Error 73

[abcdef]

I've been using utorrent for a long time now, and it always worked properly. But since today, it crashes soon after starting.

After starting utorrent, it starts the downloads, but some seconds later the status icons of the downloads all turn red, and then the programm freezes showing an error message like this: "Error 73 -1/1460/0/1".

I've done a scan with HiJackThis. Here's the log, hope it helps you helping me^^

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:38:50, on 01.05.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programme\Java\jre6\bin\jqs.exe

C:\Programme\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Programme\QuickTime\qttask.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Programme\Logitech\Video\LogiTray.exe

C:\Programme\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\Dokumente und Einstellungen\Andre\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe

C:\Programme\Logitech\Video\FxSvr2.exe

C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Programme\Xfire\xfire.exe

C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

C:\WINDOWS\explorer.exe

C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://web.de/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)

O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [startCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [iCQ] "C:\Programme\ICQ6.5\ICQ.exe" silent

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Andre\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Xfire.lnk = C:\Programme\Xfire\xfire.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm

O9 - Extra button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe

O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Programme\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--

End of file - 7932 bytes

[DreadWingKnight]

Does the problem persist with windowsblinds uninstalled?

[abcdef]

Windowsblinds? What is that and where is it located on my system/how can I uninstall it?

Oh, and thanks for the fast reply.

[jewelisheaven]

Windowsblinds is your re-skinning app. It should be accessible from Add/Remove programs. This Weird dialog box has cropped up recently. You're only using Kaspersky AV/security software?

[abcdef]

I just removed "AlienGUIse Theme Manager", although I'm not sure if that was what you meant. Well, it didn't solve the problem.

And you're right, I'm only using Kaspersky Internet Security 7.

Any other ideas ? Could it be malware that Kaspersky doesn't recognize?

[jewelisheaven]

Well AlienGUIse is apparently a different frontend for http://www.stardock.com/products/windowblinds/ so ... hmm I guess it's time for a look at the DLL list from http://live.sysinternals.com/tools/procexp.exe Download it, run it, click on uTorrent.exe in the tree, press Ctrl-D to show DLLs, and export/save the Logfile. Then paste below

It doesn't appear to be malware, at least in the other thread... but if you're worried, there's many scanners to choose from.

[abcdef]

OK, did that. ere's the log:

Process PID CPU Description Company Name

System Idle Process 0 98.46

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 1064 Windows NT-Sitzungs-Manager Microsoft Corporation

csrss.exe 1112 0.77 Client Server Runtime Process Microsoft Corporation

winlogon.exe 1156 Windows NT-Anmeldung Microsoft Corporation

services.exe 1200 Anwendung für Dienste und Controller Microsoft Corporation

ati2evxx.exe 1408 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 1428 Generic Host Process for Win32 Services Microsoft Corporation

FxSvr2.exe 884 QuickCam Framework Server Logitech Inc.

svchost.exe 1488 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 240 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 368 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 648 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1020 Spooler SubSystem App Microsoft Corporation

svchost.exe 656 Generic Host Process for Win32 Services Microsoft Corporation

avp.exe 720 Kaspersky Anti-Virus Kaspersky Lab

jqs.exe 772 Java Quick Starter Service Sun Microsystems, Inc.

NMSAccessU.exe 1544

PnkBstrA.exe 1644

PnkBstrB.exe 1728

svchost.exe 2008 Generic Host Process for Win32 Services Microsoft Corporation

alg.exe 2032 Application Layer Gateway Service Microsoft Corporation

wmiapsrv.exe 1772 WMI-Leistungsadapter-Dienst Microsoft Corporation

svchost.exe 3920 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 1212 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 388 ATI External Event Utility EXE Module ATI Technologies Inc.

explorer.exe 2152 Windows Explorer Microsoft Corporation

rundll32.exe 2484 Eine DLL-Datei als Anwendung ausführen Microsoft Corporation

qttask.exe 2980 QuickTime Task Apple Inc.

LVCOMSX.EXE 3472 LVCom Server Logitech Inc.

LogiTray.exe 3520 ImageStudio Tray Application Logitech Inc.

jusched.exe 3532 Java Platform SE binary Sun Microsystems, Inc.

avp.exe 3568 Kaspersky Anti-Virus Kaspersky Lab

ctfmon.exe 3688 CTF Loader Microsoft Corporation

ICQ.exe 3748 ICQ ICQ, LLC.

GoogleUpdate.exe 3972 Google Installer Google Inc.

xfire.exe 1660 Xfire Xfire Inc.

iexplore.exe 2188 Internet Explorer Microsoft Corporation

iexplore.exe 2096 Internet Explorer Microsoft Corporation

procexp.exe 920 0.77 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

uTorrent.exe 3384 µTorrent BitTorrent, Inc.

