Jump to content

error: access denied...huh?


blinden2

Recommended Posts

It's your last statement that suggested it was possible :P

If you don't know what could be interfering, you can post log files here to be checked for known software that messes around:

a) get HijackThis from trendsecure.com, run it, view the log, and post the contents here

B) get Process Explorer from sysinternals.com, run it, Ctrl+D (to show the lower DLL pane), select the µTorrent process from the list, Ctrl+S (and save the list somewhere you'll find easily -- like the Desktop), then post the contents of the saved process list in the .txt file here

Link to comment
Share on other sites

okay, here goes

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 7:27:16 PM, on 24/08/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\ATKOSD2\ATKOSD2.exe

C:\Windows\System32\rundll32.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Synaptics\SynTP\SynAsus.exe

C:\Users\blinden\firefox.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/m/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)

O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll

O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1411702796-2128152550-331907264-1001\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'blinden')

O13 - Gopher Prefix:

O20 - AppInit_DLLs: APSHook.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe

O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--

End of file - 4940 bytes

Process PID CPU Description Company Name

System Idle Process 0 98.46

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 568

csrss.exe 644

wininit.exe 696

services.exe 740

svchost.exe 912

asghost.exe 3632 Global Virtual Card Host Cognizance Corporation

ACEngSvr.exe 1392

dllhost.exe 3472 COM Surrogate Microsoft Corporation

svchost.exe 956

nvvsvc.exe 984

rundll32.exe 440

svchost.exe 1012

svchost.exe 1116

audiodg.exe 1232

svchost.exe 1144

wlanext.exe 1660

dwm.exe 3700 1.54 Desktop Window Manager Microsoft Corporation

svchost.exe 1156

taskeng.exe 1776

taskeng.exe 3600 Task Scheduler Engine Microsoft Corporation

svchost.exe 1252

SLsvc.exe 1268

svchost.exe 1312

svchost.exe 1480

AsLdrSrv.exe 1616

HControl.exe 2092

ATKOSD.exe 4088

KBFiltr.exe 1356

WDC.exe 1876

MsgTranAgt.exe 2564

BatteryLife.exe 2720

ACMON.exe 3260

ASPG.exe 2516

GFNEXSrv.exe 1628

spoolsv.exe 1784

svchost.exe 1820

agrsmsvc.exe 1576

svchost.exe 600

btwdins.exe 2060

LSSrvc.exe 2112

svchost.exe 2152

spmgr.exe 2176

svchost.exe 2220

svchost.exe 2264

SearchIndexer.exe 2344

xcommsvr.exe 2420

livesrv.exe 2480

vsserv.exe 2508

svchost.exe 2788

lsass.exe 752

lsm.exe 764

csrss.exe 708

winlogon.exe 1416

explorer.exe 3728 Windows Explorer Microsoft Corporation

ATKOSD2.exe 4064 ATKOSD2

rundll32.exe 2168 Windows host process (Rundll32) Microsoft Corporation

RtHDVCpl.exe 2472 HD Audio Control Panel Realtek Semiconductor

SynTPEnh.exe 1056 Synaptics TouchPad Enhancements Synaptics, Inc.

SynAsus.exe 2740 Asus Custom PlugIn Application Synaptics, Inc.

SynTPHelper.exe 2704

bdagent.exe 2708 BitDefender Agent BitDefender S.R.L.

sidebar.exe 1284 Windows Sidebar Microsoft Corporation

firefox.exe 3308 Firefox Mozilla Corporation

procexp.exe 2300 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

uTorrent.exe 2984

Process: uTorrent.exe Pid: 2984

Name Description Company Name Version

actxprxy.dll ActiveX Interface Marshaling Library Microsoft Corporation 6.00.6001.18000

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.00.6001.18000

apphelp.dll Application Compatibility Client Library Microsoft Corporation 6.00.6001.18000

