pc restarts several minutes after i turn on utorrent

[raposeiro]

i dont know what the problem is heres my hijackthis report can you guys please help me out????

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:31:56 AM, on 11/26/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe

C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\NetAssistant\bin\mpbtn.exe

C:\PROGRA~1\AVG\AVG8\avgam.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)

O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [iPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l

O4 - HKLM\..\Run: [iPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [iTPIPSetup] "c:\35c564b6d3be6951c8bc97389afa\setupstb.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S

O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: NetAssistant.lnk = C:\Program Files\NetAssistant\bin\matcli.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing)

O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{DA204304-E041-46B1-9A6E-F41A29BE0BCE}: Domain = sympatico.ca

O17 - HKLM\System\CCS\Services\Tcpip\..\{DA204304-E041-46B1-9A6E-F41A29BE0BCE}: NameServer = 192.168.2.1

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.130 85.255.112.180

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.130 85.255.112.180

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,avgrsstx.dll

O20 - Winlogon Notify: fqpgdrur - fqpgdrur.dll (file missing)

O22 - SharedTaskScheduler: important - {9c87cb31-93d0-4f3e-a360-4a91ff77aeb7} - (no file)

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Print Spooler Service (foaezqaeddu) - Unknown owner - C:\WINDOWS\system32\trwqlhhz.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe (file missing)

O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS

--

End of file - 6870 bytes

[Firon]

Turn off automatic rebooting for BSODs. http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/russel_02may13.mspx

Then you can write down the crash. Make sure minidumps are enabled too.

It also looks like your system was (is?) infected with malware.

O20 - Winlogon Notify: fqpgdrur - fqpgdrur.dll (file missing)

[raposeiro]

yeah i got everything off of my computer. bought a load of new software programs. but my utorrent still keeps crashing but ill try what you said.

hey i did what you said and utorrent stayed open longer but than restarted. and also i wasnt getting blue screen before when i had the box checked but when i unchecked the box i got the blue screen. :( what could be the problem here???? i want utorrent to stay open lol...

<<<<----(((( UPDATE ))))---->>>>

--PROCESS EXPLORER--

Process PID CPU Description Company Name

System Idle Process 0 98.48

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 992 Windows NT Session Manager Microsoft Corporation

csrss.exe 1040 Client Server Runtime Process Microsoft Corporation

winlogon.exe 1080 Windows NT Logon Application Microsoft Corporation

services.exe 1152 Services and Controller app Microsoft Corporation

svchost.exe 1368 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1424 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1624 Generic Host Process for Win32 Services Microsoft Corporation

wuauclt.exe 4064 Windows Update Automatic Updates Microsoft Corporation

svchost.exe 1736 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 2036 Spooler SubSystem App Microsoft Corporation

svchost.exe 688 Generic Host Process for Win32 Services Microsoft Corporation

avgwdsvc.exe 948 AVG Watchdog Service AVG Technologies CZ, s.r.o.

avgam.exe 2364 AVG Alert Manager AVG Technologies CZ, s.r.o.

avgrsx.exe 2384 AVG Resident Shield Service AVG Technologies CZ, s.r.o.

avgnsx.exe 2424 AVG Network scanner Service AVG Technologies CZ, s.r.o.

mscorsvw.exe 1516 .NET Runtime Optimization Service Microsoft Corporation

cmdagent.exe 1696

nvsvc32.exe 804 NVIDIA Driver Helper Service, Version 91.31 NVIDIA Corporation

PRISMXL.SYS 760 PrismXL Service Lanovation

wdfmgr.exe 968 Windows User Mode Driver Manager Microsoft Corporation

avgemc.exe 2864 AVG E-Mail Scanner AVG Technologies CZ, s.r.o.

alg.exe 360 Application Layer Gateway Service Microsoft Corporation

lsass.exe 1200 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 544 Windows Explorer Microsoft Corporation

PRONoMgr.exe 652 PRONotifyMgr Module Intel® Corporation

jusched.exe 680 Java Platform SE binary Sun Microsystems, Inc.

