Jump to content

uTorrent crashes my computer: required to restart.


John1908

Recommended Posts

Posted

First of, I have read the help me/read me/stick note stuff already.

Bought a new computer recently. It is a multi core so I placed the affiliation to one (thinking that might solve this). I have nvidia graphics card but I did not come with that firewall that causes problems (if I did I can't find it under the name given here).

Basically whenever I start uTorrent and start downloading after a few seconds it just crashes/freezes.

I got Windows Vista Home premium SP1 running on 64 bit architecture. I thought maybe I installed 32 bit utorrent but was unable to find any different (i.e. only one utorrent download file that I can find).

I have a hijackthis log that I am willing to post if needed.

Can someone tell me the safe settings to place in the preferences/options? I only did them the same way that the settings where from my old computer (p4, windows xp SP2).

I basically follow what is written by this guide: (minus step 6 which I leave of as being too advanced/not wanting to tamper with).

http://filesharefreak.com/2008/04/02/tips-to-optimize-utorrent-download-speeds/

Maybe I need to disable a few settings or reduce the numbers so they are no excessive. As you can imagine it is a new computer so there should be no problems in terms of performance.

I have been having trouble with a few other programs (and I initially even thought it might have been hardware malfunctions/voltage settings incorrect) but those issues have all been fixed and now the only time when my comp crashes is when I put on utorrent.

Any and all help would be much appreciated! :)

edit1: wording

edit2: I have placed utorrent on firewall exception list. The antivirus/protection I am using is whatever came with vista (avira antivir personal and windows defender, super antispyware free edition).

edit3: OK I changed the values of 800, 125 and 80 (see link above) to 80, 12 and 8 just to see what happens (all other settings left alone) and it seems to be downloading (at good speeds!) and not crashing (since I am still typing this).... Question is, why is my utorrent on my old comp capable of the 800, 125 and 80 while this comp is not? Some sort of setting in vista needs to be enabled perhaps to allow that large amounts of connections (I guess vista being security prone might treat this as some sort of security issue and crash as a last resort?)

  • 2 weeks later...
Posted

SIGH....

I installed Service Pack 2 of Windows recently... now whenever I open Utorrent and start downloading it freezes my computer and my mouse/keyboard do not work. I am forced to restart from the power. Why do you think it would be causing this? I guess a solution would be to just uninstal Service pack 2 but that seems like a step backwards when it could probably be an easy fix.

Any thoughts?

Posted

Edit: Sorry it is late here...

First I want to point out that I have uninstalled avira (but it is still showing below), I used malwarebytes, adaware and free window registry repair prior to posting the below. (I uninstalled malwarebytes and adware as well thinking the anti spyware programs might have something to do with it)

And for some strange reason hijackthis is saying I have SP1 BUT see this:

http://img193.imageshack.us/img193/2883/sp2buthijackthislogsaysm.jpg

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 1:12:27 AM, on 10/6/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18813)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\AASP\1.00.73\aaCenter.exe

C:\Windows\vsnp325.exe

C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe

C:\Users\owner\Bluebirds\BlueBirds.exe

C:\Program Files (x86)\WinZip\WZQKPICK.EXE

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Program Files (x86)\BOINC\boincmgr.exe

C:\Program Files (x86)\BOINC\boinctray.exe

C:\Windows\FixCamera.exe

C:\Windows\tsnp325.exe

C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe

C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe

C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe

C:\Program Files (x86)\BOINC\boinc.exe

C:\ProgramData\BOINC\projects\docking.cis.udel.edu\charmm34_6.23_windows_x86_64

C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R5_3.05_windows_intelx86.exe

C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R5_3.05_windows_intelx86_2.exe

C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcg_hcmd2_maxdo_6.14_windows_intelx86

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [boincmgr] "C:\Program Files (x86)\BOINC\boincmgr.exe" /a /s

O4 - HKLM\..\Run: [boinctray] "C:\Program Files (x86)\BOINC\boinctray.exe"

O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe

O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel MediaOne\Corel PhotoDownloader.exe" -startup

O4 - HKLM\..\Run: [ulead AutoDetector v2] "C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe"

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bluebirds] C:\Users\owner\Bluebirds\BlueBirds.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE

O13 - Gopher Prefix:

O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 8345 bytes

Posted

Incredible! Windows Defender, Firewall and until recently avira antivirus and yet stuff still manages to creep through!

I will use that program link you gave me right now and then re post a hijacklog.

Thank you so much by the way!

edit: Sorry if this sounds naive... but can't I just go to Windows and delete them? Or will that make it worse?

Posted

Cool cool! Will try and find a program to remove those two. Once I do I will repost a hijackthis log. Till then thank you again!

Edit:

OK I ran a number of things:

http://www.pandasecurity.com/activescan/scan/?type=allpc

*Spyware search and destroy

*Spyware blaster

*Malwarebytes anti malware,

*Ad-aware

*AVG free 9.0

*Microsoft security essentials

None of them were able to detect the above two viruses. I decided to be bold (stupid?) and delete them manually (nothing happens). I then ran free windows registry repair and clicked on fix registrys and then restarted computer.

So then I ran hijackthis log and both fixcamera and that other one are still there and in the registry (I go to the windows folder and I can't see them! So hijackthis log says they are there when they are not!)

So my next guess would be to delete them manually with regedit... except hijackthis log doesn't give me the specific location of the two viruses.

Any thoughts?

Oh and btw I have my set up now as such:

Windows firewall and defender on.

Spyware blaster,

Ad-aware,

Spyware search and destroy,

AVG Free 9.0

Malware bytes (but not currently on, only when scanning)

Free windows registry repair

I removed Microsoft essentials (and whatever else I had prior to that) due to being incompatible with AVG.

Perhaps I should move my hijackthislog to a forum dedicated to malware/virus removal since I guess the problem is not utorrent (as you guys rightfully say) but just external stuff playing with the computer and it just so happens that the computer freezes when utorrent goes on.

Any thoughts?

EDIT 2:

I ran hijackthis log as an administrator and the strangest thing: The two viruses above are not showing up either as files or in the registry. Also SP2 is coming up instead of SP1!??!?!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:41:39 PM, on 10/17/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18828)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\AASP\1.00.73\aaCenter.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Users\owner\Bluebirds\BlueBirds.exe

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\AVG\AVG9\avgtray.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bluebirds] C:\Users\owner\Bluebirds\BlueBirds.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab

O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 8370 bytes

EDIT3: Soon after posting edit 2 I put on utorrent and once the downloads start increasing to tjheir usual values my comp freezes... my mouse/keyboard completelly stop working and I am required to restart manually. Could you get any red flags from the latest hijackthis log?

EDIT4: I found these online analyzers which might help you (I heard that while it is good that they give me suggestions I double check them with an expert):

*http://www.hijackthis.de/

*http://hjt.networktechs.com/parse.php

*http://www.spyandseek.com/mylog.php?lognum=15226

Posted

Well I have not been able to find the two viruses above after deleting them manually in the Windows folder or on the reg edit data (according to hijackthis log) so either they are gone for good or theyare hiding somewhere under a different name on the new hijackthislog.

Do you think I should take my log over to a specific forum that deals with hijackthis logs on a daily basis? Or would you guys be able to analyze it and tell me what to do?

I got a few recomendations to delete some of the registrys under safe mode according to those analyze tools but I thought I will double check here first.

Cheers! :)

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...