MOM.exe 2940 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.

CCC.exe 444 Catalyst Control Centre: Host application ATI Technologies Inc.

Process: uTorrent.exe Pid: 3384

Name Description Company Name Version

ACTIVEDS.dll ADs Router-Ebene-DLL Microsoft Corporation 5.1.2600.5512

adsldpc.dll DLL für ADs LDAP Provider C Microsoft Corporation 5.1.2600.5512

ADVAPI32.dll Erweitertes Windows 32 Base-API Microsoft Corporation 5.1.2600.5755

apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.1.2600.5512

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.1

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.700

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.5512

comdlg32.dll DLL für gemeinsame Dialoge Microsoft Corporation 6.0.2900.5512

COMRes.dll Microsoft Corporation 2001.12.4414.700

credui.dll Benutzerschnittstelle für Anmeldeinformationsverwaltung Microsoft Corporation 5.1.2600.5512

CRYPT32.dll Krypto-API32 Microsoft Corporation 5.131.2600.5512

ctype.nls

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.5625

dnsq.dll DNSQ Kaspersky Lab 7.0.0.119

dot3api.dll API für 802.3-Autokonfiguration Microsoft Corporation 5.1.2600.5512

dot3dlg.dll 802.3-UI-Hilfsprogramm Microsoft Corporation 5.1.2600.5512

eappcfg.dll EAP-Peerkonfiguration Microsoft Corporation 5.1.2600.5512

eappprxy.dll Microsoft EAPHost Peer Client DLL Microsoft Corporation 5.1.2600.5512

GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.5698

hnetcfg.dll Heimnetzwerkkonfigurations-Manager Microsoft Corporation 5.1.2600.5512

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.0.6001.18702

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.5512

Iphlpapi.dll IP-Hilfs-API Microsoft Corporation 5.1.2600.5512

kernel32.dll Client-DLL für Windows NT-Basis-API Microsoft Corporation 5.1.2600.5781

locale.nls

LPK.DLL Language Pack Microsoft Corporation 5.1.2600.5512

miscr3.dll Kaspersky Anti-Virus Ring 3 Hooker Helper Kaspersky Lab 7.0.0.119

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.5512

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.5512

MSCTF.dll MSCTF-Server-DLL Microsoft Corporation 5.1.2600.5512

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.5512

MSIMG32.dll GDIEXT Client DLL Microsoft Corporation 5.1.2600.5512

MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.2.3104.0

MSVCR71.DLL Microsoft® C Runtime Library Microsoft Corporation 7.10.3052.4

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.5512

mswsock.dll Microsoft Windows Sockets 2.0-Dienstanbieter Microsoft Corporation 5.1.2600.5625

netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.5694

netshell.dll Shell für Netzwerkverbindungen Microsoft Corporation 5.1.2600.5512

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.0.5441.0

ntdll.dll DLL für NT-Layer Microsoft Corporation 5.1.2600.5755

ole32.dll Microsoft OLE für Windows Microsoft Corporation 5.1.2600.5512

oleaut32.dll Microsoft Corporation 5.1.2600.5512

OneX.DLL IEEE 802.1X-Bittstellerbibliothek Microsoft Corporation 5.1.2600.5512

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.5512

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.5512

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.5507

rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.5512

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.5512

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.5753

SETUPAPI.dll Windows Setup-API Microsoft Corporation 5.1.2600.5512

SHELL32.dll Allgemeine Windows-Shell-DLL Microsoft Corporation 6.0.2900.5622

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.5512

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.5512

sortkey.nls

sorttbls.nls

SXS.DLL Fusion 2.5 Microsoft Corporation 5.1.2600.5512

unicode.nls

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 8.0.6001.18702

USER32.dll Client-DLL für Windows XP USER-API Microsoft Corporation 5.1.2600.5512

USERENV.dll Userenv Microsoft Corporation 5.1.2600.5512

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.5512

uTorrent.exe µTorrent BitTorrent, Inc. 1.8.2.14458

uxtheme.dll Microsoft UxTheme-Bibliothek Microsoft Corporation 6.0.2900.5512

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.5512

wininet.dll Internet Extensions for Win32 Microsoft Corporation 8.0.6001.18702

WINMM.dll MCI API-DLL Microsoft Corporation 5.1.2600.5512

WINSTA.dll Winstation Library Microsoft Corporation 5.1.2600.5512

WLDAP32.dll Win32 LDAP-API-DLL Microsoft Corporation 5.1.2600.5512

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.5512

WS2HELP.dll Windows Socket 2.0 Helper für Windows NT Microsoft Corporation 5.1.2600.5512

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.5512

WSOCK32.dll Windows Socket-32-Bit-DLL Microsoft Corporation 5.1.2600.5512

WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.1.2600.5512

xfire_toucan_36644.dll Xfire Toucan DLL Xfire Inc. 1.0.0.36644

xpsp2res.dll Service Pack 2-Meldungen Microsoft Corporation 5.1.2600.5512

[jewelisheaven]

Hmm, Kaspersky and Xfire are the only things you've got. Comparing it to http://forum.utorrent.com/viewtopic.php?id=57112 there aren't any commonalities. Are you using WLAN?

