Jump to content

blue screen...


Recommended Posts

over the past month ive been getting lots of blue screens and windows keeps tellin me to check drivers and programs are up to date. i went and system restored to just befor when it started happening and then turned off all autostart programs and one by one turned them on till it started blue screening. well that happened to be utorrent. without utorrent running my computer will have no problems for days but the min i turn it on within 20 min i get a random system restart and a notice on reboot that i suffered a blue screen and check drivers/programs.

here is all my computer info:

Logfile of HijackThis v1.99.1

Scan saved at 10:58:17 PM, on 7/4/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:






C:\Program Files\Windows Defender\MsMpEng.exe



C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe


C:\Program Files\FolderSize\FolderSizeSvc.exe



C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

F:\Installs\Power Toys\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll

O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - Startup: Styler.lnk = ?

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll

O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/

O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15106/CTPID.cab

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

Process PID CPU Description Company Name

System Idle Process 0 98.44

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 796 Windows NT Session Manager Microsoft Corporation

csrss.exe 844 Client Server Runtime Process Microsoft Corporation

winlogon.exe 868 Windows NT Logon Application Microsoft Corporation

services.exe 912 Services and Controller app Microsoft Corporation

svchost.exe 1084 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1144 Generic Host Process for Win32 Services Microsoft Corporation

MsMpEng.exe 1212 Service Executable Microsoft Corporation

svchost.exe 1252 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1300 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1396 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1576 Spooler SubSystem App Microsoft Corporation

svchost.exe 1696 Generic Host Process for Win32 Services Microsoft Corporation

schedul2.exe 1732 Acronis Scheduler 2 Acronis

AppleMobileDeviceService.exe 1744 Apple Mobile Device Service Apple Inc.

mDNSResponder.exe 1784 Bonjour Service Apple Inc.

CTSVCCDA.EXE 1808 Creative Service for CDROM Access Creative Technology Ltd

FolderSizeSvc.exe 1856 FolderSize Service Brio

alg.exe 1832 Application Layer Gateway Service Microsoft Corporation

iPodService.exe 2756 iPodService Module Apple Inc.

lsass.exe 932 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 1040 Windows Explorer Microsoft Corporation

CtHelper.exe 2100 CtHelper Application Creative Technology Ltd

TrueImageMonitor.exe 2164 Acronis True Image Monitor Acronis

TimounterMonitor.exe 2188 Monitor for Acronis True Image Backup Archive Explorer Acronis

schedhlp.exe 2200 Acronis Scheduler Helper Acronis

MSASCui.exe 2248 Windows Defender User Interface Microsoft Corporation

iTunesHelper.exe 2268 iTunesHelper Module Apple Inc.

RcMan.exe 2312 Remote Control Manager Creative Technology Ltd

OSDMenu.exe 3112 On Screen Display Menu Creative Technology Ltd

msmsgs.exe 2324 Windows Messenger Microsoft Corporation

uTorrent.exe 2348 µTorrent BitTorrent, Inc.

SetPoint.exe 2440 Logitech SetPoint Event Manager (UNICODE) Logitech Inc.

KHALMNPR.exe 2524 Logitech KHAL Main Process Logitech Inc.

iexplore.exe 3776 Internet Explorer Microsoft Corporation

iexplore.exe 3872 Internet Explorer Microsoft Corporation

iexplore.exe 3964 Internet Explorer Microsoft Corporation

iexplore.exe 2064 Internet Explorer Microsoft Corporation

iexplore.exe 2944 Internet Explorer Microsoft Corporation

WinRAR.exe 3212 WinRAR archiver Alexander Roshal

procexp.exe 3184 1.56 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Link to comment
Share on other sites

i say its your memory stick .had aproblem years back on a sytem that try to install windows xp.when it unpack the cab file and use all its memory it blue screen.replace with a new stick and all was fine.not saying this could be the problem..another note turn caching off in disk cache setting in utorrent.sometime it can overload the system. .looking at your hijack report your missing files ,something wasn't un-install right it looks.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...