add me to the list of slow downloads

Picking14u · August 21, 2008

I am a newbie... and have read thru way too may of these post.. its making my head spin.... i have been running for about 6 months.. and have been getting up to 600 kb/s download.. and keeping my uploads at about 30 kb/s as that seems to be the speed that allows me to get that upload.. anything more or less effects the download speed alot.. and since the upgrade ( done automatically ) my download speeds have dropped to about 150-200 kb/s i did the download test with ( OOo_2.4.1_Win32Intel_install_en-US.exe.torrent ) and got my almost 700 kb/s but all the rest have been low i am usually downloading around 30 downloads...

it also lags in the actual program, when i click something , alot of times its taking about 5-10 seconds to respond, and i rarely ever had that problem before, i have the dreaded wrt54g modem... and have paid for the port forwarding program

I have also been having the problem with the red, yellow and green for the connections.. i am getting a negative on the port being opened, but will sometimes get the green check.. i checked to make sure my ISP isn't getting throttled, and it isn't..

I am not very computer swave.. so reading thru a lot of the post is difficult, trying to figure out what i need to do , and what i don't.

I appreciate any help, and i also uninstalled the utorrent and re downloaded the program.. which cost me some long running files i would appreciate help with that also... i tried the making a new folder on my desktop and having it autoload, but it didn't work.. so i must have done something wrong.. they already have the UT! at the end.

thelittlefire · August 21, 2008

The actual GUI lag is probably due to some http://utorrent.com/faq.php#Incompatible_software installed Can you run the Process Explorer and HiJackThis programs mentioned at the bottom of the sticky "if you have speed problems" at the index of this forum and paste the logfiles here?

You can recover the torrents you already downloaded data for with http://utorrent.com/migration_guide.php as long as you still have the torrents. On your old folder see if you still have them?

Picking14u · August 21, 2008

Computer Amd turion GHz 1.75 GB

microsoft windows xp 2002 service pack 2

Time Warner cable modem

speed test 5967 KB/S download , upload 481 kb/s)

# Try testing a torrent from OpenOffice.org, Slackware Linux, or Ubuntu Linux? (If any of them run quickly, then the problems you're experiencing likely lie only with the swarm) DID THIS, SPEED WAS AT 700 KB/S the 2nd time i ran it.. my max speed is around 70kb/s with bandwith 47 max upload rate, 94000 number of connections, 40 max connected per peers, 4 upload slotsy gls

* ISP not being throttled, tested by glasnot

* I did the Amd anthon x64 upgrade also ( seemed to help some )

* Error! Port 51272 does not appear to be open.

* upload limit 30 , upload slots 4 , connections per torrent 440, connections ( global ) 33464, max active torrents 75, Max Active downloads 75

* max halfopen 4

* avg anti - virus

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:12:58 PM, on 8/20/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\PROGRA~1\AVG\AVG8\avgfws8.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\PROGRA~1\AVG\AVG8\avgam.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\RTHDCPL.EXE

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\DOCUME~1\Admin\LOCALS~1\Temp\RtkBtMnt.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Teleca Shared\Generic.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\Documents and Settings\Admin\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com

O1 - Hosts: 127.255.255.255 www.alcohol-soft.com

O1 - Hosts: 127.255.255.255 images.alcohol-soft.com

O1 - Hosts: 66.98.148.65 auto.search.msn.com

O1 - Hosts: 66.98.148.65 auto.search.msn.es

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - {06E12C36-760F-4D92-8509-5E5DBF12C423} - (no file)

O2 - BHO: {e228b9a4-4e13-81b8-f184-adabea020dc1} - {1cd020ae-bada-481f-8b18-31e44a9b822e} - (no file)

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: (no name) - {D20BF29C-5417-451F-BABF-A372ED0AEF07} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{F05E33C0-1FA2-4291-BC78-1ADB25FF8673}: NameServer = 66.75.160.63,66.75.160.64

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O20 - Winlogon Notify: wvUoonMD - wvUoonMD.dll (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--

End of file - 7589 bytes

thelittlefire · August 21, 2008

You were infected with something... wvUoonMD.dll doesn't belong in winlogon.

What happens when you remove Yahoo Toolbar? You didn't run Process Explorer did you? Could you add/edit that logfile to the rest of the thread?

ghot · August 21, 2008

Bro you are infected with about 15 things !!! namely allthose browser hijacker/addons things you have runnin...here what a good HJT log looks like

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\\vptray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.09\RivaTuner.exe" /S

O4 - HKLM\..\Run: [snoopFreeUI] SnoopFreeUI.exe

O4 - HKCU\..\Run: [EVEREST AutoStart] C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204223668625

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe

O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe

O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Picking14u · August 21, 2008

Process PID CPU Description Company Name

System Idle Process 0 97.69

Interrupts n/a Hardware Interrupts

DPCs n/a 0.77 Deferred Procedure Calls

System 4

smss.exe 1156 Windows NT Session Manager Microsoft Corporation

csrss.exe 1260 Client Server Runtime Process Microsoft Corporation

winlogon.exe 1292 Windows NT Logon Application Microsoft Corporation

services.exe 1380 0.77 Services and Controller app Microsoft Corporation

ati2evxx.exe 1608 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 1624 Generic Host Process for Win32 Services Microsoft Corporation

ehmsas.exe 3236 Media Center Media Status Aggregator Service Microsoft Corporation

svchost.exe 1716 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1768 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1864 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1952 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 512 Spooler SubSystem App Microsoft Corporation