APSHook.dll Application Protection Hook Cognizance Corporation 2.00.0000.0015

browseui.dll Shell Browser UI Library Microsoft Corporation 6.00.6001.18000

CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000

comctl32.dll.mui User Experience Controls Library Microsoft Corporation 6.10.6001.18000

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.6001.18000

cscapi.dll Offline Files Win32 API Microsoft Corporation 6.00.6001.18000

dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.00.6001.18000

dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.00.6001.18000

DNSAPI.dll DNS Client API DLL Microsoft Corporation 6.00.6001.18000

DUser.dll Windows DirectUser Engine Microsoft Corporation 6.00.6001.18000

duser.dll.mui Windows DirectUser Engine Microsoft Corporation 6.00.6000.16386

dwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation 6.00.6001.18000

FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.00.6001.18000

GDI32.dll GDI Client DLL Microsoft Corporation 6.00.6001.18023

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6001.18000

imageres.dll Windows Image Resource Microsoft Corporation 6.00.6000.16386

imageres.dll.mui Windows Image Resource Microsoft Corporation 6.00.6000.16386

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.00.6001.18000

index.dat

index.dat

index.dat

Iphlpapi.dll IP Helper API Microsoft Corporation 6.00.6001.18000

ItClient.dll SSO Hook Module Cognizance Corporation 2.01.0000.0102

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.00.6001.18000

locale.nls

locale.nls

LPK.DLL Language Pack Microsoft Corporation 6.00.6001.18000

MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.00.6001.18000

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.6001.18000

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.00.6001.18000

napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.00.6001.18000

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 6.00.6001.18000

NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.00.6001.18000

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.00.6000.16386

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.00.6001.18000

ntdll.dll NT Layer DLL Microsoft Corporation 6.00.6001.18000

NTMARTA.DLL Windows NT MARTA provider Microsoft Corporation 6.00.6001.18000

ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.00.6001.18000

OLEACC.dll Active Accessibility Core Component Microsoft Corporation 4.02.5406.0000

oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.02.5406.0000

OLEAUT32.dll Microsoft Corporation 6.00.6001.18000

pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.00.6001.18000

PROPSYS.dll Microsoft Property System Microsoft Corporation 6.00.6001.18000

PSAPI.DLL Process Status Helper Microsoft Corporation 6.00.6000.16386

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.00.6000.16386

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.00.6001.18051

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.00.6001.18000

SAMLIB.dll SAM Library DLL Microsoft Corporation 6.00.6001.18000

Secur32.dll Security Support Provider Interface Microsoft Corporation 6.00.6001.18000

SETUPAPI.dll Windows Setup API Microsoft Corporation 6.00.6001.18000

shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation 6.00.6001.18000

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.6001.18062

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.6001.18000

slc.dll Software Licensing Client Dll Microsoft Corporation 6.00.6001.18000

SXS.DLL Fusion 2.5 Microsoft Corporation 6.00.6001.18000

tiptsf.dll Tablet PC Input Panel Text Services Framework Microsoft Corporation 6.00.6001.18000

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.00.6001.18099

USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000

user32.dll.mui Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000

USERENV.dll Userenv Microsoft Corporation 6.00.6001.18000

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000

uTorrent.exe

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.6001.18000

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.00.6001.18000

WindowsCodecs.dll Microsoft Windows Codecs Library Microsoft Corporation 6.00.6001.18000

WININET.dll Internet Extensions for Win32 Microsoft Corporation 7.00.6001.18099

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.00.6001.18000

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.00.6000.16386

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.00.6001.18000

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.00.6001.18000

wshbth.dll Windows Sockets Helper DLL Microsoft Corporation 6.00.6000.16386

wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.00.6001.18000

hope this is what ur asking for

Link to comment
Share on other sites

APSHook.dll Application Protection Hook Cognizance Corporation 2.00.0000.0015

Any idea what that's from?

More importantly, it's been suggested to other users that the Vista search indexer can lock files, try disabling it for a bit to test. Also, did you have Symantec anti-virus crap installed at one point? It looks like there's some garbage data left over, a clean up tool is available from them for cleaning up Norton.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...