mison Posted April 27, 2009 Report Share Posted April 27, 2009 u torrent will work till the conection turns green. then the program freezes and it comes up with an error message called error 73. Link to comment Share on other sites More sharing options...
jewelisheaven Posted April 27, 2009 Report Share Posted April 27, 2009 How long after starting does this happen? Is it repeatable after a timeframe or time-of-day? Screenshot of the error maybe? You can use http://imageshack.us Link to comment Share on other sites More sharing options...
mison Posted April 27, 2009 Author Report Share Posted April 27, 2009 all it says is: error 73: -1/16397/0/1 it happens after the network connection thing at the bottom of the screen turns green. and it happens every time i try to use utorrent Link to comment Share on other sites More sharing options...
jewelisheaven Posted April 27, 2009 Report Share Posted April 27, 2009 What version of uT are you using, In the window, Alt-H-A (Help menu in the bar, then About).. Link to comment Share on other sites More sharing options...
mison Posted April 27, 2009 Author Report Share Posted April 27, 2009 1.8.2 Link to comment Share on other sites More sharing options...
DreadWingKnight Posted April 27, 2009 Report Share Posted April 27, 2009 Where's the screenshot that was requested? Link to comment Share on other sites More sharing options...
mison Posted April 27, 2009 Author Report Share Posted April 27, 2009 theres nothing 2 c xcept that. but if u rly need it? Link to comment Share on other sites More sharing options...
kellygreen Posted April 27, 2009 Report Share Posted April 27, 2009 I am also experiencing this error, exactly the same. The numbers inbetween -1 and 0/01 are always different, though.For example, I've also had -1/1460/0/01 and -1/2920/0/01.It started yesterday afternoon for no reason that I can figure.http://s284.photobucket.com/albums/ll28/kellygreen9/?action=view¤t=error73.jpgPrtScn of it occuring. After that I have to End Program to get the window to close. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted April 27, 2009 Report Share Posted April 27, 2009 http://forum.utorrent.com/viewtopic.php?id=29748 <-- both logs please. Link to comment Share on other sites More sharing options...
mauda3 Posted April 27, 2009 Report Share Posted April 27, 2009 hello, I have the same problem as kellygreen, but i only get the error 73: -1/1460/0/01 after about a minute and utorrent crashesthe only way I can avoid it is by pausing all torrents. but as soon as I get even just one started again, utorrent crashes with the error 73: -1/1460/0/01this is what I get from windows error report, I don't know if it helpsszAppName : uTorrent.exe szAppVer : 1.8.2.15227 szModName : hungappszModVer : 0.0.0.0 offset : 00000000 C:\DOCUME~1\mauda\LOCALS~1\Temp\WER5a82.dir00\uTorrent.exe.mdmpC:\DOCUME~1\mauda\LOCALS~1\Temp\WER5a82.dir00\appcompat.txtand this is from hijackthisLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:57:24, on 27/04/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exeC:\PROGRA~1\COMMON~1\X10\Common\x10nets.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\wbem\wmiapsrv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\eHome\ehmsas.exeC:\Program Files\ltmoh\Ltmoh.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Toshiba\Toshiba Applet\thotkey.exeC:\Program Files\Synaptics\SynTP\Toshiba.exeC:\WINDOWS\system32\TPSMain.exeC:\Program Files\TOSHIBA\Tvs\TvsTray.exeC:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exeC:\WINDOWS\system32\TPSBattM.exeC:\WINDOWS\System32\DLA\DLACTRLW.EXEC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Fichiers communs\Real\Update_OB\realsched.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXEC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exeC:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exeC:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exeC:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\iPod\bin\iPodService.exeC:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXEC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\Windows Live\Contacts\wlcomm.exeC:\WINDOWS\system32\winlogon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Spybot - Search & Destroy\SpybotSD.exeC:\Documents and Settings\mauda\Local Settings\Temporary Internet Files\Content.IE5\D9HO2TCV\HiJackThis[1].exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetectO4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,EnableO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exeO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exeO4 - HKLM\..\Run: [TPSMain] TPSMain.exeO4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exeO4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exeO4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXEO4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startupO4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exeO4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialogO4 - HKCU\..\Run: [awomu] c:\documents and settings\mauda\local settings\application data\awomu.exe awomuO4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"O4 - HKCU\..\Run: [PoliceAV] C:\Program Files\XPPoliceAntivirus\xppolice.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')O4 - HKUS\S-1-5-21-941708952-1740525327-3241195035-501\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (User 'Invité')O4 - HKUS\S-1-5-21-941708952-1740525327-3241195035-501\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Invité')O4 - HKUS\S-1-5-21-941708952-1740525327-3241195035-501\..\Run: [miaeu] "c:\documents and settings\invité\local settings\application data\miaeu.exe" miaeu (User 'Invité')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - S-1-5-21-941708952-1740525327-3241195035-501 Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe (User 'Invité')O4 - S-1-5-21-941708952-1740525327-3241195035-501 User Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe (User 'Invité')O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exeO8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\msntb.dll/search.htmO8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dllO9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\mauda\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dllO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211844958609O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cabO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?e=1233948316088&h=ea2b006bd37f50266cc0d74204c83eaa/&filename=jinstall-6u11-windows-i586-jc.cabO20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dllO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exeO23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exeO23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\..\svchost.exe (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exeO23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exeO23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe--End of file - 14738 bytesthanks everyone and excuse my english, it's only my second language Link to comment Share on other sites More sharing options...
