA8CBDA78} (NateOnMMSAtx3 Class) - http://sms.nate.com/NateOnMMS_AX3.cabO16 - DPF: {39461460-2552-4D51-A062-3AB6A7B902E9} (INISAFE Updater Control) - http://ib.scfirstbank.com/shttp/install/down/INIS70.cabO16 - DPF: {3979FE3D-721E-45B7-8745-6963C2010994} (MView Control) - http://www.cybermed.co.kr/~distribution/MView.cabO16 - DPF: {39FC0CF9-86F3-4502-B773-D16706EDEC83} (SCSK Control) - http://www.allcredit.co.kr/acs/webdrm/scwebsc.cabO16 - DPF: {3A90D051-E921-4741-8288-D1B6747A8A51} (Yessign5 Control) - http://www.giro.or.kr/html/yessign/cab/yessign5.cabO16 - DPF: {3B56E5F0-7B20-48BF-B439-A995BE5191EF} (SessionControl Control) - http://pib.wooribank.com/com/common/SessionControl.cabO16 - DPF: {3C36DCBE-5CDF-4C35-9D0B-4A1882B2EB0A} (AllatPayREAtl Class) - https://tx.allatpay.com/component/AllatPayRE.cabO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/drakken/us/win/QuickTimeInstaller.exeO16 - DPF: {49EDFB5E-40A6-4364-937E-933611E372CE} (EggEditor 1.0 for GMarket) - http://www.gmarket.co.kr/gmarket_webzine/guide_management/ActiveX/egg_install_v24.cabO16 - DPF: {4C68DACE-E6BC-4650-9C7E-D036720CA729} (Nps Control) - http://image.gmarket.co.kr/tools/tyscan/nps.cabO16 - DPF: {522560A7-0619-4E5E-B877-EEDD9BD11005} (DCFrontCtl Class) - http://www.snaps.co.kr/ActiveX_Cal/DCFront.cabO16 - DPF: {5472320C-BE8F-4584-9D8A-0EB86C83BE3A} (FileUploadOkFoto Control) - http://www5.okfoto.co.kr/_Control/FileUploadOKFoto.cabO16 - DPF: {5CA5E00D-80A8-475A-BF08-816FD56DBC38} (KTCtrl Class) - http://support.kornet.net/sw5/order/Speed/cab/KTSpeedNewCtrl.cabO16 - DPF: {5D9446DB-E849-4B95-9872-D0C21343ABF0} (MAWizard Class) - http://www.csafer.net/ActiveX/MASetupWizard.cabO16 - DPF: {5DF3C1E9-2757-4E94-BE24-7C9F0B3AD1A1} (ImageEditor Class) - https://login.unitel.co.kr/iplug/download_imgeditor.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cabO16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} (AhnASP Control) - http://ahnlabdownload.nefficient.co.kr/asp/cab/AhnASP.cabO16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} (XecureCKKB Class) - http://ck.softforum.co.kr/keypro/2.2.0.46/CKKeyPro.cabO16 - DPF: {6FE760D3-7851-4879-8838-62D9881D7177} (IniMasHandler Class) - http://emailweb.sktelecom.com/inimas/autocontroll/IniMasPlugin.cabO16 - DPF: {7876A60C-6116-4AD9-B0EE-C53A06C08747} (IPCheckerX Control) - http://203.248.245.161:8080/ftth/ftth/popup/IPCheckerX.cabO16 - DPF: {7C65E65F-5ACA-409E-9D44-79AD833919F8} (ExpressViewer Class) - http://download.softforum.co.kr/XecureExpressI/xei_install.cabO16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - http://download.softforum.co.kr/Published/XecureWeb/v7.2.1.2/xw_install.cabO16 - DPF: {858033B9-13BC-4DFE-B62A-78E1FAA0DFD7} (MABugsDownload Control) - http://www.csafer.net/activex/mabugsdownload.cabO16 - DPF: {8B92E3B3-6D67-48A3-9B7D-5983396A2D48} (Wk_setup Control) - http://www.wonderking.co.kr/gamestart/wk_setup.cabO16 - DPF: {8DC067B8-911D-473A-90F1-1171B887CDE0} (CyImage Class) - http://cyimg7.cyworld.com/ImageUpload/CyPictureU1.cab?20080604O16 - DPF: {90375875-5035-452F-857D-7BCCD1596468} (inlineparser Class) - https://login.unitel.co.kr/iplug/inline_atl1025.cabO16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/activex/dmcc2.cab?Version=1,0,0,10O16 - DPF: {9DEFEDFC-8193-4BE6-AA60-B6375AB7C8BE} (Launcher Class) - http://patch.mnet.com/NaverMusic/ActiveX/naverx.cabO16 - DPF: {9FC84F7D-D177-4A75-A7BB-429DA5BD0A3E} (SG_CAppAtx Control) - O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://kings.nefficient.co.kr/kings/kdfx/kdfx305/kdfense8.cabO16 - DPF: {A9F090E5-FC80-4772-AFEE-D102AB6E77D6} (IssacWebProCMS Class) - http://pgdownload.lgdacom.net/dacom/IssacWebProCMS_4_2_6_8_DACOM.cabO16 - DPF: {AB14AFC3-7AFB-403E-8ABF-8966E0FD360D} (DnsChangeX Control) - http://203.248.245.161:8080/ftth/ftth/popup/DnsChangeX.cabO16 - DPF: {B44935A0-2D44-4699-A8E8-0450C2A80A95} (ActiveLoader27 Control) - http://www.imory.co.kr/ActiveX/photo/ActiveLoader27.cabO16 - DPF: {BBB0FC2D-1D95-45CA-BDCF-03B53F247FCC} (EwsLoader Class) - O16 - DPF: {BCEF5CDE-BAD4-4532-A30B-9D16D502DE69} (BugsInstallEx Control) - http://install.bugs.co.kr/install/BugsInstallerEx.cabO16 - DPF: {C1143E84-B2B1-473B-9F20-E62DD754FCAF} (VineTransfer Control) - http://ib.scfirstbank.com/ko_KR_new/infovine/VineTransfer.cabO16 - DPF: {C6B3F6E0-5FB5-465B-B93D-D555AB912DCD} (EzTransWebCtl Control) - http://www.cssoft.co.kr/plugin/trans.cabO16 - DPF: {C7C7225A-9476-47AC-B0B0-FF3B79D55E67} (ZTransferX Control) - http://www.kotsa.or.kr/OZViewer/ZTransferX.cabO16 - DPF: {C854C4D1-ED53-4B1F-AA45-783B3CF3315C} (DacomUpload Control) - http://program.webhard.co.kr/Plus/active_upload2/DacomUpload.cabO16 - DPF: {C958BCD3-2C8A-432D-92B8-632EE672ACFD} (fmplay Class) - http://dl.sayclub.com/sayclub/sayctl/sayradioplayer.cabO16 - DPF: {D0E0AE91-4B4A-4377-9FC4-FBA240471FB1} (NWebPhotoManager) - http://upphoto.cafe.naver.com/object/NPhotoUploadEdit.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {D394A972-332C-4E37-9955-5F412F25F0BB} (LauchExplorer Control) - http://www5.okfoto.co.kr/_Control/LauchExplorer_v110.cabO16 - DPF: {D572CD64-9310-4712-8FFC-A4F9DC9D4AC1} (QbicUpdate Control) - http://qbic.hanafos.com/component/QbicUpdate.CABO16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cabO16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://update.nprotect.net/keycrypt/kftc/npkcx_vista.cabO16 - DPF: {D912AABC-6CB0-416F-85B6-CABBB86FD558} (INIwallet60 Control) - https://plugin.inicis.com/wallet60/INIwallet60.cabO16 - DPF: {D96D2F74-0B74-47D2-964F-B67E9F69F1CD} (CongnamulMap4Asp Control) - http://www.congnamul.com/ActiveX/Release/ASP/CongnamulMap4Asp_V29.cabO16 - DPF: {DDE6FED7-88AB-405B-9D77-FD4CDA8B9EB5} (Qbic Control) - http://qbic.hanafos.com/component/Qbic.CABO16 - DPF: {E0BF7A2B-2F7C-497A-B50F-292D3F317965} (CongnamulMap Control) - http://www.congnamul.com/ActiveX/Release/Congnamul/CongnamulMap_V21.cabO16 - DPF: {E1B7661A-C067-4C2D-87D4-37F6A08349D7} (Uploader Class) - https://login.unitel.co.kr/iplug/WebFtpUp1024.cabO16 - DPF: {E3FA6DAA-04BF-4AEF-9612-341B2B7A25FC} (Payplus Client Control) - http://pay.kcp.co.kr/plugin/file/payplus.cabO16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} (KvpIspCtlD Control) - https://www.vpay.co.kr/kvpfiles/KVPISPCTLD.cabO16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} (SKCommAX Control) - https://nid.naver.com/XP/SKCommAX.cabO16 - DPF: {F0563593-97BE-4621-9D89-A096B605A542} (mkd25iniCtrl Class) - http://ahnlabdownload.nefficient.co.kr/asp/cab/mkd25ini.cabO16 - DPF: {F6E7ECCE-6E60-4681-8D9B-4BBC12A07110} (GWallCtrl Class) - http://www.gmarket.co.kr/challenge/neo_goods/dlls/GWall_1800_Vista/GWall.cabO16 - DPF: {FF700A33-E570-4947-9C09-92E50449B547} (WebPriSKTelecom Control) - http://emailweb.sktelecom.com/webprint/WebPri_SKTelecom.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{DD559715-EE6E-4947-8B74-DBFA48FE6496}: NameServer = 61.41.153.2,203.248.252.2O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLLO18 - Protocol: s-http - {D37E6C5F-1C0F-47C0-A3B6-403EEC555402} - C:\Program Files\INITECH\SHTTP\InitechSHTTPInterface.10113.dllO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exeO23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcmsvc.exeO23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exeO23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe Link to comment Share on other sites More sharing options...
Firon Posted July 12, 2008 Report Share Posted July 12, 2008 Two AV apps is just asking for trouble. Uninstall Norton, then run the Norton Removal Tool (since the uninstall fails). http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.