[abcdef]

No, I'm using a LAN connection.

[Jazidsc]

I'm having a similar problem too.

I'm using version 1.8.2 on a LAN connection.

[jewelisheaven]

Either you're getting the exact same IO Error: 73 with an empty dialog box, or you aren't. If you are please post the logfiles mentioned at the bottom of the Read Me. If you aren't, create your own thread or post in a relevant thread.

Tried running with Kaspersky installed sanboxed, no errors :/

[Jazidsc]

Yes, I am getting the same error - Error 73. Just tried installing the new beta version, but the same error still came up

Here is my HijackThis log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:37:27, on 2/05/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\RealVNC\VNC4\WinVNC4.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe

C:\Program Files\Trend Micro\BM\TMBMSRV.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\CTHELPER.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Dropbox\Dropbox.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Startup: Dropbox.lnk = C:\Program Files\Dropbox\Dropbox.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://download.windowsupdate.com

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152940013140

O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://gateway.forerunner.com.au/tsweb/msrdp.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{54D06F0A-4158-40D9-A15A-A39F03C3FB2D}: NameServer = 203.2.124.164,203.2.124.165

O18 - Protocol: bw+0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {5428536F-376A-4F3C-A73E-4AAE4255605A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe (file missing)

O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--

End of file - 20652 bytes

And my Process Explorer log

Process PID CPU Description Company Name

System Idle Process 0 74.65

Interrupts n/a Hardware Interrupts

DPCs n/a 1.41 Deferred Procedure Calls

System 4 2.80

smss.exe 1092 Windows NT Session Manager Microsoft Corporation

csrss.exe 1188 2.80 Client Server Runtime Process Microsoft Corporation

winlogon.exe 1212 Windows NT Logon Application Microsoft Corporation

services.exe 1256 1.87 Services and Controller app Microsoft Corporation

svchost.exe 1480 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1556 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1676 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1720 1.87 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1812 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1916 1.87 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 348 Spooler SubSystem App Microsoft Corporation

svchost.exe 552 0.93 Generic Host Process for Win32 Services Microsoft Corporation

AppleMobileDeviceService.exe 588 Apple Mobile Device Service Apple Inc.

mDNSResponder.exe 600 Bonjour Service Apple Inc.

CTSVCCDA.EXE 632 Creative Service for CDROM Access Creative Technology Ltd

svchost.exe 844 1.87 Generic Host Process for Win32 Services Microsoft Corporation

iviRegMgr.exe 956 RegMgr Module InterVideo

MDM.EXE 992 Machine Debug Manager Microsoft Corporation

sqlservr.exe 1064 SQL Server Windows NT Microsoft Corporation

nvsvc32.exe 1152 NVIDIA Driver Helper Service, Version 94.24 NVIDIA Corporation

SfCtlCom.exe 1348 Manages all components of Trend Micro Internet Security. Trend Micro Inc.

sqlbrowser.exe 1628 SQL Browser Service EXE Microsoft Corporation

sqlwriter.exe 1648 SQL Server VSS Writer Microsoft Corporation

svchost.exe 1800 Generic Host Process for Win32 Services Microsoft Corporation

winvnc4.exe 808 VNC Server Free Edition for Win32 RealVNC Ltd.

MsPMSPSv.exe 860 WMDM PMSP Service Microsoft Corporation

imonNT.exe 896 Intel® Active Monitor Win9x Background Service Intel Corp.

TMBMSRV.exe 1340 7.48 Manages the Trend Micro unauthorized change prevention feature Trend Micro Inc.

wmpnetwk.exe 1776 0.93 Windows Media Player Network Sharing Service Microsoft Corporation

alg.exe 2536 0.93 Application Layer Gateway Service Microsoft Corporation

iPodService.exe 4044 iPodService Module Apple Inc.

TmPfw.exe 3304 0.93 Manages the Trend Micro Personal Firewall. Trend Micro Inc.