epikorous Posted April 27, 2009 Report Share Posted April 27, 2009 I am also experiencing this error,could be a virus?it started yesterdayscreen : http://s668.photobucket.com/albums/vv41/epikorous/?action=view¤t=carsh.jpgthis is NOT a version problem, I am using version 1.8.2 but I installed it yesterday just because I thought it might fix the problem. before I was using v 1.7.6 Link to comment Share on other sites More sharing options...
mison Posted April 27, 2009 Author Report Share Posted April 27, 2009 the files that are crashing are also from the temp folder in my case. im not sure but i think the same names aswell. Link to comment Share on other sites More sharing options...
mauda3 Posted April 27, 2009 Report Share Posted April 27, 2009 hello againhere are the links to some of my crashdumpshttp://www.zshare.net/download/592655151bc2a864/ http://www.zshare.net/download/59265599b77866bf/http://www.zshare.net/download/59265616a58d7b08/thank you guys Link to comment Share on other sites More sharing options...
epikorous Posted April 27, 2009 Report Share Posted April 27, 2009 Well I activated windows in safe mode, and used HijackThis to fix all the reg problems he found.this was half an hour ago, and so far utorrent did not crash even once, hopefully it will stay like this. Link to comment Share on other sites More sharing options...
mauda3 Posted April 27, 2009 Report Share Posted April 27, 2009 how can you make hijackthis find the problems ? it tells me that scan results do not determine whether an item is bad or not Link to comment Share on other sites More sharing options...
epikorous Posted April 27, 2009 Report Share Posted April 27, 2009 you are right it can't determine whether an item is bad or not, however I decided to fix all the items he found, because my computer had a few "health" problems this week, and I found a few trojans in virus scan, I thought it might help, and it did Link to comment Share on other sites More sharing options...
jewelisheaven Posted April 27, 2009 Report Share Posted April 27, 2009 The reason that the logs are requested is because the programs to create them are 1) simple to use 2) generally used elsewhere for troubleshooting and 3) get a general idea about specific parts of your computer which may be interacting with uT.Indeed as epikorous said, HJT through its specific identification by numbering of parts of your system, means if you see things as 023: Service which are not from Windows or you (or the one helping you troubleshoot) doesn't recognize, then you may have a problem. Additionally 02: BHO and 20: Appinit are commonly used by trojan/rootkits to keep themselves in memory and redownload... for cases like that a manual removal is HIGHLY tedious and simply being able to restart in limited Safe Mode and having the program clean up the suspicious files on reboot is a godsend.epikorous, do you remember if it cleaned up any 02, 20, or 23 section problems?So mison, kellygreen, please follow mauda3's example and post the logfiles requested.mauda3, if you could post the output from the other program, Process Explorer (procexp.exe) it may show exactly what's in uT. The logfile it creates when you select the utorrent.exe shows EXACTLY what's loaded into RAM. This in-memory problem is the most common reason for uT crashes.Also mauda you have at least one suspicious program installed O4 - HKCU\..\Run: [awomu] c:\documents and settings\mauda\local settings\application data\awomu.exe awomu You can verify for yourself what other AV has to say about it by uploading it to http://virustotal.com Link to comment Share on other sites More sharing options...
epikorous Posted April 27, 2009 Report Share Posted April 27, 2009 this is my log file from HijackThis that I saves BEFORE I fixed problem:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 14:24:52, on 27/04/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0011)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\acs.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Spyware Terminator\sp_rsser.exeC:\WINDOWS\system32\svchost.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\tsnp325.exeC:\WINDOWS\vsnp325.exeC:\Program Files\TP-LINK\TWCU\TWCU.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\SNIR\Desktop\ProcessExplorer\procexp.exeC:\WINDOWS\system32\NOTEPAD.EXEE:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.colman.ac.il/Pages/default.aspxR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.not.co.il/%sO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: D - {582167AB-48CF-3DCA-8F8E-070EE4ED2E51} - C:\WINDOWS\system32\xwr93500.dll (file missing)O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dllO2 - BHO: 179223 helper - {B3FA56CF-B3F9-4328-9802-CFAACEA86646} - C:\WINDOWS\system32\179223\179223.dll (file missing)O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exeO4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exeO4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -noguiO4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Auslogics BoostSpeed 4] c:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exeO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')O8 - Extra context menu item: &ייצוא אל Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000O9 - Extra button: שלח אל OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: ש&לח אל OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dllO9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/beta/SP.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230314460359O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cabO16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLLO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dllO23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exeO23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exeO23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing)O24 - Desktop Component 0: (no name) - http://www.102fm.co.il/Front/images/player_volume.gif--End of file - 9617 bytesthere are a few 02, and 23 section problems Link to comment Share on other sites More sharing options...