AppleMobileDeviceService.exe 752 Apple Mobile Device Service Apple Inc.

avgwdsvc.exe 788 AVG Watchdog Service AVG Technologies CZ, s.r.o.

avgam.exe 3384 AVG Alert Manager AVG Technologies CZ, s.r.o.

avgrsx.exe 3456 AVG Resident Shield Service AVG Technologies CZ, s.r.o.

avgnsx.exe 3560 AVG Network scanner Service AVG Technologies CZ, s.r.o.

avgfws8.exe 828 AVG Firewall Service AVG Technologies CZ, s.r.o.

mDNSResponder.exe 876 Bonjour Service Apple Inc.

ehRecvr.exe 1036 Media Center Receiver Service Microsoft Corporation

ehSched.exe 1668 Media Center Scheduler Service Microsoft Corporation

jqs.exe 312 Java Quick Starter Service Sun Microsystems, Inc.

HPZipm12.exe 1248 PML Driver HP

StarWindService.exe 1840 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software

avgemc.exe 3988 AVG E-Mail Scanner AVG Technologies CZ, s.r.o.

dllhost.exe 1020 COM Surrogate Microsoft Corporation

alg.exe 2304 Application Layer Gateway Service Microsoft Corporation

svchost.exe 4088 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 3688 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 1404 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 472 ATI External Event Utility EXE Module ATI Technologies Inc.

explorer.exe 2268 Windows Explorer Microsoft Corporation

ehtray.exe 2584 Media Center Tray Applet Microsoft Corporation

RTHDCPL.exe 784 Realtek HD Audio Control Panel Realtek Semiconductor Corp.

RtkBtMnt.exe 1580 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp.

avgtray.exe 2056 AVG Tray Monitor AVG Technologies CZ, s.r.o.

jusched.exe 2064 Java Platform SE binary Sun Microsystems, Inc.

ctfmon.exe 2100 CTF Loader Microsoft Corporation

firefox.exe 2588 Firefox Mozilla Corporation

procexp.exe 4804 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

ConvertXtoDvd.exe 3672 ConvertXtoDVD transcoder VSO Software SARL

uTorrent.exe 5368 0.77 µTorrent BitTorrent, Inc.

MOM.exe 3896 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.

CCC.exe 1788 Catalyst Control Centre: Host application ATI Technologies Inc.

notepad.exe 3488 Notepad Microsoft Corporation

Process: uTorrent.exe Pid: 5368

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180

apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.01.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000

avgrsstx.dll AVG Resident Shield Starter AVG Technologies CZ, s.r.o. 8.00.0000.0134

c_936.nls

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.0258

credui.dll Credential Manager User Interface Microsoft Corporation 5.01.2600.2180

ctype.nls

DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3394

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3316

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180

ieframe.dll Internet Explorer Microsoft Corporation 7.00.6000.16705

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6000.16705

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180

Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119

locale.nls

mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 1.00.0004.0012

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.3319

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180

msi.dll Windows Installer Microsoft Corporation 3.01.4000.4039

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3394

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976

NETSHELL.dll Network Connections Shell Microsoft Corporation 5.01.2600.2180

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726

oleaut32.dll Microsoft Corporation 5.01.2600.3266

PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241

shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.2180

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3354

sortkey.nls

sorttbls.nls

SXS.DLL Fusion 2.5 Microsoft Corporation 5.01.2600.3019

unicode.nls

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.00.6000.16705

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099

uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0000.11813

UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180

xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.01.2600.2180

ghot · August 21, 2008

Bro do this.....run Hijack this again and then click save log and save it to your desktop....notepad will immediately open select all and the copy.....then go here http://hjt.networktechs.com/ and post your HJT log in the big white box.......anything that shows up FIRE_ENGINE RED after you hit the "parse" button...get rid of it in HJT the program....then u'll have at least a fighting chance

You have more tool bars than a hardware store bro...lose em....lose anything that is fire engine red also.

ESPECIALLY those 02 BHO's that say "no name" they just plain infections !!

Toorent programs are designed to use 90% of your bandwidth all those 02 BHO's are just hurtin you ^^

Personally Id lose windows messenger too...at BEST its MS spyware lite lol

Heres another GREAT site for protecting your HOSTS file

http://www.mvps.org/winhelp2002/hosts.htm

and go here and run thier online scan http://www.pandasecurity.com/homeusers/solutions/activescan/?sitepanda=particulares

Picking14u · August 22, 2008

ok, did some cleaning up and here are my latest specs

also not sure if this could be a problem...

Checking port 51272 on 75.84.137.88.

my dns is 66.75.160.63 can this be causing my problem? and if so how do i change it

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 1:00:28 PM, on 8/22/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe

C:\DOCUME~1\Admin\LOCALS~1\Temp\RtkBtMnt.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\Juno\bin\juno.exe

C:\Documents and Settings\Admin\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet