Edo1952 Posted August 28, 2010 Report Share Posted August 28, 2010 I'm new to the Forum, so I'd like to start by saying Hello, nice to be here.I have had a working 1.7 version of u Torrent for the past 6 months.Yesterday when I received the notice to update to 2.0 I did and nowu Torrent does not work at all: the program does not open when I click on itand in about a minute after that I get a Win message that says :It seems like u Torrent is running (however the WinTask Manager does not show the application)but not responding Please close all uTorrent processes and try again.I try to close the process from Task Manager, however when choose End Processit doesn't....and If I close Internet ( I run Mozilla) I cannot open that program as well: the only way is toreboot computer. u Torrent does not start after the reboot: Mozilla/Internet does. I have removed u Torrent several times, and downloaded the exe from your site howeverI'm getting the same result ..... ( what can I do to fix this ?Many ThanksEdo1952 Link to comment Share on other sites More sharing options...
paintball9 Posted August 28, 2010 Report Share Posted August 28, 2010 What OS are you running? Windows 2000? Link to comment Share on other sites More sharing options...
Edo1952 Posted August 28, 2010 Author Report Share Posted August 28, 2010 What OS are you running? Windows 2000?Thanks ...I will read up on it some more.Here are my specs (sorry I should have posted them with my previous message)Windows XP Home EditionBuild 2600.xpsp_sp3_gdr.090804-1435(Service Pack3)...just a novice when it comes to computer language and what it does,going to read more about it.Thanks again Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 28, 2010 Report Share Posted August 28, 2010 http://forum.utorrent.com/viewtopic.php?id=29748Both logs from this guide please Link to comment Share on other sites More sharing options...
Edo1952 Posted August 29, 2010 Author Report Share Posted August 29, 2010 http://forum.utorrent.com/viewtopic.php?id=29748Both logs from this guide pleaseWill do Mr Knight...Thanks Link to comment Share on other sites More sharing options...
Edo1952 Posted August 29, 2010 Author Report Share Posted August 29, 2010 http://forum.utorrent.com/viewtopic.php?id=29748Both logs from this guide pleaseWill do Mr Knight...ThanksHello Mr Knight :I have a zip file for You at Uploading.com It contains the scans You asked for and one more I got from my Internet Security Provider(its in its own Zip file)file ref below:<a href="http://uploading.com/files/99b443fd/Edo1952.zip/">Download Edo1952.zip for free on uploading.com</a>I used this in the past and should work.I run a virus/spyware scan and cleaned up all with Malwarebytes....My own Security Providerscan engine is not showing up when I click to Run Virus Scan...it seems that some of the programs are 'ghost' programs now: if you pardon the pun...they show as 'running' in the Win XP Task Manager but not 'working' : I have no access to them. ...is it time for a sytem format ??? aaaaaarghhhh !! Thanks Again for Your Help in this matter Edo1952 Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 29, 2010 Report Share Posted August 29, 2010 Please paste the logs directly into the thread. Link to comment Share on other sites More sharing options...
Edo1952 Posted August 29, 2010 Author Report Share Posted August 29, 2010 Please paste the logs directly into the thread.Here we go. The Security File is too complex to paste here. Let Me know if You need itas well: I will need an e-mail to send it to.Thanks for Your HelpProceXPProcess PID CPU Private Bytes Working Set Description Company NameSystem Idle Process 0 96.92 0 K 16 K Interrupts n/a 0 K 0 K Hardware Interrupts DPCs n/a 0 K 0 K Deferred Procedure Calls System 4 0 K 228 K smss.exe 464 172 K 408 K Windows NT Session Manager Microsoft Corporation csrss.exe 528 1,916 K 4,000 K Client Server Runtime Process Microsoft Corporation winlogon.exe 552 6,720 K 4,180 K Windows NT Logon Application Microsoft Corporation services.exe 596 1,916 K 4,812 K Services and Controller app Microsoft Corporation nvsvc32.exe 768 4,496 K 6,280 K NVIDIA Driver Helper Service, Version 258.96 NVIDIA Corporation svchost.exe 852 2,980 K 4,868 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 912 1,960 K 4,596 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 976 20,468 K 30,680 K Generic Host Process for Win32 Services Microsoft Corporation wuauclt.exe 3656 2,200 K 4,248 K Windows Update Microsoft Corporation svchost.exe 1016 2,308 K 3,360 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1144 1,484 K 3,784 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1268 1,072 K 2,976 K Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1472 3,364 K 5,248 K Spooler SubSystem App Microsoft Corporation svchost.exe 200 1,180 K 3,432 K Generic Host Process for Win32 Services Microsoft Corporation AppleMobileDeviceService.exe 232 2,420 K 3,416 K Apple Mobile Device Service Apple Inc. mDNSResponder.exe 252 1,752 K 4,420 K Bonjour Service Apple Inc. fsgk32st.exe 340 328 K 396 K F-Secure Anti-Virus Scanning Service F-Secure Corporation fsgk32.exe 372 6,492 K 3,604 K Gatekeeper Handler II F-Secure Corporation fssm32.exe 2588 76,852 K 62,364 K F-Secure Scanner Manager F-Secure Corporation fsav32.exe 3476 2,468 K 2,212 K FSAV Handler F-Secure Corporation FSMA32.EXE 360 820 K 924 K F-Secure Management Agent F-Secure Corporation FSHDLL32.EXE 516 9,876 K 5,312 K F-Secure DLL Hosting Plugin F-Secure Corporation jqs.exe 960 2,748 K 1,452 K Java Quick Starter Service Sun Microsystems, Inc. McciCMService.exe 1080 2,372 K 4,512 K mcci+McciCMService Motive Communications, Inc. nHancerService.exe 1760 10,152 K 6,980 K nHancerService KSE - Korndörfer Software Engineering HPZipm12.exe 1940 972 K 2,368 K PML Driver HP svchost.exe 2052 2,364 K 4,164 K Generic Host Process for Win32 Services Microsoft Corporation iPodService.exe 2380 2,888 K 4,644 K iPodService Module (32-bit) Apple Inc. fsdfwd.exe 2552 5,800 K 1,332 K F-Secure Internet Shield daemon F-Secure Corporation fsorsp.exe 2664 3,200 K 1,532 K F-Secure ORSP Service F-Secure Corporation alg.exe 2740 1,740 K 4,280 K Application Layer Gateway Service Microsoft Corporation lsass.exe 608 4,416 K 1,352 K LSA Shell (Export Version) Microsoft Corporationexplorer.exe 1416 25,292 K 6,756 K Windows Explorer Microsoft Corporation StartFX.exe 1612 12,920 K 9,768 K Start Advanced Video FX Engine Application Creative Technology Ltd. iTunesHelper.exe 1620 10,212 K 14,172 K iTunesHelper Apple Inc. rundll32.exe 1648 4,200 K 5,628 K Run a DLL as an App Microsoft Corporation ctfmon.exe 1748 1,008 K 3,808 K CTF Loader Microsoft Corporation fscuif.exe 3196 19,464 K 6,840 K F-Secure Common User Interface Framework F-Secure Corporation firefox.exe 3256 64,760 K 80,652 K Firefox Mozilla Corporation WINZIP32.EXE 2112 4,924 K 816 K WinZip WinZip Computing, Inc. procexp.exe 2572 3.08 12,968 K 17,624 K Sysinternals Process Explorer Sysinternals - www.sysinternals.comHijackThis:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 8:30:19 PM, on 28/08/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16981)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exeC:\Program Files\Shaw Secure\Common\FSMA32.EXEC:\Program Files\Shaw Secure\Anti-Virus\FSGK32.EXEC:\Program Files\Shaw Secure\Common\FSHDLL32.EXEC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Motive\McciCMService.exeC:\Program Files\nHancer\nHancerService.exeC:\WINDOWS\System32\HPZipm12.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exeC:\Program Files\Shaw Secure\Anti-Virus\fssm32.exeC:\Program Files\Shaw Secure\FSGUI\fscuif.exeC:\Program Files\Shaw Secure\Anti-Virus\fsav32.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\PROGRA~1\WINZIP\winzip32.exeC:\WINDOWS\System32\msiexec.exeC:\Program Files\Trend Micro\HiJackThis\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.localR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dllO2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dllO4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Shaw Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquietO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKCU\..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [FFTI] C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\kx9prwmn.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [FFTI] C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\kx9prwmn.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Download with Download Accelerator! - C:\Program Files\Download Accelerator\DownloadAccelerator.htmO8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htmO8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htmO9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dllO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169263600093O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by112fd.bay112.hotmail.msn.com/activex/HMAtchmt.ocxO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cabO18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)O18 - Protocol: intu-qt2008 - {05E53CE9-66C8-4A9E-A99F-FDB7A8E7B596} - (no file)O18 - Protocol: intu-qt2009 - {03947252-2355-4E9B-B446-8CCC75C43370} - (no file)O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dllO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exeO23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Shaw Secure\Common\FSMA32.EXEO23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exeO23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exeO23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exeO23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe--End of file - 10533 bytes Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 29, 2010 Report Share Posted August 29, 2010 missing the dll list for the utorrent.exe process. Link to comment Share on other sites More sharing options...