jewelisheaven Posted April 27, 2009 Report Share Posted April 27, 2009 yup 2 BHO clickjack (likely how they got in) 2 EXEs in \Windows :/ and the service. After that was all removed, you're good to go then?Good job in poking at it until you fixed it Link to comment Share on other sites More sharing options...
mauda3 Posted April 27, 2009 Report Share Posted April 27, 2009 hello once againhere is the output from process explorerProcess PID CPU Description Company NameSystem Idle Process 0 55.15 Interrupts n/a 0.74 Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 1296 Gestionnaire de session Windows NT Microsoft Corporation csrss.exe 1392 Client Server Runtime Process Microsoft Corporation winlogon.exe 1416 Application d'ouverture de session Windows NT Microsoft Corporation services.exe 1460 4.41 Applications Services et Contrôleur Microsoft Corporation svchost.exe 1684 Generic Host Process for Win32 Services Microsoft Corporation ehmsas.exe 3728 Media Center Media Status Aggregator Service Microsoft Corporation Dot1XCfg.exe 3884 Intel 802.1x Server Intel Corporation MPAPI3s.exe 2332 Mobile Phone API Nokia Corporation DATALA~1.EXE 3196 DataLayer 2.0 Module Nokia Mobile Phones Ltd. svchost.exe 1788 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1992 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 2040 Generic Host Process for Win32 Services Microsoft Corporation EvtEng.exe 212 Intel® PROSet/Wireless Event Log Intel Corporation S24EvMon.exe 356 5.15 Wireless Management Service Intel Corporation svchost.exe 704 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1080 Spooler SubSystem App Microsoft Corporation svchost.exe 564 Generic Host Process for Win32 Services Microsoft Corporation AppleMobileDeviceService.exe 612 Apple Mobile Device Service Apple Inc. avp.exe 632 mDNSResponder.exe 676 Bonjour Service Apple Inc. CFSvcs.exe 792 Service of ConfigFree. TOSHIBA CORPORATION ehrecvr.exe 936 Media Center Receiver Service Microsoft Corporation ehSched.exe 1192 Service de planification Media Center Microsoft Corporation jqs.exe 1308 Java Quick Starter Service Sun Microsystems, Inc. nvsvc32.exe 1384 NVIDIA Driver Helper Service, Version 84.68 NVIDIA Corporation RegSrvc.exe 1964 Intel® PROSet/Wireless Registry Service Intel Corporation svchost.exe 244 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 928 Generic Host Process for Win32 Services Microsoft Corporation TAPPSRV.exe 996 TOSHIBA TAPPSRV TOSHIBA Corp. X10nets.exe 1980 X10 Module X10 mcrdsvc.exe 2176 MCRD Device Service Microsoft Corporation dllhost.exe 3212 0.74 COM Surrogate Microsoft Corporation alg.exe 3436 Application Layer Gateway Service Microsoft Corporation wmiapsrv.exe 3916 Service de la carte de performance WMI Microsoft Corporation ServiceLayer.exe 3356 ServiceLayer Module Nokia. iPodService.exe 3504 iPodService Module Apple Inc. lsass.exe 1472 LSA Shell (Export Version) Microsoft Corporationexplorer.exe 2660 Explorateur Windows Microsoft Corporation ehtray.exe 3668 Media Center Tray Applet Microsoft Corporation rundll32.exe 3784 Exécuter une DLL en tant qu'application Microsoft Corporation SynTPEnh.exe 3792 0.74 Synaptics TouchPad Enhancements Synaptics, Inc. Toshiba.exe 3392 Toshiba Custom PlugIn Application Synaptics, Inc. RTHDCPL.exe 3592 Realtek HD Audio Control Panel Realtek Semiconductor Corp. ltmoh.exe 4088 LtMoh MFC Application Agere Systems agrsmmsg.exe 484 SoftModem Messaging Applet Agere Systems THotkey.exe 504 Hotkey Utility TOSHIBA TPSMain.exe 1924 TOSHIBA Corporation TPSBattM.exe 620 TOSHIBA Corporation TvsTray.exe 404 TOSHIBA Virtual Sound Taskbar Module TOSHIBA Corporation SmoothView.exe 788 0.74 SmoothView TOSHIBA Corporation DLACTRLW.EXE 804 Drive Letter Access Component Sonic Solutions ZCfgSvc.exe 860 ZeroCfgSvc MFC Application Intel Corporation iFrmewrk.exe 1116 4.41 Intel Framework MFC Application Intel Corporation realsched.exe 2068 RealNetworks Scheduler RealNetworks, Inc. hpwuSchd2.exe 1588 hpwuSchd Application Hewlett-Packard LAUNCH~1.EXE 4060 PC Suite Nokia avp.exe 1552 jusched.exe 140 Java Platform SE binary Sun Microsystems, Inc. iTunesHelper.exe 700 iTunesHelper Module Apple Inc. ctfmon.exe 3172 0.74 CTF Loader Microsoft Corporation TOSCDSPD.exe 3660 CD/DVD Drive Acoustic Silencer TOSHIBA msnmsgr.exe 3900 Windows Live Messenger Microsoft Corporation PcSync2.exe 1204 PC Sync Time Information Services Ltd. veohwebplayer.exe 3292 Veoh Web Player Beta Veoh Networks TeaTimer.exe 3856 5.15 System settings protector Safer-Networking Ltd. hpqtra08.exe 3688 HP Digital Imaging Monitor Hewlett-Packard Development Company, L.P. hpqste08.exe 152 HP CUE Status Hewlett-Packard Development Company, L.P. procexp.exe 