Kosokya Posted February 17, 2010 Report Share Posted February 17, 2010 Hello,I've just updated uTorrent to 2.0 and everything was fine...Later, when i ran it again, it froze and said: The program is not responding and i had to Ctrl + Alt + Del to close it. I tried again and it happened again...Oh and, the CPU usage remains normal.I've tried many solutions posted by other people before and... None of them worked...Can someone please help me? Thanks in advance ( Sorry my english is not perfect.. ) Link to comment Share on other sites More sharing options...
DreadWingKnight Posted February 17, 2010 Report Share Posted February 17, 2010 http://forum.utorrent.com/viewtopic.php?id=29748 - both logs please. Link to comment Share on other sites More sharing options...
Kosokya Posted February 17, 2010 Author Report Share Posted February 17, 2010 Ok here it is...Oh one more thing, i use avast! antivirus but the p2p shield is disabled to utorrentLogfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 21:51:31, on 17-02-2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Programas\Alwil Software\Avast4\aswUpdSv.exeC:\Programas\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Programas\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exeC:\Programas\Application Updater\ApplicationUpdater.exeC:\Programas\RelevantKnowledge\rlvknlg.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ATKKBService.exeC:\Programas\Bonjour\mDNSResponder.exeC:\Programas\Java\jre6\bin\jqs.exeC:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Programas\VIA\VIAudioi\HDADeck\HDeck.exeC:\WINDOWS\System32\svchost.exeC:\Programas\Microsoft Office\Office12\GrooveMonitor.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Programas\HP\HP Software Update\HPWuSchd2.exeC:\Programas\Creative\Creative Live! Cam\VideoFX\StartFX.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\V0220Mon.exeC:\Programas\Keyboard Driver\OEMDriver.exeC:\Programas\Java\jre6\bin\jusched.exeC:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exeC:\Programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exeC:\Programas\Search Settings\SearchSettings.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\ASUS\SmartDoctor\SmartDoctor.exeC:\Programas\Ficheiros comuns\Teleca Shared\CapabilityManager.exeC:\Programas\DAEMON Tools Lite\daemon.exeC:\Programas\Windows Live\Messenger\msnmsgr.exeC:\WINDOWS\system32\wuauclt.exeC:\Programas\Alwil Software\Avast4\ashMaiSv.exeC:\Programas\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\wbem\wmiapsrv.exeC:\Programas\Internet Explorer\iexplore.exeC:\WINDOWS\system32\wbem\unsecapp.exeC:\WINDOWS\System32\svchost.exeC:\Programas\Internet Explorer\iexplore.exeC:\Programas\Ficheiros comuns\Teleca Shared\Generic.exeC:\Programas\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exeC:\Programas\Windows Live\Contacts\wlcomm.exeC:\WINDOWS\system32\wuauclt.exeC:\PROGRA~1\FREEDO~1\fdm.exeC:\Programas\Internet Explorer\iexplore.exeC:\WINDOWS\system32\msiexec.exeC:\Programas\TrendMicro\HiJackThis\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pt.msn.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.register.intense-ro.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = HiperligaçõesR3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programas\Search Settings\SearchSettings.dllO2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programas\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dllO2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programas\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dllO2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programas\Free Download Manager\iefdm2.dllO2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programas\Ask.com\GenericAskToolbar.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dllO2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programas\Search Settings\SearchSettings.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programas\Ask.com\GenericAskToolbar.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dllO3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programas\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exeO4 - HKLM\..\Run: [HDAudDeck] C:\Programas\VIA\VIAudioi\HDADeck\HDeck.exe 1O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programas\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [AVFX Engine] C:\Programas\Creative\Creative Live! Cam\VideoFX\StartFX.exeO4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exeO4 - HKLM\..\Run: [KBDriver] C:\Programas\Keyboard Driver\OEMDriver.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptionsO4 - HKLM\..\Run: [SearchSettings] C:\Programas\Search Settings\SearchSettings.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /startO4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programas\DAEMON Tools Lite\daemon.exe" -autorunO4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [EA Core] "C:\Programas\Electronic Arts\EADM\Core.exe" -silentO4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; FDM; msn OptimizedIE8;PTPT; AskTB5.4)" -"http://limao.miniclip.com/games/rollon/en/"O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Serviço de rede')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')O4 - Startup: Free Music Zilla.lnk = C:\Programas\Free Music Zilla\FMZilla.exeO4 - Startup: Iniciação Rápida do Microsoft Office OneNote 2007.lnk = C:\Programas\Microsoft Office\Office12\ONENOTEM.EXEO8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Transferir com FDM - file://C:\Programas\Free Download Manager\dllink.htmO8 - Extra context menu item: Transferir todos com FDM - file://C:\Programas\Free Download Manager\dlall.htmO8 - Extra context menu item: Transferir vídeo com FDM - file://C:\Programas\Free Download Manager\dlfvideo.htmO8 - Extra context menu item: Transferência seleccionada pelo FDM - file://C:\Programas\Free Download Manager\dlselected.htmO9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exeO16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.64.0.cabO16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabO16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cabO16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dllO20 - Winlogon Notify: RelevantKnowledge - C:\Programas\RelevantKnowledge\rlls.dllO22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Programas\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exeO23 - Service: Application Updater - Spigot, Inc. - C:\Programas\Application Updater\ApplicationUpdater.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashWebSv.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programas\Bonjour\mDNSResponder.exeO23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Serviço Google Update (gupdate) (gupdate) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exeO23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programas\Ficheiros comuns\Nero\Nero BackItUp 4\NBService.exeO23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: SeekappSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp145.exe (file missing)--End of file - 14232 bytesI don't know if the Process explorer part is ok..Process PID CPU Description Company NameSystem Idle Process 0 100.00 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 596 Windows NT Session Manager Microsoft Corporation csrss.exe 648 Client Server Runtime Process Microsoft Corporation winlogon.exe 672 Aplicação de início de sessão do Windows NT Microsoft Corporation services.exe 716 Aplicação de serviços e controlo Microsoft Corporation svchost.exe 888 Generic Host Process for Win32 Services Microsoft Corporation CapabilityManager.exe 2716 Capability Manager Popwire AB wmiprvse.exe 3196 WMI Microsoft Corporation unsecapp.exe 316 WMI Microsoft Corporation Generic.exe 1012 Generic Device Management Executable. Teleca AB epmworker.exe 2412 CAPI_Worker Module Sony Ericsson Mobile Communications AB wlcomm.exe 3608 Windows Live Communications Platform Microsoft Corporation fdm.exe 1464 Free Download Manager FreeDownloadManager.ORG svchost.exe 956 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1052 Generic Host Process for Win32 Services Microsoft Corporation wuauclt.exe 3024 Windows Update Microsoft Corporation svchost.exe 1200 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1272 Generic Host Process for Win32 Services Microsoft Corporation aswUpdSv.exe 1456 avast! Antivirus updating service ALWIL Software ashServ.exe 1512 avast! antivirus service ALWIL Software spoolsv.exe 1800 Spooler SubSystem App Microsoft Corporation svchost.exe 1936 Generic Host Process for Win32 Services Microsoft Corporation PhotoshopElementsFileAgent.exe 1976 Adobe Photoshop Elements 7.0 (component) Adobe Systems Incorporated ApplicationUpdater.exe 168 Application Updater Spigot, Inc. ATKKBService.exe 480 ASUS Keyboard Service ASUSTeK COMPUTER INC. mDNSResponder.exe 516 Bonjour Service Apple Computer, Inc. jqs.exe 1040 Java(TM) Quick Starter Service Sun Microsystems, Inc. NBService.exe 1220 Nero BackItUp Nero AG svchost.exe 1388 Generic Host Process for Win32 Services Microsoft Corporation nvsvc32.exe 1452 NVIDIA Driver Helper Service, Version 175.16 NVIDIA Corporation svchost.exe 1836 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 2096 Generic Host Process for Win32 Services Microsoft Corporation ashMaiSv.exe 3400 avast! e-Mail Scanner Service ALWIL Software ashWebSv.exe 3448 avast! Web Scanner ALWIL Software wmiapsrv.exe 3760 Serviço de adaptador de desempenho de WMI Microsoft Corporation alg.exe 260 Application Layer Gateway Service Microsoft Corporation svchost.exe 2956 Generic Host Process for Win32 Services Microsoft Corporation msiexec.exe 528 Windows® installer Microsoft Corporation lsass.exe 728 LSA Shell (Export Version) Microsoft Corporation rlvknlg.exe 308 RelevantKnowledge TMRG, Inc.explorer.exe 456 Explorador do Windows Microsoft Corporation rundll32.exe 1728 Executar uma DLL como uma aplicação Microsoft Corporation HDeck.exe 1744 HDeck MFC Application VIA Technologies, Inc. GrooveMonitor.exe 1860 GrooveMonitor Utility Microsoft Corporation ashDisp.exe 1844 avast! service GUI component ALWIL Software hpwuSchd2.exe 1952 Hewlett-Packard Product Assistant Hewlett-Packard Co. StartFX.exe 2072 Start Advanced Video FX Engine Application Creative Technology Ltd. V0220Mon.exe 2108 Live! Cam Console Auto Launcher Creative Technology Ltd. OEMDriver.exe 2120 OEMDriver MFC Application jusched.exe 2248 Java(TM) Platform SE binary Sun Microsystems, Inc. Application Launcher.exe 2524 Application Launcher SearchSettings.exe 2572 Search Settings application Spigot, Inc. ctfmon.exe 2608 CTF Loader Microsoft Corporation SmartDoctor.exe 2640 SmartDoctor ASUSTeK Inc. daemon.exe 2724 DAEMON Tools main application DT Soft Ltd msnmsgr.exe 2800 Windows Live Messenger Microsoft Corporation HiJackThis.exe 2792 HijackThis Trend Micro Inc. notepad.exe 5256 Bloco de notas Microsoft Corporation iexplore.exe 5300 Internet Explorer Microsoft Corporation iexplore.exe 5352 Internet Explorer Microsoft Corporation WinRAR.exe 5984 WinRAR archiver Alexander Roshal procexp.exe 6044 Sysinternals Process Explorer Sysinternals - www.sysinternals.com Link to comment Share on other sites More sharing options...
DreadWingKnight Posted February 17, 2010 Report Share Posted February 17, 2010 http://www.neuber.com/taskmanager/process/rlls.dll.html - suspect thing in your hijackthis log.And you missed the dll list for the utorrent.exe process Link to comment Share on other sites More sharing options...
Kosokya Posted February 17, 2010 Author Report Share Posted February 17, 2010 Here it isProcess PID CPU Description Company NameSystem Idle Process 0 98.44 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 0.78 smss.exe 596 Windows NT Session Manager Microsoft Corporation csrss.exe 648 Client Server Runtime Process Microsoft Corporation winlogon.exe 672 Aplicação de início de sessão do Windows NT Microsoft Corporation services.exe 716 Aplicação de serviços e controlo Microsoft Corporation svchost.exe 888 Generic Host Process for Win32 Services Microsoft Corporation CapabilityManager.exe 2716 Capability Manager Popwire AB Generic.exe 1012 Generic Device Management Executable. Teleca AB epmworker.exe 2412 CAPI_Worker Module Sony Ericsson Mobile Communications AB wlcomm.exe 3608 Windows Live Communications Platform Microsoft Corporation fdm.exe 1464 Free Download Manager FreeDownloadManager.ORG svchost.exe 956 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1052 Generic Host Process for Win32 Services Microsoft Corporation wuauclt.exe 3024 Windows Update Microsoft Corporation svchost.exe 1200 0.78 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1272 Generic Host Process for Win32 Services Microsoft Corporation aswUpdSv.exe 1456 avast! Antivirus updating service ALWIL Software ashServ.exe 1512 avast! antivirus service ALWIL Software spoolsv.exe 1800 Spooler SubSystem App Microsoft Corporation svchost.exe 1936 Generic Host Process for Win32 Services Microsoft Corporation PhotoshopElementsFileAgent.exe 1976 Adobe Photoshop Elements 7.0 (component) Adobe Systems Incorporated ApplicationUpdater.exe 168 Application Updater Spigot, Inc. ATKKBService.exe 480 ASUS Keyboard Service ASUSTeK COMPUTER INC. mDNSResponder.exe 516 Bonjour Service Apple Computer, Inc. jqs.exe 1040 Java(TM) Quick Starter Service Sun Microsystems, Inc. NBService.exe 1220 Nero BackItUp Nero AG svchost.exe 1388 Generic Host Process for Win32 Services Microsoft Corporation nvsvc32.exe 1452 NVIDIA Driver Helper Service, Version 175.16 NVIDIA Corporation svchost.exe 1836 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 2096 Generic Host Process for Win32 Services Microsoft Corporation ashMaiSv.exe 3400 avast! e-Mail Scanner Service ALWIL Software ashWebSv.exe 3448 avast! Web Scanner ALWIL Software wmiapsrv.exe 3760 Serviço de adaptador de desempenho de WMI Microsoft Corporation alg.exe 260 Application Layer Gateway Service Microsoft Corporation svchost.exe 2956 Generic Host Process for Win32 Services Microsoft Corporation lsass.exe 728 LSA Shell (Export Version) Microsoft Corporationexplorer.exe 456 Explorador do Windows Microsoft Corporation rundll32.exe 1728 Executar uma DLL como uma aplicação Microsoft Corporation HDeck.exe 1744 HDeck MFC