TmProxy.exe 3708 Manages the Trend Micro proxy. Trend Micro Inc.

lsass.exe 1268 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 3104 0.93 Windows Explorer Microsoft Corporation

CTHELPER.EXE 3228 CtHelper Application Creative Technology Ltd

rundll32.exe 3244 0.93 Run a DLL as an App Microsoft Corporation

iTunesHelper.exe 3308 0.93 iTunesHelper Module Apple Inc.

ctfmon.exe 3352 CTF Loader Microsoft Corporation

wmpnscfg.exe 3364 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

SetPoint.exe 3436 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc.

KHALMNPR.exe 3588 0.93 Logitech KHAL Main Process Logitech, Inc.

Dropbox.exe 3472 1.87 Dropbox

firefox.exe 2788 7.48 Firefox Mozilla Corporation

HijackThis.exe 4904 0.93 HijackThis Trend Micro Inc.

notepad.exe 5096 Notepad Microsoft Corporation

procexp.exe 5408 20.56 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

uTorrent.exe 5764 µTorrent BitTorrent, Inc.

rundll32.exe 3288 0.93 Run a DLL as an App Microsoft Corporation

Process: uTorrent.exe Pid: 5764

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.1.2600.5512

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.1.2600.5512

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.5755

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.1

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.700

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.5512

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.2900.5512

COMRes.dll Microsoft Corporation 2001.12.4414.700

credui.dll Credential Manager User Interface Microsoft Corporation 5.1.2600.5512

CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.5512

ctagent.dll ctagent Creative Technology Ltd 1.0.0.3

ctype.nls

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.5625

dot3api.dll 802.3 Autoconfiguration API Microsoft Corporation 5.1.2600.5512

dot3dlg.dll 802.3 UI Helper Microsoft Corporation 5.1.2600.5512

eappcfg.dll Eap Peer Config Microsoft Corporation 5.1.2600.5512

eappprxy.dll Microsoft EAPHost Peer Client DLL Microsoft Corporation 5.1.2600.5512

GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.5698

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.1.2600.5512

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.0.6000.16825

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.5512

Iphlpapi.dll IP Helper API Microsoft Corporation 5.1.2600.5512

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.1.2600.5781

lgscroll.dll Logitech Scroll Enabler (UNICODE) Logitech, Inc. 4.60.122.0

locale.nls

mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 1.0.6.2

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.5512

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.5512

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.5512

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.5512

MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.2.3104.0

MSVCR80.dll Microsoft® C Runtime Library Microsoft Corporation 8.0.50727.1433

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.5512

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.1.2600.5625

msxml3.dll MSXML 3.0 SP10 Microsoft Corporation 8.100.1048.0

msxml3r.dll XML Resources Microsoft Corporation 8.20.8730.1

netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.5694

netshell.dll Network Connections Shell Microsoft Corporation 5.1.2600.5512

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.0.5441.0

ntdll.dll NT Layer DLL Microsoft Corporation 5.1.2600.5755

NTMARTA.DLL Windows NT MARTA provider Microsoft Corporation 5.1.2600.5512

nview.dll NVIDIA nView Desktop and Window Manager 110.90 NVIDIA Corporation 6.14.10.11090

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.5512

oleaut32.dll Microsoft Corporation 5.1.2600.5512

OneX.DLL IEEE 802.1X supplicant library Microsoft Corporation 5.1.2600.5512

PSAPI.DLL Process Status Helper Microsoft Corporation 5.1.2600.5512

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.5512

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.5512

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.5507

rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.5512

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.5512

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.5753

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.1.2600.5512

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.2900.5622

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.5512

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.5512

sortkey.nls

sorttbls.nls

SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 5.1.2600.5512

SXS.DLL Fusion 2.5 Microsoft Corporation 5.1.2600.5512

unicode.nls

upnp.dll Universal Plug and Play API Microsoft Corporation 5.1.2600.5512

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.0.6000.16825

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.5512

USERENV.dll Userenv Microsoft Corporation 5.1.2600.5512

uTorrent.exe µTorrent BitTorrent, Inc. 1.8.3.15289

UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.5512

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.5512

WINHTTP.dll Windows HTTP Services Microsoft Corporation 5.1.2600.5727

wininet.dll Internet Extensions for Win32 Microsoft Corporation 7.0.6000.16827

WINMM.dll MCI API DLL Microsoft Corporation 5.1.2600.5512

WINSTA.dll Winstation Library Microsoft Corporation 5.1.2600.5512

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.5512

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.5512

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.5512

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.5512

WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.1.2600.5512

xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.1.2600.5512

Thanks for your help

[jewelisheaven]

Even less in common :/ What Intel chipset are you using?

[abcdef]

Weird, but it seems to work now. I found and deleted a trojan yesterday, maybe that thing caused my problems with utorrent. "Trojan.Win32.Small.aarn" was the name, maybe you should run a scan, Jazidsc!

Anyways, thank you for your help jewelisheaven and DreadWingKnight.