uTorrent Not Responding

November 25, 2009

I closed uTorrent, installed 7-zip, then tried to re-open uTorrent. The hourglass icon appeared next to my cursor, but after a while vanished, and nothing else happened. However, opening Task Manager showed that the uTorrent process was running, and trying to start it again returned the message "It seems uTorrent is already running but not responding. Please close all uTorrent processes and try again."

Three hours later, I've tried all of the following, none of which have worked:

1) Restarting

2) Uninstalling uTorrent and clearing settings folder, restarting, then reinstalling uTorrent

3) Uninstalling 7-zip

4) Uninstalling Norton Internet Security 2009

5) Installing uTorrent 1.8.5 (was previously using 1.8.4)

The problem remains unsolved. I'm running Windows XP Professional SP 3.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:15:05 AM, on 11/26/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

E:\Program Files\Wallpaper Master\Wallpaper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\Installer\MSIF2.tmp

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)

R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - F:\Useful\DAP\SBSearch.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - F:\Useful\DAP\dapieloader.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll

O4 - HKLM\..\Run: [Video Driver] vjdhost.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\RunServices: [Video Driver] vjdhost.exe

O4 - HKCU\..\Run: [WallpaperChanger] E:\Program Files\Wallpaper Master\Wallpaper.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uniblueSpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\Launcher.exe -minimize

O4 - HKCU\..\Run: [20090604] C:\Program Files\Common Files\Datalode\Encore\Hoyle Casino 2010\encore_reg.exe /r "C:\Program Files\Common Files\Datalode\Encore\Hoyle Casino 2010\encore_reg.rpd"

O4 - HKLM\..\Policies\Explorer\Run: []

O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')

O8 - Extra context menu item: &Clean Traces - F:\Useful\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - F:\Useful\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - F:\Useful\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{AE90FBA3-BEED-42AC-8F36-98C40A618B6D}: NameServer = 208.67.222.222,208.67.220.220

O20 - Winlogon Notify: ddcBrsTl - ddcBrsTl.dll (file missing)

O20 - Winlogon Notify: efcDuRih - efcDuRih.dll (file missing)

O20 - Winlogon Notify: hgGaxyYR - hgGaxyYR.dll (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Remote Connections Service (FlexService) - BitMicro Software Corporation - C:\Program Files\RapidBIT\cisvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing)

O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSIF2.tmp

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 9568 bytes

From Process Explorer

Process PID CPU Description Company Name

System Idle Process 0 98.46

Interrupts n/a Hardware Interrupts

DPCs n/a 0.77 Deferred Procedure Calls

System 4

smss.exe 1268 Windows NT Session Manager Microsoft Corporation

csrss.exe 180 Client Server Runtime Process Microsoft Corporation

winlogon.exe 336 Windows NT Logon Application Microsoft Corporation

services.exe 476 Services and Controller app Microsoft Corporation

nvsvc32.exe 792 NVIDIA Driver Helper Service, Version 191.07 NVIDIA Corporation

svchost.exe 848 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 964 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1604 Generic Host Process for Win32 Services Microsoft Corporation

wscntfy.exe 2656 Windows Security Center Notification App Microsoft Corporation

svchost.exe 1712 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1940 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 308 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 948 Spooler SubSystem App Microsoft Corporation

AppleMobileDeviceService.exe 1648 Apple Mobile Device Service Apple Inc.

mDNSResponder.exe 1676 Bonjour Service Apple Inc.

jqs.exe 188 Java Quick Starter Service Sun Microsystems, Inc.

LSSrvc.exe 1428 Hewlett-Packard Company

ccSvcHst.exe 1392 Symantec Service Framework Symantec Corporation

ccSvcHst.exe 1728 Symantec Service Framework Symantec Corporation

RichVideo.exe 284 RichVideo Module

locator.exe 1300 Rpc Locator Microsoft Corporation

MSIF2.tmp 2284 Solid Spool Service Solid Documents, LLC

svchost.exe 3604 Generic Host Process for Win32 Services Microsoft Corporation

YahooAUService.exe 2300 AutoUpater Service Module Yahoo! Inc.

alg.exe 3320 Application Layer Gateway Service Microsoft Corporation

svchost.exe 3256 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 488 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 1864 Windows Explorer Microsoft Corporation

RTHDCPL.EXE 1364 Realtek HD Audio Control Panel Realtek Semiconductor Corp.

jusched.exe 1396 Java Platform SE binary Sun Microsystems, Inc.

Wallpaper.exe 1472 Desktop Wallpaper Changer James Garton

ctfmon.exe 1484 CTF Loader Microsoft Corporation

firefox.exe 2424 Firefox Mozilla Corporation

HijackThis.exe 3032 HijackThis Trend Micro Inc.

notepad.exe 1536 Notepad Microsoft Corporation

procexp.exe 3136 0.77 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

uTorrent.exe 3692 µTorrent BitTorrent, Inc.

Process: uTorrent.exe Pid: 3692

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.1.2600.5512

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.1.2600.5512

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.5512

apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.1.2600.5512

ASOEHOOK.DLL AntiSpam OE Hook Symantec Corporation 4.0.0.123

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.1

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.5512

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.2900.5512

CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.5512

ctype.nls

DBGHELP.DLL Windows Image Helper Microsoft Corporation 5.1.2600.5512

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.5512

GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.5512

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.1.2600.5512

imagehlp.dll Windows NT Image Helper Microsoft Corporation 5.1.2600.5512

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.5512

Iphlpapi.dll IP Helper API Microsoft Corporation 5.1.2600.5512

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.1.2600.5512

locale.nls

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.5512

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.5512

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.5512

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.5512

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.5512

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.1.2600.5512

netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.5512

ntdll.dll NT Layer DLL Microsoft Corporation 5.1.2600.5512

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.5512

OLEAUT32.dll Microsoft Corporation 5.1.2600.5512

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.5512

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.5507

rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.5512

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.5512

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.5512

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.1.2600.5512

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.2900.5512

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.5512

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.5512

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.5512

USERENV.dll Userenv Microsoft Corporation 5.1.2600.5512

uTorrent.exe µTorrent BitTorrent, Inc. 1.8.5.17414

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.5512

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.5512

WININET.dll Internet Extensions for Win32 Microsoft Corporation 6.0.2900.5512

winmm.dll MCI API DLL Microsoft Corporation 5.1.2600.5512

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.5512

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.5512

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.5512

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.5512

Any help would be greatly appreciated.

DreadWingKnight · November 25, 2009

O20 - Winlogon Notify: ddcBrsTl - ddcBrsTl.dll (file missing)
O20 - Winlogon Notify: efcDuRih - efcDuRih.dll (file missing)
O20 - Winlogon Notify: hgGaxyYR - hgGaxyYR.dll (file missing)

You still have malware remnants on your system (if the malware has actually been removed)

moogly · November 25, 2009

.

GTHK · November 25, 2009

First cleanup Norton: http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039

And then hope MBAM takes care of ya..

November 26, 2009

Okay, I've cleaned out Norton using the removal tool, but uTorrent still won't run. I don't know what to do about the dll's listed by DreadWingKnight because they can't be found (hence the "file missing" bit, I guess), and Googling them only brings me to this thread.

moogly · November 26, 2009

Use a program like MalwareBytes or CCleaner to remove these remains.

I think it's the main cause of your issue, and you might reinstall Norton after the clean-up.

latigo50 · November 26, 2009

it seems that i often get this message. i have deleted some entries yet it doesn't simply work.

moogly · November 26, 2009

Repost HJT log please.

December 2, 2009

I have no idea what I did, but uTorrent is suddenly working again. This thread should be closed, but I'd still like to figure out either, if not both, what caused this and what fixed it.

New HJT Log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:34:53 PM, on 12/2/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\Installer\MSIF2.tmp

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

E:\Program Files\Wallpaper Master\Wallpaper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)

R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - F:\Useful\DAP\SBSearch.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - F:\Useful\DAP\dapieloader.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll

O4 - HKLM\..\Run: [Video Driver] vjdhost.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "F:\Useful\MBAM\mbam.exe" /runcleanupscript