Application VIA Technologies, Inc. GrooveMonitor.exe 1860 GrooveMonitor Utility Microsoft Corporation ashDisp.exe 1844 avast! service GUI component ALWIL Software hpwuSchd2.exe 1952 Hewlett-Packard Product Assistant Hewlett-Packard Co. StartFX.exe 2072 Start Advanced Video FX Engine Application Creative Technology Ltd. V0220Mon.exe 2108 Live! Cam Console Auto Launcher Creative Technology Ltd. OEMDriver.exe 2120 OEMDriver MFC Application jusched.exe 2248 Java(TM) Platform SE binary Sun Microsystems, Inc. Application Launcher.exe 2524 Application Launcher SearchSettings.exe 2572 Search Settings application Spigot, Inc. ctfmon.exe 2608 CTF Loader Microsoft Corporation SmartDoctor.exe 2640 SmartDoctor ASUSTeK Inc. daemon.exe 2724 DAEMON Tools main application DT Soft Ltd msnmsgr.exe 2800 Windows Live Messenger Microsoft Corporation iexplore.exe 1780 Internet Explorer Microsoft Corporation iexplore.exe 4224 Internet Explorer Microsoft Corporation iexplore.exe 4620 Internet Explorer Microsoft Corporation WinRAR.exe 5196 WinRAR archiver Alexander Roshal iexplore.exe 4204 Internet Explorer Microsoft Corporation uTorrent.exe 1776 µTorrent BitTorrent, Inc.Process: uTorrent.exe Pid: 1776Name Description Company Name VersionACTIVEDS.dll DLL de camada de router ADs Microsoft Corporation 5.1.2600.2180adsldpc.dll DLL C do fornecedor de LDAP ADs Microsoft Corporation 5.1.2600.2180ADVAPI32.dll API avançada com base em Windows 32 Microsoft Corporation 5.1.2600.3520ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.2CLBCATQ.DLL Microsoft Corporation 2001.12.4414.308COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.2982comdlg32.dll Biblioteca (DLL) de caixas de diálogo comuns Microsoft Corporation 6.0.2900.2180COMRes.dll Microsoft Corporation 2001.12.4414.258ctype.nls DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.3394GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.3466hnetcfg.dll Assistente de configuração de rede doméstica Microsoft Corporation 5.1.2600.2180IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.2180Iphlpapi.dll API de programa auxiliar IP Microsoft Corporation 5.1.2600.2912kernel32.dll DLL cliente da API BASE do Windows NT Microsoft Corporation 5.1.2600.3541locale.nls mdnsNSP.dll Bonjour Namespace Provider Apple Computer, Inc. 1.0.3.1MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.2180MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.3319msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.3531msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.2180mswsock.dll Fornecedor de serviços de Microsoft Windows Sockets 2.0 Microsoft Corporation 5.1.2600.3394netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.3462ntdll.dll DLL de camada do NT Microsoft Corporation 5.1.2600.3520ole32.dll Microsoft OLE para Windows Microsoft Corporation 5.1.2600.2726oleaut32.dll Microsoft Corporation 5.1.2600.2180rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.2938RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.3555rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.2161rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.2180SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.2180Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.3592SETUPAPI.dll API do programa de configuração do Windows Microsoft Corporation 5.1.2600.2938SHELL32.dll DLL comum da shell do Windows Microsoft Corporation 6.0.2900.3402shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.2180SHLWAPI.dll Biblioteca de pequenos utilitários da shell Microsoft Corporation 6.0.2900.3653sortkey.nls sorttbls.nls unicode.nls USER32.dll DLL de cliente API de utilizador de Windows 2000 Microsoft Corporation 5.1.2600.3099USERENV.dll Userenv Microsoft Corporation 5.1.2600.2180uTorrent.exe µTorrent BitTorrent, Inc. 2.0.0.18097uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.2845VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.2180WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.2180WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.2180WS2HELP.dll Windows Socket 2.0 Helper para Windows NT Microsoft Corporation 5.1.2600.2180wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.2180 Link to comment Share on other sites More sharing options...
moogly Posted February 18, 2010 Report Share Posted February 18, 2010 Remove rlls.dll. Link to comment Share on other sites More sharing options...
Kosokya Posted February 18, 2010 Author Report Share Posted February 18, 2010 problem solved thanks Link to comment Share on other sites More sharing options...
kappu Posted February 18, 2010 Report Share Posted February 18, 2010 I have this exact same problem i think.The second i downloaded 2.0 my utorrent becomes unresponsive and i have to stop it through ctrl alt delete.the guy above me apparently got it working by deleting rlls.dll(or?)But i dont have that file on my computer.. imma get logs here soon Link to comment Share on other sites More sharing options...
moogly Posted February 19, 2010 Report Share Posted February 19, 2010 Post logs, kappu. Link to comment Share on other sites More sharing options...
mood313 Posted March 11, 2010 Report Share Posted March 11, 2010 hiii i have the same problem there are the logs.......................Logfile of Trend Micro HijackThis v2.0.2Scan saved at 03:56:03 AM, on 3/11/2010Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\IObit\Advanced SystemCare 3\AWC.exeC:\Windows\Cyb2k.exeC:\Program Files\Windows Sidebar\sidebar.exeD:\Program Files\DAP\DAP.exeC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\Windows\system32\Macromed\Flash\FlashUtil10e.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Orbitdownloader\orbitdm.exeC:\Program Files\Orbitdownloader\orbitnet.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Windows\system32\SearchFilterHost.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet ExplorerR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dllO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dllO2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllO2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - D:\PROGRA~1\DAP\DAPIEL~1.DLLO3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dllO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbyloginO4 - HKLM\..\Run: [C2K] C:\Windows\CYB2K.EXEO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [DownloadAccelerator] "D:\Program Files\DAP\DAP.EXE" /STARTUPO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O8 - Extra context menu item: &Clean Traces - D:\Program Files\DAP\Privacy Package\dapcleanerie.htmO8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201O8 - Extra context menu item: &Download with &DAP - D:\Program Files\DAP\dapextie.htmO8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202O8 - Extra context menu item: Download &all with DAP - D:\Program Files\DAP\dapextie2.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exeO23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exeO23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exeO23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe--End of file - 6390 bytes Link to comment Share on other sites More sharing options...