2024 2.94 Sysinternals Process Explorer Sysinternals - www.sysinternals.com uTorrent.exe 3812 19.12 µTorrent BitTorrent, Inc.rundll32.exe 3844 Exécuter une DLL en tant qu'application Microsoft Corporationiexplore.exe 3600 Internet Explorer Microsoft CorporationProcess: uTorrent.exe Pid: 3812Name Description Company Name VersionACTIVEDS.dll DLL de la couche de routage AD Microsoft Corporation 5.1.2600.5512adsldpc.dll DLL C du fournisseur LDAP AD Microsoft Corporation 5.1.2600.5512ADVAPI32.dll API avancées Windows 32 Microsoft Corporation 5.1.2600.5755ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.1CLBCATQ.DLL Microsoft Corporation 2001.12.4414.700COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.5512comdlg32.dll DLL commune de boîtes de dialogues Microsoft Corporation 6.0.2900.5512COMRes.dll Microsoft Corporation 2001.12.4414.700credui.dll Interface utilisateur du gestionnaire d'informations d'identification Microsoft Corporation 5.1.2600.5512CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.5512ctype.nls DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.5625dot3api.dll API de configuration 802.3 Microsoft Corporation 5.1.2600.5512dot3dlg.dll Application d'assistance de l'IU 802.3 Microsoft Corporation 5.1.2600.5512eappcfg.dll Configuration d'homologue EAP Microsoft Corporation 5.1.2600.5512eappprxy.dll Microsoft EAPHost Peer Client DLL Microsoft Corporation 5.1.2600.5512GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.5698hnetcfg.dll Gestionnaire de configuration de réseau domestique Microsoft Corporation 5.1.2600.5512iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.0.6000.16825IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.5512index.dat index.dat index.dat iphlpapi.dll API de l'application d'assistance IP Microsoft Corporation 5.1.2600.5512kernel32.dll DLL du client API BASE Windows NT Microsoft Corporation 5.1.2600.5781LINKINFO.dll Windows Volume Tracking Microsoft Corporation 5.1.2600.5512locale.nls LPK.DLL Language Pack Microsoft Corporation 5.1.2600.5512mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 1.0.6.2MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.5512MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.5512MSCTF.dll DLL de MSCTF Server Microsoft Corporation 5.1.2600.5512msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.5512msv1_0.dll Microsoft Authentication Package v1.0 Microsoft Corporation 5.1.2600.5512MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.2.3104.0msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.5512mswsock.dll Fournisseur de service Sockets 2.0 de Microsoft Windows Microsoft Corporation 5.1.2600.5625netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.5694netshell.dll Noyau des Connexions réseau Microsoft Corporation 5.1.2600.5512Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.0.5441.0ntdll.dll DLL Couche NT Microsoft Corporation 5.1.2600.5755NTMARTA.DLL Fournisseur MARTA Windows NT Microsoft Corporation 5.1.2600.5512ntshrui.dll Extensions de l'interpréteur de commandes pour le partage Microsoft Corporation 5.1.2600.5512nview.dll NVIDIA nView Desktop and Window Manager 110.33 NVIDIA Corporation 6.14.10.11033nvwddi.dll NVIDIA nView Display Driver Interface Lib, Version 84.68 NVIDIA Corporation 6.14.10.8468NVWRSFR.DLL NVIDIA nView Desktop and Window Manager NVIDIA Corporation 6.14.10.11033ole32.dll Microsoft OLE pour Windows Microsoft Corporation 5.1.2600.5512oleaut32.dll Microsoft Corporation 5.1.2600.5512OneX.DLL Bibliothèque de demandeur IEEE 802.1X Microsoft Corporation 5.1.2600.5512PSAPI.DLL Process Status Helper Microsoft Corporation 5.1.2600.5512rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.5512RASAPI32.dll API d'Accès réseau à distance Microsoft Corporation 5.1.2600.5512rasman.dll Remote Access Connection Manager Microsoft Corporation 5.1.2600.5512RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.5512rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.5507rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.5512SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.5512Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.5753sensapi.dll SENS Connectivity API DLL Microsoft Corporation 5.1.2600.5512SETUPAPI.dll Installation de L'API Windows Microsoft Corporation 5.1.2600.5512SHELL32.dll DLL commune du shell Windows Microsoft Corporation 6.0.2900.5622shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.5512SHLWAPI.dll Bibliothèque d'utilitaires légers du Shell Microsoft Corporation 6.0.2900.5512sortkey.nls sorttbls.nls TAPI32.dll DLL Client de l'API Microsoft® Windows Téléphonie Microsoft Corporation 5.1.2600.5512unicode.nls urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.0.6000.16825USER32.dll DLL client de l'API Utilisateur de Windows XP Microsoft Corporation 5.1.2600.5512USERENV.dll Userenv Microsoft Corporation 5.1.2600.5512USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.5512uTorrent.exe µTorrent BitTorrent, Inc. 1.8.2.15227uxtheme.dll Bibliothèque de thèmes Ux Microsoft Microsoft Corporation 6.0.2900.5512VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.5512wininet.dll Internet Extensions for Win32 Microsoft Corporation 7.0.6000.16827WINMM.dll DLL API MCI Microsoft Corporation 5.1.2600.5512WINSTA.dll Winstation Library Microsoft Corporation 5.1.2600.5512WLDAP32.dll DLL API LDAP Win32 Microsoft Corporation 5.1.2600.5512WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.5512WS2HELP.dll Application d'assistance de Windows Socket 2.0 pour Windows NT Microsoft Corporation 5.1.2600.5512wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.5512WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.1.2600.5512xpsp2res.dll Messages Service Pack 2 Microsoft Corporation 5.1.2600.5512thanks Link to comment Share on other sites More sharing options...
jewelisheaven Posted April 28, 2009 Report Share Posted April 28, 2009 That high (~20%) CPU bothers me... could you try turning off NVIDIA nView for a while and check procexp again. Are there times when your computer seems slow? If you've got Kaspersky, why did you install XPPolice AV?I'd be interested to see your utorrent.exe process in procexp, double click and switch to THREADS tab. Highlight the one with the CPU usage, screenshot the frame with Alt-PrntScr and post it to some imagesite like http://imageshack.us Link to comment Share on other sites More sharing options...
mison Posted April 29, 2009 Author Report Share Posted April 29, 2009 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 16:39:55, on 29/04/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\system32\DVDRAMSV.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exeC:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\AGRSMMSG.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\TOSHIBA\ConfigFree\NDSTray.exeC:\WINDOWS\System32\DLA\DLACTRLW.EXEC:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exeC:\Program Files\Toshiba\Tvs\TvsTray.exeC:\Program Files\Toshiba\Toshiba Applet\thotkey.exeC:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exeC:\WINDOWS\system32\TDispVol.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Synaptics\SynTP\Toshiba.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\TPSMain.exeC:\Program Files\Microsoft IntelliPoint\point32.exeC:\Program Files\Protector Suite QL\psqltray.exeC:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\WINDOWS\system32\cssrss.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\iTunes\iTunesHelper.exeC:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exeC:\WINDOWS\system32\TPSBattM.exeC:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\WINDOWS\system32\RAMASST.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\HP\Digital Imaging\bin\hpqbam08.exeC:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Windows Live\Contacts\wlcomm.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localO2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLLO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exeO4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXEO4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exeO4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exeO4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exeO4 - HKLM\..\Run: [TFncKy] TFncKy.exeO4 - HKLM\..\Run: [TDispVol] TDispVol.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetectO4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,EnableO4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startupO4 - HKLM\..\Run: [TPSMain] TPSMain.exeO4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exeO4 - HKLM\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -schedulerO4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exeO4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [soundMan] C:\WINDOWS\system32\SOUNDMAN.EXEO4 - Global Startup: Bluetooth Manager.lnk = ?O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabO20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLLO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeO23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exeO23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exeO23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exeO23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe--End of file - 9793 bytes Link to comment Share on other sites More sharing options...