Edo1952 Posted August 30, 2010 Author Report Share Posted August 30, 2010 missing the dll list for the utorrent.exe process.That's my problem ? I'm missing a dll list for the utorrent exe process....I can't see how that could have happened...I only choose to run new utorrent.exe andthat's when I started having trouble with some programs ...I will try to remove the files, and try again this time I'll temporarily shut down the firewall andantivirus...if I get the thing working again I'll send the scans again....very perplexed ?? Link to comment Share on other sites More sharing options...
Edo1952 Posted August 30, 2010 Author Report Share Posted August 30, 2010 missing the dll list for the utorrent.exe process.Hello Mr Knight,this is what I did so far...sadly without getting uTorrent to work....sob !I run a virus scan with Malwarebytes and cleaned out the systemI re-started the computer.I run a internet virus scan through my provider : SHAW (I live in Canada)I have a clean system....but it could be still screwed up....but where??I un-installed uTorrent, and restarted the computer.I downloaded uTorrent.exe form utorrent.com.I do not shut down FirewallI open exe and re-start the computer.I do scans: Procexp and HijackthisI click on uTorrent , nothing happens:I click on torrent file to open: nothing happens:30 sec later or so I get message that uTorrent is already running but not working.I lose Internet connection.I check scans I restart computerthis is the Procexp scanProcess PID CPU Private Bytes Working Set Description Company NameSystem Idle Process 0 96.92 0 K 16 K Interrupts n/a 0 K 0 K Hardware Interrupts DPCs n/a 1.54 0 K 0 K Deferred Procedure Calls System 4 0 K 228 K smss.exe 460 172 K 408 K Windows NT Session Manager Microsoft Corporation csrss.exe 524 1,852 K 4,444 K Client Server Runtime Process Microsoft Corporation winlogon.exe 548 6,692 K 4,460 K Windows NT Logon Application Microsoft Corporation services.exe 592 1,896 K 3,716 K Services and Controller app Microsoft Corporation nvsvc32.exe 764 4,488 K 6,264 K NVIDIA Driver Helper Service, Version 258.96 NVIDIA Corporation svchost.exe 848 2,988 K 4,852 K Generic Host Process for Win32 Services Microsoft Corporation wmiprvse.exe 408 1,940 K 5,200 K WMI Microsoft Corporation svchost.exe 904 2,080 K 4,704 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 976 15,808 K 25,744 K Generic Host Process for Win32 Services Microsoft Corporation wmiadap.exe 2372 4,652 K 7,380 K WMI Microsoft Corporation svchost.exe 1012 2,308 K 3,324 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1136 1,496 K 3,792 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1284 1,156 K 3,288 K Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1492 3,360 K 5,232 K Spooler SubSystem App Microsoft Corporation svchost.exe 2000 1,184 K 3,432 K Generic Host Process for Win32 Services Microsoft Corporation AppleMobileDeviceService.exe 2036 2,420 K 3,420 K Apple Mobile Device Service Apple Inc. mDNSResponder.exe 124 1,748 K 4,416 K Bonjour Service Apple Inc. fsgk32st.exe 308 328 K 396 K F-Secure Anti-Virus Scanning Service F-Secure Corporation fsgk32.exe 332 6,956 K 1,988 K Gatekeeper Handler II F-Secure Corporation fssm32.exe 2464 96,164 K 94,708 K F-Secure Scanner Manager F-Secure Corporation fsav32.exe 3224 2,864 K 2,240 K FSAV Handler F-Secure Corporation FSMA32.EXE 324 820 K 940 K F-Secure Management Agent F-Secure Corporation FSHDLL32.EXE 476 9,912 K 4,388 K F-Secure DLL Hosting Plugin F-Secure Corporation jqs.exe 420 2,760 K 1,424 K Java Quick Starter Service Sun Microsystems, Inc. McciCMService.exe 716 2,376 K 4,512 K mcci+McciCMService Motive Communications, Inc. nHancerService.exe 1364 10,100 K 7,756 K nHancerService KSE - Korndörfer Software Engineering HPZipm12.exe 1332 976 K 2,372 K PML Driver HP