moogly Posted March 11, 2010 Report Share Posted March 11, 2010 mood313, and Process Explorer log when µT is running?Guide: http://forum.utorrent.com/viewtopic.php?id=29748 Link to comment Share on other sites More sharing options...
jarsonic Posted March 11, 2010 Report Share Posted March 11, 2010 I'm having a somewhat similar issue; the past week or so, uTorrent 2.0.1 Beta, build 18408 in the system tray becomes unresponsive, and when it does, I can't load utorrent.com or run process explorer, etc - they just seem to freeze. Attempting to shut down also hangs, so I end up having to shut down my laptop. It's definitely strange, as this hasn't ever happened up to now, and i've been using uTorrent on this computer for a long long time.Here's the HijackThis log:Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 7:49:44 AM, on 3/11/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Microsoft Security Essentials\MsMpEng.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\1.2.183.17\GoogleCrashHandler.exeC:\WINDOWS\Explorer.EXEC:\Program Files\TortoiseSVN\bin\TSVNCache.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Vista Drive Icon\DrvIcon.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Microsoft Security Essentials\msseces.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\TaskSwitchXP\TaskSwitchXP.exeC:\Program Files\CrashPlan\CrashPlanTray.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.2.183.17\GoogleCrashHandler.exeC:\Program Files\Launchy\Launchy.exeC:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exeC:\Program Files\Stardock\ObjectDock\ObjectDock.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\CrashPlan\CrashPlanService.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exeC:\WINDOWS\system32\mqsvc.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\WINDOWS\system32\mqtgsvc.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\System32\vssvc.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\dllhost.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\wuauclt.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Program Files\uTorrent\uTorrent.exeC:\WINDOWS\system32\wuauclt.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Program Files\SysInternals\procexp.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\SoftwareDistribution\Download\Install\windows-kb890830-v3.5-delta.exem:\ce0af327d4fb89482930a9e0027044\mrtstub.exeC:\WINDOWS\system32\MRT.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\msiexec.exeC:\Program Files\TrendMicro\HiJackThis\HiJackThis.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptopR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localO2 - BHO: (no name) - AutorunsDisabled - (no file)O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hideO4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exeO4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exeO4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exeO4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hideO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exeO4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')O4 - Startup: AutorunsDisabledO4 - Startup: Dropbox.lnk = C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exeO4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exeO4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exeO4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exeO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dllO9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptopO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{E8AAB2EF-3630-42B7-987E-F701C3C8071A}: NameServer = 208.67.222.222,208.67.220.220O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: CrashPlan Backup Service (CrashPlanService) - CrashPlan - C:\Program Files\CrashPlan\CrashPlanService.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Update Service (gupdate1c9697897458983) (gupdate1c9697897458983) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: NST ToolTipFixer (TTFixerService) - NeoSmart Technologies - C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe--End of file - 11727 bytes...and my Process Explorer Log.uTorrent doesn't actually generate a crash file from this, it just hangs. I'm on Windows XP SP3. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted March 11, 2010 Report Share Posted March 11, 2010 We need the dll list for the utorrent.exe process. Link to comment Share on other sites More sharing options...
jarsonic Posted March 11, 2010 Report Share Posted March 11, 2010 Fixed, sorry. Same link. Link to comment Share on other sites More sharing options...
dvs_link Posted March 11, 2010 Report Share Posted March 11, 2010 I have a similar problems as above writers. posting reports.Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 14:29:16, on 2010-03-11Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\WINDOWS\system32\sstray.exeC:\Program Files\Bredbandsbolaget Security Services\Common\FSM32.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Bredbandsbolaget Security Services\Anti-Virus\fsgk32st.exeC:\Program Files\Bredbandsbolaget Security Services\Common\FSMA32.EXEC:\Program Files\Bredbandsbolaget Security Services\Anti-Virus\FSGK32.EXEC:\WINDOWS\System32\svchost.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Bredbandsbolaget Security Services\Common\FSHDLL32.EXEC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Bredbandsbolaget Security Services\FWES\Program\fsdfwd.exeC:\Program Files\Bredbandsbolaget Security Services\Anti-Virus\fssm32.exeC:\Program Files\Bredbandsbolaget Security Services\Anti-Virus\fsav32.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\msiexec.exeC:\Program Files\uTorrent\uTorrent.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\Program Files\TrendMicro\HiJackThis\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15161&l=disR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R3 - URLSearchHook: wellgames Toolbar - {8e41e543-e069-4197-8608-e8b4c2f75747} - C:\Program Files\wellgames\tbwel0.dllO1 - Hosts: ::1 localhostO2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: wellgames Toolbar - {8e41e543-e069-4197-8608-e8b4c2f75747} - C:\Program Files\wellgames\tbwel0.dllO2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dllO2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: wellgames Toolbar - {8e41e543-e069-4197-8608-e8b4c2f75747} - C:\Program Files\wellgames\tbwel0.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /rO4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Bredbandsbolaget Security Services\Common\FSM32.EXE" /splashO4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Bredbandsbolaget Security Services\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automountO4 - Global Startup: BankID Security Application.lnk = C:\Program Files\Personal\bin\Personal.exeO4 - Global Startup: HP Display LiteSaver Startup.lnk = C:\WINDOWS\HPLiteSaver.exeO8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO15 - Trusted Zone: *.handelsbanken.seO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241534047265O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241534026625O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cabO16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://snabbt.bredband.com/check/fscax.cabO20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)O21 - SSODL: syshelps - {47EFA9C3-4BB0-4615-A901-3A7743EF0F4F} - (no file)O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Bredbandsbolaget Security Services\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Bredbandsbolaget Security Services\FWES\Program\fsdfwd.exeO23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Bredbandsbolaget Security Services\Common\FSMA32.EXEO23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Bredbandsbolaget Security Services\ORSP Client\fsorsp.