4d0lf Posted May 3, 2009 Report Share Posted May 3, 2009 error 73: -1/1460/0/1 =(today it started to happeningLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:10:22, on 2009-05-03Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\PnkBstrA.exeC:\Program Files\Common Files\Teleca Shared\Generic.exeC:\Program Files\ATI Technologies\ATI.ACE\cli.exeC:\WINDOWS\system32\CTHELPER.EXEC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\DAEMON Tools\daemon.exeC:\Program Files\Xfire\Xfire.exeC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exeC:\Program Files\ATI Technologies\ATI.ACE\cli.exeC:\Program Files\ATI Technologies\ATI.ACE\cli.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\WINDOWS\system32\NOTEPAD.EXEC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Gadu-Gadu\gg.exeC:\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNCO4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -DelayO4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXEO4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXEO4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptionsO4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /sO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exeO4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{40F65C86-FAB1-4F6C-8E79-8171DF96180A}: NameServer = 10.0.0.1O17 - HKLM\System\CCS\Services\Tcpip\..\{99E301FC-8FE6-410E-8028-58ACFCB52CC1}: NameServer = 10.0.0.1O17 - HKLM\System\CS1\Services\Tcpip\..\{40F65C86-FAB1-4F6C-8E79-8171DF96180A}: NameServer = 10.0.0.1O17 - HKLM\System\CS2\Services\Tcpip\..\{40F65C86-FAB1-4F6C-8E79-8171DF96180A}: NameServer = 10.0.0.1O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe--End of file - 4848 bytesProcess PID CPU Description Company NameSystem Idle Process 0 62.69 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 SMSS.EXE 492 Menedżer sesji Windows NT Microsoft Corporation CSRSS.EXE 552 Client Server Runtime Process Microsoft Corporation WINLOGON.EXE 580 Aplikacja logowania systemu Windows NT Microsoft Corporation SERVICES.EXE 624 Usługi i aplikacja Kontroler Microsoft Corporation ATI2EVXX.EXE 796 ATI External Event Utility EXE Module ATI Technologies Inc. SVCHOST.EXE 808 Generic Host Process for Win32 Services Microsoft Corporation Generic.exe 1964 Generic Device Management Executable. Teleca AB WMIPRVSE.EXE 2128 WMI Microsoft Corporation epmworker.exe 2140 CAPI_Worker Module Sony Ericsson Mobile Communications AB CapabilityManager.exe 2656 26.87 Capability Manager Popwire AB SVCHOST.EXE 872 Generic Host Process for Win32 Services Microsoft Corporation SVCHOST.EXE 936 Generic Host Process for Win32 Services Microsoft Corporation wuauclt.exe 3780 Aktualizacje automatyczne Microsoft Corporation SVCHOST.EXE 988 Generic Host Process for Win32 Services Microsoft Corporation SVCHOST.EXE 1072 Generic Host Process for Win32 Services Microsoft Corporation SPOOLSV.EXE 1260 Spooler SubSystem App Microsoft Corporation JQS.EXE 1716 Java Quick Starter Service Sun Microsystems, Inc. PnkBstrA.exe 1768 ALG.EXE 2176 Application Layer Gateway Service Microsoft Corporation LSASS.EXE 636 LSA Shell (Export Version) Microsoft Corporation ATI2EVXX.EXE 1456 ATI External Event Utility EXE Module ATI Technologies Inc.EXPLORER.EXE 1528 Eksplorator Windows Microsoft Corporation CLI.EXE 236 CLI Application (Command Line Interface) ATI Technologies Inc. CLI.EXE 2760 CLI Application (Command Line Interface) ATI Technologies Inc. CLI.EXE 2776 CLI Application (Command Line Interface) ATI Technologies Inc. CTHELPER.EXE 244 CtHelper Application Creative Technology Ltd JUSCHED.EXE 420 Java Platform SE binary Sun Microsystems, Inc. Application Launcher.exe 472 Application Launcher CTFMON.EXE 540 CTF Loader Microsoft Corporation DAEMON.EXE 544 Virtual DAEMON Manager DT Soft Ltd. reader_sl.exe 912 Adobe Acrobat SpeedLauncher Adobe Systems Incorporated Xfire.exe 932 Xfire Xfire Inc. firefox.exe 2924 Firefox Mozilla Corporation uTorrent.exe 468 1.49 µTorrent BitTorrent, Inc. procexp.exe 2628 8.96 Sysinternals Process Explorer Sysinternals - www.sysinternals.comSOFFICE.EXE 1184 OpenOffice.org 3.0 OpenOffice.org SOFFICE.BIN 1404 OpenOffice.org 3.0 OpenOffice.orgProcess: uTorrent.exe Pid: 468Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.1.2600.2180adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.1.2600.2180ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.2180ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.0c_1252.nls c_950.nls Cabinet.dll Microsoft® Cabinet File API Microsoft Corporation 5.1.2600.2180CLBCATQ.DLL Microsoft Corporation 