IPClient.exe 836 IP Session Statistics Visual Networks

ipmon32.exe 856 IP Monitor Visual Networks

avgtray.exe 912 AVG Tray Monitor AVG Technologies CZ, s.r.o.

msmsgs.exe 1508 Windows Messenger Microsoft Corporation

LogitechDesktopMessenger.exe 1980 Logitech Desktop Messenger Logitech Inc.

firefox.exe 3612 Firefox Mozilla Corporation

uTorrent.exe 3172 0.76 µTorrent BitTorrent, Inc.

rundll32.exe 888 Run a DLL as an App Microsoft Corporation

mpbtn.exe 1128

procexp.exe 3348 0.76 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: uTorrent.exe Pid: 3172

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000

avgrsstx.dll AVG Resident Shield Starter AVG Technologies CZ, s.r.o. 8.00.0000.0134

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2180

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.0258

credui.dll Credential Manager User Interface Microsoft Corporation 5.01.2600.2180

CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.2180

ctype.nls

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3316

fltlib.dll Filter Library Microsoft Corporation 5.01.2600.2978

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3316

guard32.dll 3.05.55470.0430

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180

Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912

IPHook32.dll System Hook DLL Visual Networks 5.05.0100.0115

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119

locale.nls

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.01.2600.2180

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.2180

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.3462

netshell.dll Network Connections Shell Microsoft Corporation 5.01.2600.2180

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180

NTMARTA.DLL Windows NT MARTA provider Microsoft Corporation 5.01.2600.2180

nview.dll NVIDIA nView Desktop and Window Manager 110.38 NVIDIA Corporation 6.14.0010.11038

nvwddi.dll NVIDIA nView Display Driver Interface Lib, Version 91.31 NVIDIA Corporation 6.14.0010.9131

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726

oleaut32.dll Microsoft Corporation 5.01.2600.3266

PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.2161

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241

shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.2180

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3429

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099

USERENV.dll Userenv Microsoft Corporation 5.01.2600.2180

uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180

WINMM.dll MCI API DLL Microsoft Corporation 5.01.2600.2180

winsta.dll Winstation Library Microsoft Corporation 5.01.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180

wship6.dll IPv6 Helper DLL Microsoft Corporation 5.01.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180

xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.01.2600.2180

[GTHK]

You were supposed to look at the blue screen of death (BSOD) message. Well, did it create a file for it in C:\WINDOWS\Minidump? If you have one, put it on mediafire.com (please stick it in a zip/7zip/rar archive first to save space and for ease of debugging).

Also, updating to SP3 wouldn't hurt :3

[raposeiro]

whats wrong with sp2??

[GTHK]

I didn't say anything was wrong with SP2

Find those crash dumps? Start > Run > %windir%\Minidump

[raposeiro]

latest one in the folder i opened from /run was wednesday jan 2 2008 - tuesday aug 19 2008 rest are 2007 months

and still waiting on utorrent to restart comp and bring up blue screen to write down info ill get back to this post soon

got what it said on the blue screen:

***STOP:0x0000007f (0x00000000, 0x00000000, 0x00000000, 0x00000000)

[GTHK]

No file name in the message? Can you go back to where you disabled auto-reboot and make sure small mini dump is selected, rather then minidumping being disabled? Did you disable the paging file or make it really small?

http://support.microsoft.com/kb/137539

[raposeiro]

small memory dump is on

http://www.mediafire.com/?sharekey=f13397d555909c51d2db6fb9a8902bda

link to jan 2 2008 file in my memory dump folder

[GTHK]

Did you read the MS article for a bit of info? Have you tampered with the paging file?

Crash dump you gave me says IPVNMon.sys did it, don't know what that file is for. Are you using an HP notebook?

[raposeiro]

lol cant seen to figure out how to do a system diagnostic

i gave u crash dump file from january 2 2008 dont got none up till aug 2008

im using a desktop

[GTHK]

You could try running MemTest86+ overnight.