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXEO23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exeO23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe--End of file - 9228 bytesProcess PID CPU Description Company NameSystem Idle Process 0 95.45 Interrupts n/a 1.52 Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 676 Windows NT Session Manager Microsoft Corporation csrss.exe 740 Client Server Runtime Process Microsoft Corporation winlogon.exe 764 Windows NT Logon Application Microsoft Corporation services.exe 808 1.52 Services and Controller app Microsoft Corporation svchost.exe 980 Generic Host Process for Win32 Services Microsoft Corporation ehmsas.exe 3844 Media Center Media Status Aggregator Service Microsoft Corporation svchost.exe 1100 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1192 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1344 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1456 Generic Host Process for Win32 Services Microsoft Corporation LEXBCES.EXE 1556 LexBce Service Lexmark International, Inc. LEXPPS.EXE 1632 LEXPPS.EXE Lexmark International, Inc. spoolsv.exe 1580 Spooler SubSystem App Microsoft Corporation svchost.exe 1048 Generic Host Process for Win32 Services Microsoft Corporation ehRecvr.exe 1260 Media Center Receiver Service Microsoft Corporation ehSched.exe 1244 Media Center Scheduler Service Microsoft Corporation fsgk32st.exe 1300 F-Secure Anti-Virus Scanning Service F-Secure Corporation fsgk32.exe 1292 Gatekeeper Handler II F-Secure Corporation fssm32.exe 3088 F-Secure Scanner Manager F-Secure Corporation fsav32.exe 2240 FSAV Handler F-Secure Corporation FSMA32.EXE 1332 F-Secure Management Agent F-Secure Corporation FSHDLL32.EXE 1880 F-Secure DLL Hosting Plugin F-Secure Corporation svchost.exe 1340 Generic Host Process for Win32 Services Microsoft Corporation jqs.exe 1796 Java Quick Starter Service Sun Microsystems, Inc. NBService.exe 2064 Nero BackItUp Nero AG nvsvc32.exe 2144 NVIDIA Driver Helper Service, Version 178.24 NVIDIA Corporation svchost.exe 2272 Generic Host Process for Win32 Services Microsoft Corporation StarWindServiceAE.exe 2344 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software svchost.exe 2380 Generic Host Process for Win32 Services Microsoft Corporation McrdSvc.exe 2688 MCRD Device Service Microsoft Corporation wmpnetwk.exe 3348 Windows Media Player Network Sharing Service Microsoft Corporation dllhost.exe 2428 COM Surrogate Microsoft Corporation fsdfwd.exe 2404 F-Secure Internet Shield daemon F-Secure Corporation fsorsp.exe 2776 F-Secure ORSP Service F-Secure Corporation alg.exe 3756 Application Layer Gateway Service Microsoft Corporation lsass.exe 820 LSA Shell (Export Version) Microsoft Corporationexplorer.exe 1816 Windows Explorer Microsoft Corporation ehtray.exe 164 Media Center Tray Applet Microsoft Corporation sstray.exe 208 NVIDIA nForce Taskbar Application NVIDIA Corporation FSM32.EXE 220 F-Secure Settings and Statistics F-Secure Corporation rundll32.exe 260 Run a DLL as an App Microsoft Corporation jusched.exe 280 Java Platform SE binary Sun Microsystems, Inc. ctfmon.exe 304 CTF Loader Microsoft Corporation firefox.exe 1804 Firefox Mozilla Corporation WinRAR.exe 3176 WinRAR archiver Alexander Roshal procexp.exe 1200 1.52 Sysinternals Process Explorer Sysinternals - www.sysinternals.com uTorrent.exe 1832 µTorrent BitTorrent, Inc. notepad.exe 2040 Notepad Microsoft CorporationProcess: uTorrent.exe Pid: 1832Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.1.2600.5512adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.1.2600.5512ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.5755ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.2CLBCATQ.DLL Microsoft Corporation 2001.12.4414.700COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.5512comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.2900.5512COMRes.dll Microsoft Corporation 2001.12.4414.700credui.dll Credential Manager User Interface Microsoft Corporation 5.1.2600.5512CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.5512cryptdll.dll Cryptography Manager Microsoft Corporation 5.1.2600.5512ctype.nls DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.5625dot3api.dll 802.3 Autoconfiguration API Microsoft Corporation 5.1.2600.5512dot3dlg.dll 802.3 UI Helper Microsoft Corporation 5.1.2600.5512eappcfg.dll Eap Peer Config Microsoft Corporation 5.1.2600.5512eappprxy.dll Microsoft EAPHost Peer Client DLL Microsoft Corporation 5.1.2600.5512fsgkiapi.dll fsgkiapi F-Secure Corp. 8.80.15211.23872FSLSP.DLL F-Secure Protocol Scanner LSP F-Secure Corporation 2.1.910.0GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.5698hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.1.2600.5512iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.0.6001.18876IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.5512index.dat index.dat index.dat index.dat Iphlpapi.dll IP Helper API Microsoft Corporation 5.1.2600.5512kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.1.2600.5781locale.nls MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.5512MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.5875MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.5512msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.5768msv1_0.dll Microsoft Authentication Package v1.0 Microsoft Corporation 5.1.2600.5876MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.2.3104.0msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.5512mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.1.2600.5625netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.5694netshell.dll Network Connections Shell Microsoft Corporation 5.1.2600.5512Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.0.5441.0ntdll.dll NT Layer DLL Microsoft Corporation 5.1.2600.5755ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.5512oleaut32.dll Microsoft Corporation 5.1.2600.5512OneX.DLL IEEE 802.1X supplicant library Microsoft Corporation 5.1.2600.5512rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.5512RASAPI32.dll Remote Access API Microsoft Corporation 5.1.2600.5512rasman.dll Remote Access Connection Manager Microsoft Corporation 5.1.2600.5512RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.5795rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.5507rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.5512SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.5512Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.5834sensapi.dll SENS Connectivity API DLL Microsoft Corporation 5.1.2600.5512SETUPAPI.dll Windows Setup API Microsoft Corporation 5.1.2600.5512SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.2900.5622shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.5512SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.5912sortkey.nls sorttbls.nls TAPI32.dll Microsoft® Windows Telephony API Client DLL Microsoft Corporation 5.1.2600.5512unicode.nls urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 8.0.6001.18876USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.5512USERENV.dll Userenv Microsoft Corporation 5.1.2600.5512uTorrent.exe µTorrent BitTorrent, Inc. 2.0.0.18488uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.5512VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.5512wininet.dll Internet Extensions for Win32 Microsoft Corporation 8.0.6001.18876WINMM.dll MCI API DLL Microsoft Corporation 5.1.2600.5512WINSTA.dll Winstation Library Microsoft Corporation 5.1.2600.5512WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.5512WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.5512WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.5512wship6.dll IPv6 Helper DLL Microsoft Corporation 5.1.2600.5512wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.5512WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.1.2600.5512xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.1.2600.5512 Link to comment Share on other sites More sharing options...
