matau Posted December 8, 2008 Report Share Posted December 8, 2008 ... its from 2-3 days and i realy dont know what to doi try to preinstal it and even to change version but the problem is back over and over >_>i try to ress all default setings but then not help either thats why i am here and begging for help Link to comment Share on other sites More sharing options...
DreadWingKnight Posted December 8, 2008 Report Share Posted December 8, 2008 Post a hijackthis log and process explorer process list please. Link to comment Share on other sites More sharing options...
moogly Posted December 8, 2008 Report Share Posted December 8, 2008 How to report bugs with HJT/PE: http://forum.utorrent.com/viewtopic.php?id=29748 Link to comment Share on other sites More sharing options...
matau Posted December 8, 2008 Author Report Share Posted December 8, 2008 @DreadWingKnight can u please tell me how exactly to do it ? Link to comment Share on other sites More sharing options...
moogly Posted December 8, 2008 Report Share Posted December 8, 2008 I posted the tutorial with the explanations in my last post. Read it. Link to comment Share on other sites More sharing options...
matau Posted December 8, 2008 Author Report Share Posted December 8, 2008 @moogly thx a lot mate i will make it and post all info in some min.ok guys here is ithijackthis:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 18:28 ч., on 9.12.2008 г.Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\RtHDVCpl.exeC:\Windows\System32\rundll32.exeC:\Program Files\ESET\ESET Smart Security\egui.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Internet Download Manager\IDMan.exeC:\Program Files\Xfire\xfire.exeC:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Internet Download Manager\IEMonitor.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO1 - Hosts: 213.198.85.97 dekaronpatch.gametribe.comO2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dllO2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dllO3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dllO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [NodLogin] C:\Program Files\ESET\ESET Smart Security\nodlogin.exeO4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitserviceO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onbootO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exeO8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htmO8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htmO9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLLO9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLLO13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cabO16 - DPF: {45FE4418-F85F-45F0-BCAA-68C334FA6E08} (Sipd Control) - file:///C:/Users/Matau/AppData/Local/Microsoft/Windows%20Sidebar/Gadgets/(EPIDEM.RU)%20AGEphoneGadget.gadget/sipd.ocxO16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{91FCA6DE-FC00-4901-93B3-80E5FBF142D5}: NameServer = 83.228.92.1,83.228.92.2O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exeO23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exeO23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exeO23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe--End of file - 6289 bytesand Utorrent process Process PID CPU Description Company NameSystem Idle Process 0 39.84 Interrupts n/a 0.78 Hardware Interrupts DPCs n/a 2.34 Deferred Procedure Calls System 4 smss.exe 532 Windows Session Manager Microsoft Corporationcsrss.exe 664 Client Server Runtime Process Microsoft Corporationwininit.exe 716 Windows Start-Up Application Microsoft Corporation services.exe 760 Services and Controller app Microsoft Corporation svchost.exe 956 Host Process for Windows Services Microsoft Corporation unsecapp.exe 1312 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation WmiPrvSE.exe 1320 WMI Provider Host Microsoft Corporation nvvsvc.exe 1008 NVIDIA Driver Helper Service, Version 175.19 NVIDIA Corporation rundll32.exe 1604 Windows host process (Rundll32) Microsoft Corporation svchost.exe 1036 Host Process for Windows Services Microsoft Corporation svchost.exe 1076 Host Process for Windows Services Microsoft Corporation svchost.exe 1156 Host Process for Windows Services Microsoft Corporation audiodg.exe 1344 Windows Audio Device Graph Isolation Microsoft Corporation svchost.exe 1204 Host Process for Windows Services Microsoft Corporation dwm.exe 352 Desktop Window Manager Microsoft Corporation svchost.exe 1236 Host Process for Windows Services Microsoft Corporation taskeng.exe 220 Task Scheduler Engine Microsoft Corporation taskeng.exe 2068 Task Scheduler Engine Microsoft Corporation svchost.exe 1372 Host Process for Windows Services Microsoft Corporation SLsvc.exe 1416 Microsoft Software Licensing Service Microsoft Corporation svchost.exe 1444 Host Process for Windows Services Microsoft Corporation svchost.exe 1668 Host Process for Windows Services Microsoft Corporation spoolsv.exe 1928 Spooler SubSystem App Microsoft Corporation svchost.exe 1952 Host Process for Windows Services Microsoft Corporation mDNSResponder.exe 2924 Bonjour Service Apple Computer, Inc. ekrn.exe 2948 25.00 Eset Service ESET PD91Agent.exe 3068 PD91Agent Module Raxco Software, Inc. PD91AgentS1.exe 2064 PD91AgentS1 Module Raxco Software, Inc. PnkBstrA.exe 3160 PsiService_2.exe 3184 PsiService