2001.12.4414.258COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.2180comdlg32.dll Plik DLL wspólnych okien dialogowych Microsoft Corporation 6.0.2900.2180COMRes.dll Microsoft Corporation 2001.12.4414.258credui.dll Interfejs użytkownika menedżera poświadczeń Microsoft Corporation 5.1.2600.2180CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.2180cryptnet.dll Crypto Network Related API Microsoft Corporation 5.131.2600.2180ctagent.dll ctagent Creative Technology Ltd 1.0.0.5ctype.nls DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.2180DSOUND.dll DirectSound Microsoft Corporation 5.3.2600.2180dssenh.dll Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider Microsoft Corporation 5.1.2600.2133GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.2180hnetcfg.dll Menedżer konfiguracji sieci domowej Microsoft Corporation 5.1.2600.2180IMAGEHLP.dll Windows NT Image Helper Microsoft Corporation 5.1.2600.2180IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.2180index.dat index.dat index.dat Iphlpapi.dll Interfejs API Pomocnika IP Microsoft Corporation 5.1.2600.2180kernel32.dll Biblioteka DLL klienta Windows NT BASE API Microsoft Corporation 5.1.2600.2180locale.nls LPK.DLL Language Pack Microsoft Corporation 5.1.2600.2180MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.2180MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.2180MSCTF.dll Biblioteka DLL serwera MSCTF Microsoft Corporation 5.1.2600.2180msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.2180MSIMG32.dll GDIEXT Client DLL Microsoft Corporation 5.1.2600.2180MSVCR71.DLL Microsoft® C Runtime Library Microsoft Corporation 7.10.3052.4msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.2180mswsock.dll Microsoft Windows Sockets 2.0 Dostawca usługi Microsoft Corporation 5.1.2600.2180netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.2180NETSHELL.dll Powłoka połączeń sieciowych Microsoft Corporation 5.1.2600.2180ntdll.dll Biblioteka NT Layer DLL Microsoft Corporation 5.1.2600.2180ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.2180oleaut32.dll Microsoft Corporation 5.1.2600.2180R00000000000b.clb rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.2180RASAPI32.DLL Interfejs API usługi Dostęp zdalny Microsoft Corporation 5.1.2600.2180rasman.dll Remote Access Connection Manager Microsoft Corporation 5.1.2600.2180RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.2180rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.2161rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.2180SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.2180schannel.dll TLS / SSL Security Provider Microsoft Corporation 5.1.2600.2180Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.2180sensapi.dll SENS Connectivity API DLL Microsoft Corporation 5.1.2600.2180SETUPAPI.dll Interfejs API Instalatora systemu Windows Microsoft Corporation 5.1.2600.2180SHELL32.dll Wspólna biblioteka DLL Powłoki systemu Windows Microsoft Corporation 6.0.2900.2180shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.2180SHLWAPI.dll Biblioteka dodatkowych narzędzi powłoki Microsoft Corporation 6.0.2900.2180sortkey.nls sorttbls.nls TAPI32.dll Biblioteka DLL klienta interfejsu API usługi Telefonii dla systemu Microsoft® Windows Microsoft Corporation 5.1.2600.2180unicode.nls urlmon.dll Rozszerzenia OLE32 dla Win32 Microsoft Corporation 6.0.2900.2180USER32.dll Biblioteka DLL klienta Windows XP USER API Microsoft Corporation 5.1.2600.2180USERENV.dll Userenv Microsoft Corporation 5.1.2600.2180USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.2180uTorrent.exe µTorrent BitTorrent, Inc. 1.8.2.14458UxTheme.dll Biblioteka Microsoft UxTheme Microsoft Corporation 6.0.2900.2180VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.2180WINHTTP.dll Windows HTTP Services Microsoft Corporation 5.1.2600.2180wininet.dll Rozszerzenia internetowe Win32 Microsoft Corporation 6.0.2900.2180WINMM.dll MCI API DLL Microsoft Corporation 5.1.2600.2180wintrust.dll Interfejsy API potwierdzania zaufania firmy Microsoft Microsoft Corporation 5.131.2600.2180WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.2180WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.2180WS2HELP.dll Windows Socket 2.0 Helper dla Windows NT Microsoft Corporation 5.1.2600.2180wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.2180WSOCK32.dll 32-bitowa biblioteka Windows Socket Microsoft Corporation 5.1.2600.2180xfire_toucan_36594.dll Xfire Toucan DLL Xfire Inc. 1.0.0.36594xpsp2res.dll Komunikaty pakietu Service Pack 2 Microsoft Corporation 5.1.2600.2180 Link to comment Share on other sites More sharing options...