moogly Posted March 11, 2010 Report Share Posted March 11, 2010 @jarsonic:Can you try to run µT with ObjectDock uninstalled? (because DockShellHook.dll is injected into µT).@dvs_link:It's F-Secure the culprit, known issue with this firewall (search on the boards)fsgkiapi.dll fsgkiapi F-Secure Corp. 8.80.15211.23872FSLSP.DLL F-Secure Protocol Scanner LSP F-Secure Corporation 2.1.910.0Try to set F-Secure to exclude utorrent.exe or use a better firewall like Comodo.http://www.matousec.com/projects/proactive-security-challenge/ Link to comment Share on other sites More sharing options...
copelia Posted March 11, 2010 Report Share Posted March 11, 2010 Hi, I've got the same problem:Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 7:55:57 AM, on 12/03/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18882)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeC:\Windows\RtHDVCpl.exeC:\Program Files\ASUS\ATK Media\DMedia.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\ASUS\EZVCR\Agent.exeC:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exeC:\Program Files\SMSTray.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\AVG\AVG8\avgtray.exeC:\Program Files\Microsoft LifeChat\LifeChat.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exeC:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\Windows\System32\rundll32.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Skype\Plugin Manager\skypePM.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Program Files\Windows Live\Toolbar\wltuser.exeC:\Program Files\Windows Live\Contacts\wlcomm.exeC:\Windows\system32\Macromed\Flash\FlashUtil10e.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Skype\Toolbars\Shared\SkypeNames.exeC:\Program Files\TrendMicro\HiJackThis\HiJackThis.exeC:\Windows\system32\SearchProtocolHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iinet.net.au/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dllO1 - Hosts: ::1 localhostO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXEO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [EzAgent] C:\Program Files\ASUS\EZVCR\Agent.exeO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exeO4 - HKLM\..\Run: [sMSTray] C:\Program Files\SMSTray.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStartO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenterO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\Windows\TEMP\E_SC84E.tmp" /EF "HKCU"O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: McAfee Security Scan Plus.lnk = ?O4 - Global Startup: MultiFrame.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.htmlO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO13 - Gopher Prefix: O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://remotecontrol.trendmicro.com/sdccommon/download/tgctlcm.cabO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/VistaMSNPUplden-au.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cabO16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - AppInit_DLLs: avgrsstx.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dllO23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exeO23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: Google Update Service (gupdate1ca9496e5e2b172) (gupdate1ca9496e5e2b172) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exeO23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exeO23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exeO23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exeO23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exeO23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exeO23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe--End of file - 12253 bytes Link to comment Share on other sites More sharing options...
DreadWingKnight Posted March 11, 2010 Report Share Posted March 11, 2010 missing process explorer process list with the dll list for the utorrent.exe process. Link to comment Share on other sites More sharing options...
moogly Posted March 11, 2010 Report Share Posted March 11, 2010 @copelia: probably SonicStage, read this post.http://forum.utorrent.com/viewtopic.php?pid=442595#p442595Anyway post Process Explorer log when µT is running. Link to comment Share on other sites More sharing options...
copelia Posted March 12, 2010 Report Share Posted March 12, 2010 Thanks guys,I've unistalled sonicstage.Here is the new log:Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 9:42:43 AM, on 13/03/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18882)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeC:\Windows\RtHDVCpl.exeC:\Program Files\ASUS\ATK Media\DMedia.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\ASUS\EZVCR\Agent.exeC:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exeC:\Program Files\SMSTray.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\AVG\AVG8\avgtray.exeC:\Program Files\Microsoft LifeChat\LifeChat.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Windows\System32\rundll32.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exeC:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\Windows\ehome\ehmsas.exeC:\Program Files\Skype\Plugin Manager\skypePM.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Program Files\Windows Live\Toolbar\wltuser.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\TrendMicro\HiJackThis\HiJackThis.exeC:\Windows\system32\wuauclt.exeC:\Windows\system32\Macromed\Flash\FlashUtil10e.exeC:\Program Files\Skype\Toolbars\Shared\SkypeNames.exeO23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv Link to comment Share on other sites More sharing options...
moogly Posted March 13, 2010 Report Share Posted March 13, 2010 Ok, but is the issue fixed with SonicStage uninstalled??? Link to comment Share on other sites More sharing options...
copelia Posted March 13, 2010 Report Share Posted March 13, 2010 No, it still frozes my computer everytime I have utorrent on.... Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 3:08:26 PM, on 13/03/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18882)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeC:\Windows\RtHDVCpl.exeC:\Program Files\ASUS\ATK Media\DMedia.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\ASUS\EZVCR\Agent.exeC:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exeC:\Program Files\SMSTray.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\AVG\AVG8\avgtray.exeC:\Program Files\Microsoft LifeChat\LifeChat.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Windows\System32\rundll32.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exeC:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Program Files\Windows Live\Toolbar\wltuser.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Skype\Plugin Manager\skypePM.exeC:\Program Files\Skype\Toolbars\Shared\SkypeNames.exeC:\Windows\system32\Macromed\Flash\FlashUtil10e.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\TrendMicro\HiJackThis\HiJackThis.exeC:\Windows\system32\SearchProtocolHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iinet.net.au/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dllO1 - Hosts: ::1 localhostO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXEO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [EzAgent] C:\Program Files\ASUS\EZVCR\Agent.exeO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exeO4 - HKLM\..\Run: [sMSTray] C:\Program Files\SMSTray.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStartO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenterO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\Windows\TEMP\E_SC84E.tmp" /EF "HKCU"O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: McAfee Security Scan Plus.lnk = ?O4 - Global Startup: MultiFrame.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.htmlO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO13 - Gopher Prefix: O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://remotecontrol.trendmicro.com/sdccommon/download/tgctlcm.cabO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/VistaMSNPUplden-au.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cabO16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - AppInit_DLLs: avgrsstx.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dllO23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exeO23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: Google Update Service (gupdate1ca9496e5e2b172) (gupdate1ca9496e5e2b172) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exeO23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exeO23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exeO23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exeO23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv. Link to comment Share on other sites More sharing options...
moogly Posted March 13, 2010 Report Share Posted March 13, 2010 copelia, POST Process Explorer log when µT is running.Select utorrent.exe and enable DLL mode (ctrl+D) in PE.Guide: http://forum.utorrent.com/viewtopic.php?id=29748 Link to comment Share on other sites More sharing options...
