bjb1302 Posted August 13, 2009 Report Posted August 13, 2009 New pc with vista home premium 64bit running. Installed utorrent, worked for a few days now it hangs the pc when ever it runs. Only other new installs has been AVG, new wlan card. Not very techi but have managed to do the logs that are suggested. When I shut down utorrent pc works fine. Have run AVG scan and malware but nothing coming up. Hope someone can help! ogfile of Trend Micro HijackThis v2.0.2Scan saved at 00:25:24, on 14/08/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v8.00 (8.00.6001.18813)Boot mode: NormalRunning processes:C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Program Files (x86)\Belkin\F5D7001v2000\Belkinwcui.exeC:\Program Files (x86)\AVG\AVG8\avgtray.exeC:\Program Files (x86)\RALINK\Common\RaUI.exeC:\Program Files (x86)\Belkin\F5D7001v2000\ChkDev.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Bob\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1R87TY0R\HiJackThis[1].exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dllR3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)F2 - REG:system.ini: UserInit=userinit.exeO1 - Hosts: ::1 localhostO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dllO2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dllO3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dllO4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IEO4 - HKLM\..\Run: [updateP2GShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exeO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"O4 - Global Startup: Belkin Wireless Utility.lnk = ?O4 - Global Startup: Launch.lnk = ?O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\RALINK\Common\RaUI.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLLO13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dllO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exeO23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\wltrysvc.exeO23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 8655 bytesProcess PID CPU Description Company NameSystem Idle Process 0 99.24 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 444 csrss.exe 512 wininit.exe 560 services.exe 612 svchost.exe 820 WmiPrvSE.exe 3856 FlashUtil10c.exe 4116 Adobe Flash Player Helper 10.0 r32 Adobe Systems, Inc. svchost.exe 884 svchost.exe 924 Ati2evxx.exe 1008 Ati2evxx.exe 1236 svchost.exe 192 audiodg.exe 604 svchost.exe 304 WUDFHost.exe 2316 dwm.exe 2568 Desktop Window Manager Microsoft Corporation svchost.exe 332 taskeng.exe 2588 Task Scheduler Engine Microsoft Corporation taskeng.exe 2740 svchost.exe 828 SLsvc.exe 372 svchost.exe 1084 svchost.exe 1272 wltrysvc.exe 1432 bcmwltry.exe 1472 spoolsv.exe 1616 svchost.exe 1640 avgwdsvc.exe 2000 avgrsa.exe 2860 avgnsa.exe 1064 LSSrvc.exe 2036 svchost.exe 2052 svchost.exe 2096 svchost.exe 2140 SearchIndexer.exe 2176 wmpnetwk.exe 3536 PresentationFontCache.exe 3684 lsass.exe 624 lsm.exe 632 csrss.exe 580 winlogon.exe 680 explorer.exe 2660 Windows Explorer Microsoft Corporation MSASCui.exe 2872 Windows Defender User Interface Microsoft Corporation RAVCpl64.exe 2880 HD Audio Control Panel Realtek Semiconductor sidebar.exe 2900 Windows Sidebar Microsoft Corporation GoogleToolbarNotifier.exe 2908 GoogleToolbarNotifier Google Inc. msnmsgr.exe 2928 Windows Live Messenger Microsoft Corporation Belkinwcui.exe 2492 Belkin Wireless Client Utility Belkin ChkDev.exe 3628 ChkDev MFC Application Launch.exe 2244 Launch The TechGuys RaUI.exe 972 RaUI MFC Application Ralink Technology, Corp. wmpnscfg.exe 3288 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation iexplore.exe 4032 Internet Explorer Microsoft Corporation iexplore.exe 2804 Internet Explorer Microsoft Corporation GoogleToolbarUser_32.exe 3588 Google Toolbar Broker Google Inc. iexplore.exe 4156 Internet Explorer Microsoft Corporation WinRAR.exe 4996 WinRAR archiver Alexander Roshal procexp.exe 4476 Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 4680 0.38 Sysinternals Process Explorer Sysinternals - www.sysinternals.com uTorrent.exe 4736 0.38 µTorrent BitTorrent, Inc.avgtray.exe 484 AVG Tray Monitor AVG Technologies CZ, s.r.o.Process: uTorrent.exe Pid: 4736Name Description Company Name VersionADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.0.6001.18000CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.6001.18000dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.0.6001.18000dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.0.6001.18000DnsApi.dll DNS Client API DLL Microsoft Corporation 6.0.6001.18000FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.0.6001.18000GDI32.dll GDI Client DLL Microsoft Corporation 6.0.6001.18159IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.0.6001.18000Iphlpapi.dll IP Helper API Microsoft Corporation 6.0.6001.18000kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.0.6001.18215locale.nls locale.nls LPK.DLL Language Pack Microsoft Corporation 6.0.6001.18000MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.0.6001.18000msctf.dll.mui MSCTF Server DLL Microsoft Corporation 6.0.6000.16386msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.6001.18000mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.0.6001.18000napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.0.6001.18000NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.0.6001.18000npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.0.6000.16386NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.0.6001.18000ntdll.dll NT Layer DLL Microsoft Corporation 6.0.6001.18000ntdll.dll NT Layer DLL Microsoft Corporation 6.0.6001.18000ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.0.6001.18000oleaut32.dll Microsoft Corporation 6.0.6001.18000pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.0.6001.18000PSAPI.DLL Process Status Helper Microsoft Corporation 6.0.6000.16386rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.0.6000.16386RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.0.6001.18247rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.0.6001.18000Secur32.dll Security Support Provider Interface Microsoft Corporation 6.0.6001.18215SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.6001.18167shfolder.dll Shell Folder Service Microsoft Corporation 6.0.6000.16386SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.6001.18000USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.0.6001.18000USERENV.dll Userenv Microsoft Corporation 6.0.6001.18000USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000uTorrent.exe µTorrent BitTorrent, Inc. 1.8.3.16010uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.6001.18000VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.0.6001.18000WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.0.6001.18000winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.0.6000.16386WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.0.6001.18000wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.0.6001.18000wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.0.6001.18000wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.0.6001.18000WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.0.6001.18000wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.0.6001.18000wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.0.6001.18000Thanks!!!
Recommended Posts
Archived
This topic is now archived and is closed to further replies.