mison Posted May 3, 2009 Author Report Share Posted May 3, 2009 StartupList report, 03/05/2009, 20:12:09StartupList version: 1.52.2Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXEDetected: Windows XP SP3 (WinNT 5.01.2600)Detected: Internet Explorer v7.00 (7.00.6000.16827)* Using default options==================================================Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\system32\DVDRAMSV.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exeC:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\AGRSMMSG.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\TOSHIBA\ConfigFree\NDSTray.exeC:\WINDOWS\System32\DLA\DLACTRLW.EXEC:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exeC:\Program Files\Toshiba\Tvs\TvsTray.exeC:\Program Files\Toshiba\Toshiba Applet\thotkey.exeC:\WINDOWS\system32\TDispVol.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Synaptics\SynTP\Toshiba.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\TPSMain.exeC:\Program Files\Microsoft IntelliPoint\point32.exeC:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\Protector Suite QL\psqltray.exeC:\WINDOWS\system32\cssrss.exeC:\Program Files\TOSHIBA\ConfigFree\CFSServ.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\TPSBattM.exeC:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\WINDOWS\system32\RAMASST.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\HP\Digital Imaging\bin\hpqbam08.exeC:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Windows Live\Contacts\wlcomm.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exeC:\Program Files\Sophos\Sophos Anti-Virus\SavProgress.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exe--------------------------------------------------Listing of startup folders:Shell folders Common Startup:[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]Bluetooth Manager.lnk = ?HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeRAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe--------------------------------------------------Checking Windows NT UserInit:[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]UserInit = C:\WINDOWS\system32\userinit.exe,--------------------------------------------------Autorun entries from Registry:HKLM\Software\Microsoft\Windows\CurrentVersion\RunAGRSMMSG = AGRSMMSG.exeRTHDCPL = RTHDCPL.EXEAlcmtr = ALCMTR.EXENDSTray.exe = NDSTray.exeDLA = C:\WINDOWS\System32\DLA\DLACTRLW.EXESmoothView = C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exeTvs = C:\Program Files\Toshiba\Tvs\TvsTray.exeTHotkey = C:\Program Files\Toshiba\Toshiba Applet\thotkey.exeTDispVol = TDispVol.exeSynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exeIntelZeroConfig = "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"IntelWireless = "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessNvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupnwiz = nwiz.exe /installquiet /keeploaded /nodetectNVRotateSysTray = rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,EnablePSQLLauncher = "C:\Program Files\Protector Suite QL\launcher.exe" /startupTPSMain = TPSMain.exeIntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"WD Drive Manager = C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exeISUSPM = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -schedulerHP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exehpqSRMon = C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe--------------------------------------------------Autorun entries from Registry:HKCU\Software\Microsoft\Windows\CurrentVersion\RunTOSCDSPD = C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exectfmon.exe = C:\WINDOWS\system32\ctfmon.exeSoundMan = C:\WINDOWS\system32\SOUNDMAN.EXE--------------------------------------------------Load/Run keys from C:\WINDOWS\WIN.INI:load=*INI section not found*run=*INI section not found*Load/Run keys from Registry:HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*HKCU\..\Windows NT\CurrentVersion\Windows: load=HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL--------------------------------------------------Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:Shell=*INI section not found*SCRNSAVE.EXE=*INI section not found*drivers=*INI section not found*Shell & screensaver key from Registry:Shell=Explorer.exeSCRNSAVE.EXE=C:\WINDOWS\system32\logon.scrdrivers=*Registry value not found*Policies Shell key:HKCU\..\Policies: Shell=*Registry key not found*HKLM\..\Policies: Shell=*Registry value not found*--------------------------------------------------Enumerating Browser Helper Objects:HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll - {0347C33E-8762-4905-BF09-768834316C61}(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(no name) - (no file) - {5C255C8A-E604-49b4-9D64-90988571CECB}(no name) - C:\WINDOWS\System32\DLA\DLASHX_W.DLL - {5CA3D70E-1895-11CF-8E15-001234567890}(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}--------------------------------------------------Enumerating Task Scheduler jobs:AppleSoftwareUpdate.jobOGADaily.jobOGALogon.job--------------------------------------------------Enumerating Download Program Files:[shockwave ActiveX Control]InProcServer32 = C:\WINDOWS\system32\Adobe\Director\SwDir.dllCODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[unoCtrl Class]InProcServer32 = C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dllCODEBASE = http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab[MessengerStatsClient Class]InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dllCODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab--------------------------------------------------Enumerating Winsock LSP files:NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll--------------------------------------------------Enumerating Windows NT logon/logoff scripts:*No scripts set to run*Windows NT checkdisk command:BootExecute = autocheck autochk *Windows NT 'Wininit.ini':PendingFileRenameOperations: C:\WINDOWS\system32\sqlsodbc.chmxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx||C:\DOCUME~1\POPULIN\LOCALS~1\Temp\GLB1A2B.EXE--------------------------------------------------Enumerating ShellServiceObjectDelayLoad items:PostBootReminder: C:\WINDOWS\system32\SHELL32.dllCDBurn: C:\WINDOWS\system32\SHELL32.dllWebCheck: C:\WINDOWS\system32\webcheck.dllSysTray: C:\WINDOWS\system32\stobject.dll--------------------------------------------------End of report, 10,245 bytesReport generated in 0.172 secondsCommand line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only Link to comment Share on other sites More sharing options...
4d0lf Posted May 3, 2009 Report Share Posted May 3, 2009 hmnow it was ok for a wile but after I lunched MSN it crashedand when I'm logging off/shutting down Net Broadcast Event Window won't end normally and I have to wait few sec.it crashes without msn so it was irrelevanti went to %appdata%/utorrent and deleted everythingnow uT seems to be fine but when I try to open .torrent directly from firefox, firefox is crashingwhen I'm saving .torrent to desktop and than opening it explorer is crashing =( but drag&drop is workingdamn itI can't connect to any tracker nowsrsly wtf! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.