Zandeg Posted March 13, 2010 Report Share Posted March 13, 2010 I have the same problem. Bittorrent works for some minutes after freezes. I'd try utorrent same thing.When bittorrent freezes my internet connection goes down only if I restart the pc internet the connection come back.Sorry for my english, tnks for you help.Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 12:13:40, on 13/03/2010Platform: Windows 7 x64 (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exeC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exeC:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exeC:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exeK:\Programmi\AVG9\avgtray.exeC:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exec:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exec:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exeM:\Programmi\Winamp\winamp.exeK:\Programmi\Mozilla Firefox\firefox.exeK:\Programmi\TrendMicro\HiJackThis\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_IT&c=94&bd=Pavilion&pf=cndtR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fiorentina.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_IT&c=94&bd=Pavilion&pf=cndtR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_IT&c=94&bd=Pavilion&pf=cndtR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - K:\Programmi\AVG9\avgssie.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exeO4 - HKLM\..\Run: [bATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exeO4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exeO4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exeO4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"O4 - HKLM\..\Run: [AVG9_TRAY] K:\PROGRA~1\AVG9\avgtray.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')O10 - Unknown file in Winsock LSP: c:\windows\system32\pcproxy.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\pcproxy.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\pcproxy.dllO13 - Gopher Prefix: O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - K:\Programmi\AVG9\avgpp.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AmplusnetPrivacyTools - Unknown owner - C:\Windows\SysWOW64\AmplusnetPrivacyTools.exeO23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - K:\Programmi\AVG9\avgemc.exeO23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - K:\Programmi\AVG9\avgwdsvc.exeO23 - Service: BlackfishSQL - CodeGear - K:\Programmi\RAD Studio\7.0\bin\BSQLServer.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exeO23 - Service: InterBase 2009 Guardian gds_db (IBG_gds_db) - Embarcadero Technologies, Inc. - K:\Programmi\CodeGear\InterBase\bin\ibguard.exeO23 - Service: InterBase 2009 Server gds_db (IBS_gds_db) - Embarcadero Technologies, Inc. - K:\Programmi\CodeGear\InterBase\bin\ibserver.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 7808 bytes**************************************************************************************************************Process PID CPU Description Company NameDPCs n/a Deferred Procedure Calls Interrupts n/a 0.19 Hardware Interrupts System Idle Process 0 97.69 System 4 smss.exe 328 Gestione sessioni di Windows Microsoft Corporationcsrss.exe 488 Processo runtime client server Microsoft Corporationwininit.exe 572 Applicazione di avvio di Windows Microsoft Corporationcsrss.exe 596 Processo runtime client server Microsoft Corporationavgchsva.exe 604 AVG Cache Server AVG Technologies CZ, s.r.o.avgrsa.exe 612 AVG Resident Shield Service AVG Technologies CZ, s.r.o.services.exe 652 Applicazione Servizi e Controller Microsoft Corporationlsass.exe 660 Local Security Authority Process Microsoft Corporationlsm.exe 668 Servizio Gestione sessioni locali Microsoft Corporationavgcsrva.exe 720 0.19 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.winlogon.exe 792 Applicazione Accesso a Windows Microsoft Corporationsvchost.exe 1040 Processo host per servizi di Windows Microsoft Corporationnvvsvc.exe 1104 NVIDIA Driver Helper Service, Version 186.27 NVIDIA Corporationsvchost.exe 1148 Processo host per servizi di Windows Microsoft Corporationsvchost.exe 1232 Processo host per servizi di Windows Microsoft Corporationsvchost.exe 1292 Processo host per servizi di Windows Microsoft Corporationsvchost.exe 1320 Processo host per servizi di Windows Microsoft Corporationavgcsrvx.exe 1388 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.svchost.exe 1772 Processo host per servizi di Windows Microsoft Corporationspoolsv.exe 1796 Applicazione sottosistema spooler Microsoft Corporationnvvsvc.exe 1876 NVIDIA Driver Helper Service, Version 186.27 NVIDIA Corporationsvchost.exe 1896 Processo host per servizi di Windows Microsoft Corporationsvchost.exe 1920 Processo host per servizi di Windows Microsoft Corporationavgwdsvc.exe 2132 AVG Watchdog Service AVG Technologies CZ, s.r.o.dwm.exe 2212 Gestione finestre desktop Microsoft Corporationtaskhost.exe 2256 Processo host per attivit di Windows Microsoft Corporationprocexp64.exe 2264 Sysinternals Process Explorer Sysinternals - www.sysinternals.comBSQLServer.exe 2344 BlackfishSQL Server Launcher CodeGearexplorer.exe 2352 Esplora risorse Microsoft Corporationavgnsa.exe 2452 AVG Network scanner Service AVG Technologies CZ, s.r.o.taskeng.exe 2500 Modulo di gestione dell'Utilit di pianificazione Microsoft CorporationModLEDKey.exe 2564 Monitor LED Key svchost.exe 2804 Processo host per servizi di Windows Microsoft Corporationwmpnetwk.exe 2892 Servizio di condivisione in rete Windows Media Player Microsoft CorporationLSSrvc.exe 2908 LightScribe Service Hewlett-Packard Companysvchost.exe 2968 Processo host per servizi di Windows Microsoft CorporationIAANTmon.exe 2992 RAID Monitor Intel Corporationavgemc.exe 3024 AVG E-Mail Scanner AVG Technologies CZ, s.r.o.IAAnotif.exe 3360 Event Monitor User Notification Tool Intel CorporationSmartMenu.exe 3368 SmartMenu hpsysdrv.exe 3436 hpsysdrv Hewlett-PackardBATINDICATOR.exe 3636 HP BATTERY INDICATOR Hewlett-PackardSearchProtocolHost.exe 3676 Microsoft Windows Search Protocol Host Microsoft CorporationWUDFHost.exe 3720 Windows Driver Foundation - Processo host Framework driver modalit utente Microsoft CorporationHP_Remote_Solution.exe 3748 HP Remote Solution hpwuschd2.exe 3756 hpwuSchd Application Hewlett-Packardavgtray.exe 3772 AVG Tray Monitor AVG Technologies CZ, s.r.o.SearchIndexer.exe 4048 Microsoft Windows Search Indexer Microsoft