PsiService Protexis Inc. svchost.exe 3204 Host Process for Windows Services Microsoft Corporation TUProgSt.exe 3232 TuneUp Program Statistics Service TuneUp Software svchost.exe 3260 7.03 Host Process for Windows Services Microsoft Corporation SDWinSec.exe 3360 Spybot-S&D Security Center integration Safer Networking Ltd. lsass.exe 776 Local Security Authority Process Microsoft Corporation lsm.exe 784 Local Session Manager Service Microsoft Corporationcsrss.exe 728 Client Server Runtime Process Microsoft Corporationwinlogon.exe 860 Windows Logon Application Microsoft Corporationexplorer.exe 552 Windows Explorer Microsoft Corporation RtHDVCpl.exe 2152 HD Audio Control Panel Realtek Semiconductor rundll32.exe 2184 Windows host process (Rundll32) Microsoft Corporation egui.exe 2208 Eset GUI ESET Skype.exe 2256 Skype Skype Technologies S.A. IDMan.exe 2264 Internet Download Manager (IDM) Tonec Inc. IEMonitor.exe 1564 Internet Download Manager agent for click monitoring in IE-based browsers Tonec Inc. xfire.exe 2284 Xfire Xfire Inc. uTorrent.exe 2764 24.22 µTorrent BitTorrent, Inc. firefox.exe 1740 Firefox Mozilla Corporation procexp.exe 2648 0.78 Sysinternals Process Explorer Sysinternals - www.sysinternals.comProcess: uTorrent.exe Pid: 2764Name Description Company Name VersionADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.00.6001.18000ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000C_1252.NLS CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.6001.18000dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.00.6001.18000dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.00.6001.18000DnsApi.dll DNS Client API DLL Microsoft Corporation 6.00.6001.18000FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.00.6001.18000GDI32.dll GDI Client DLL Microsoft Corporation 6.00.6001.18023GPAPI.dll Group Policy Client API Microsoft Corporation 6.00.6001.18000hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 6.00.6001.18000idmmkb.dll Internet Download Manager module Tonec Inc. 4.00.0000.0001IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.00.6001.18000Iphlpapi.dll IP Helper API Microsoft Corporation 6.00.6001.18000kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.00.6001.18000locale.nls locale.nls LPK.DLL Language Pack Microsoft Corporation 6.00.6001.18000mdnsNSP.dll Bonjour Namespace Provider Apple Computer, Inc. 1.00.0003.0001MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.00.6001.18000MSIMG32.dll GDIEXT Client DLL Microsoft Corporation 6.00.6000.16386MSVCR71.DLL Microsoft® C Runtime Library Microsoft Corporation 7.10.3052.0004msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.6001.18000mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.00.6001.18000napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.00.6001.18000NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.00.6001.18000npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.00.6000.16386NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.00.6001.18000ntdll.dll NT Layer DLL Microsoft Corporation 6.00.6001.18000ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.00.6001.18000OLEACC.dll Active Accessibility Core Component Microsoft Corporation 4.02.5406.0000oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.02.5406.0000oleaut32.dll Microsoft Corporation 6.00.6001.18000pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.00.6001.18000PSAPI.DLL Process Status Helper Microsoft Corporation 6.00.6000.16386rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.00.6000.16386RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.00.6001.18051rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.00.6001.18000Secur32.dll Security Support Provider Interface Microsoft Corporation 6.00.6001.18000SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.6001.18062shfolder.dll Shell Folder Service Microsoft Corporation 6.00.6000.16386SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.6001.18000slc.dll Software Licensing Client Dll Microsoft Corporation 6.00.6001.18000SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.00.6000.16386SXS.DLL Fusion 2.5 Microsoft Corporation 6.00.6001.18000upnp.dll UPnP Control Point API Microsoft Corporation 6.00.6001.18000USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000USERENV.dll Userenv Microsoft Corporation 6.00.6001.18000USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000uTorrent.exe µTorrent BitTorrent, Inc. 1.09.0000.13583uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.6001.18000VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.00.6001.18000WINHTTP.dll Windows HTTP Services Microsoft Corporation 6.00.6001.18000WINMM.dll MCI API DLL Microsoft Corporation 6.00.6001.18000WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.00.6001.18000winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.00.6000.16386WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.00.6001.18000WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.00.6001.18000wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.00.6001.18000wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.00.6001.18000WSOCK32.dll Windows Socket 32-Bit DLL Microsoft Corporation 6.00.6001.18000xfire_toucan_35044.dll Xfire Toucan DLL Xfire Inc. 1.00.0000.35044 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.