CorporationCNYHKEY.exe 4108 HP LED INDICATOR Hewlett-Packardsvchost.exe 4156 Processo host per servizi di Windows Microsoft Corporationbittorrent.exe 4528 BitTorrent BitTorrent, Inc.CLMLSvc.exe 4644 CyberLink MediaLibray Service CyberLinkDVDAgent.exe 4652 HP DVDSmart Resident Program CyberLink Corp.winamp.exe 4800 Winamp Nullsoft, Inc.firefox.exe 4868 Firefox Mozilla CorporationAmplusnetPrivacyTools.exe 5060 PCProxy Module SearchFilterHost.exe 5168 Microsoft Windows Search Filter Host Microsoft Corporationprocexp.exe 6936 Sysinternals Process Explorer Sysinternals - www.sysinternals.comaudiodg.exe 7048 1.34 Isolamento grafico dispositivo audio Windows Microsoft CorporationProcess: bittorrent.exe Pid: 4528Name Description Company Name VersionADVAPI32.dll API Windows 32 Base avanzato Microsoft Corporation 6.1.7600.16385ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.0bittorrent.exe BitTorrent BitTorrent, Inc. 6.4.0.18095CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.8530.16385COMCTL32.dll Libreria di controlli per le azioni dell'utente Microsoft Corporation 6.10.7600.16385comdlg32.dll DLL delle finestre di dialogo comuni Microsoft Corporation 6.1.7600.16385credssp.dll Credential Delegation Security Package Microsoft Corporation 6.1.7600.16385CRYPT32.dll Crypto API32 Microsoft Corporation 6.1.7600.16385CRYPTBASE.dll Base cryptographic API DLL Microsoft Corporation 6.1.7600.16385CRYPTSP.dll Cryptographic Service Provider API Microsoft Corporation 6.1.7600.16385dhcpcsvc.DLL Servizio Client DHCP Microsoft Corporation 6.1.7600.16385dhcpcsvc6.DLL Client DHCPv6 Microsoft Corporation 6.1.7600.16385DnsApi.dll DLL API client DNS Microsoft Corporation 6.1.7600.16385dwmapi.dll API di Gestione finestre desktop Microsoft Microsoft Corporation 6.1.7600.16385FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.1.7600.16385fwpuclnt.dll API modalit utente FWP/IPsec Microsoft Corporation 6.1.7600.16385GDI32.dll GDI Client DLL Microsoft Corporation 6.1.7600.16385GPAPI.dll API client Criteri di gruppo Microsoft Corporation 6.1.7600.16385hnetcfg.dll Gestione configurazione della rete domestica Microsoft Corporation 6.1.7600.16385iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.0.7600.16385IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.1.7600.16385iphlpapi.dll API helper IP Microsoft Corporation 6.1.7600.16385kernel32.dll DLL client di Windows NT BASE API Microsoft Corporation 6.1.7600.16385KERNELBASE.dll DLL client di Windows NT BASE API Microsoft Corporation 6.1.7600.16385KernelBase.dll.mui DLL client di Windows NT BASE API Microsoft Corporation 6.1.7600.16385locale.nls LPK.dll Language Pack Microsoft Corporation 6.1.7600.16385MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.1.7600.16415MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.1.7600.16385msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.7600.16385MSWSOCK.dll Service Provider Microsoft Windows Sockets 2.0 Microsoft Corporation 6.1.7600.16385msxml3.dll MSXML 3.0 SP11 Microsoft Corporation 8.110.7600.16385msxml3r.dll XML Resources Microsoft Corporation 8.110.7600.16385netshell.dll Shell connessioni di rete Microsoft Corporation 6.1.7600.16385netutils.dll Net Win32 API Helpers DLL Microsoft Corporation 6.1.7600.16385nlaapi.dll Network Location Awareness 2 Microsoft Corporation 6.1.7600.16385npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.1.7600.16385NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.1.7600.16385ntdll.dll DLL del livello NT Microsoft Corporation 6.1.7600.16385ntdll.dll DLL del livello NT Microsoft Corporation 6.1.7600.16385ntmarta.dll Provider MARTA per Windows NT Microsoft Corporation 6.1.7600.16385ole32.dll Microsoft OLE per Windows Microsoft Corporation 6.1.7600.16385oleaut32.dll Microsoft Corporation 6.1.7600.16385PCProxy.dll profapi.dll User Profile Basic API Microsoft Corporation 6.1.7600.16385rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.1.7600.16385RPCRT4.dll Runtime RPC (Remote Procedure Call) Microsoft Corporation 6.1.7600.16385RpcRtRemote.dll Remote RPC Extension Microsoft Corporation 6.1.7600.16385rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.1.7600.16385sechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation 6.1.7600.16385SHELL32.dll DLL comune della shell di Windows Microsoft Corporation 6.1.7600.16385shfolder.dll Shell Folder Service Microsoft Corporation 6.1.7600.16385SHLWAPI.dll Libreria leggera di utilit per la shell Microsoft Corporation 6.1.7600.16385slc.dll DLL del Servizio gestione licenze software Microsoft Corporation 6.1.7600.16385SortDefault.nls SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.1.7600.16385SspiCli.dll Security Support Provider Interface Microsoft Corporation 6.1.7600.16385StaticCache.dat SXS.DLL Fusion 2.5 Microsoft Corporation 6.1.7600.16385upnp.dll API UPnP Control Point Microsoft Corporation 6.1.7600.16385urlmon.dll Estensioni OLE32 per Win32 Microsoft Corporation 8.0.7600.16490USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.1.7600.16385USERENV.dll Userenv Microsoft Corporation 6.1.7600.16385USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.7600.16385uxtheme.dll Libreria UxTheme di Microsoft Microsoft Corporation 6.1.7600.16385VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.1.7600.16385webio.dll API protocolli di trasferimento Web Microsoft Corporation 6.1.7600.16385WINHTTP.dll Servizi HTTP Windows Microsoft Corporation 6.1.7600.16385WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.1.7600.16385wkscli.dll Workstation Service Client DLL Microsoft Corporation 6.1.7600.16385WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.1.7600.16385wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.1.7600.16491wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.1.7600.16385wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.1.7600.16385WS2_32.dll DLL a 32 bit di Windows Socket 2.0 Microsoft Corporation 6.1.7600.16385wship6.dll DLL helper Winsock2 (TL/IPv6) Microsoft Corporation 6.1.7600.16385wshtcpip.dll DLL helper Winsock2 (TL/IPv4) Microsoft Corporation 6.1.7600.16385 Link to comment Share on other sites More sharing options...
moogly Posted March 13, 2010 Report Share Posted March 13, 2010 pcproxy.dllIt's injected into µT. Is a DLL from Microsoft Exchange? Can you try to run µT with this program uninstalled? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.