svchost.exe 1844 2,432 K 4,284 K Generic Host Process for Win32 Services Microsoft Corporation iPodService.exe 2268 2,888 K 4,636 K iPodService Module (32-bit) Apple Inc. fsdfwd.exe 2384 5,844 K 2,276 K F-Secure Internet Shield daemon F-Secure Corporation fsorsp.exe 2764 3,224 K 864 K F-Secure ORSP Service F-Secure Corporation alg.exe 2952 1,716 K 4,264 K Application Layer Gateway Service Microsoft Corporation msiexec.exe 3644 8,108 K 12,944 K Windows® installer Microsoft Corporation mscorsvw.exe 3932 1,768 K 4,512 K .NET Runtime Optimization Service Microsoft Corporation lsass.exe 604 4,364 K 700 K LSA Shell (Export Version) Microsoft Corporationexplorer.exe 1404 31,276 K 38,484 K Windows Explorer Microsoft Corporation StartFX.exe 1576 12,916 K 9,760 K Start Advanced Video FX Engine Application Creative Technology Ltd. iTunesHelper.exe 1584 10,204 K 14,220 K iTunesHelper Apple Inc. rundll32.exe 1604 4,192 K 5,600 K Run a DLL as an App Microsoft Corporation ctfmon.exe 1684 1,012 K 3,876 K CTF Loader Microsoft Corporation utorrent.exe 3996 6,772 K 13,648 K µTorrent BitTorrent, Inc. uTorrent.exe 3000 4,692 K 8,756 K µTorrent BitTorrent, Inc. procexp.exe 3912 1.54 13,652 K 18,244 K Sysinternals Process Explorer Sysinternals - www.sysinternals.comfirefox.exe 3816 104,348 K 93,184 K Firefox Mozilla Corporationthis is the Hijackthis scanLogfile of Trend Micro HijackThis v2.0.4Scan saved at 11:09:25 PM, on 29/08/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16981)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exeC:\Program Files\Shaw Secure\Common\FSMA32.EXEC:\Program Files\Shaw Secure\Anti-Virus\FSGK32.EXEC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Shaw Secure\Common\FSHDLL32.EXEC:\Program Files\Common Files\Motive\McciCMService.exeC:\Program Files\nHancer\nHancerService.exeC:\WINDOWS\System32\HPZipm12.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exeC:\Program Files\Shaw Secure\Anti-Virus\fssm32.exeC:\Program Files\Shaw Secure\Anti-Virus\fsav32.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Edo\Desktop\utorrent.exeC:\Program Files\uTorrent\uTorrent.exeC:\WINDOWS\System32\msiexec.exeC:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXEC:\Program Files\Trend Micro\HiJackThis\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.localR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dllO2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dllO4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Shaw Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquietO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKCU\..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [FFTI] C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\kx9prwmn.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [FFTI] C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\kx9prwmn.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Download with Download Accelerator! - C:\Program Files\Download Accelerator\DownloadAccelerator.htmO8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htmO8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htmO9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dllO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169263600093O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by112fd.bay112.hotmail.msn.com/activex/HMAtchmt.ocxO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cabO18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)O18 - Protocol: intu-qt2008 - {05E53CE9-66C8-4A9E-A99F-FDB7A8E7B596} - (no file)O18 - Protocol: intu-qt2009 - {03947252-2355-4E9B-B446-8CCC75C43370} - (no file)O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dllO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exeO23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Shaw Secure\Common\FSMA32.EXEO23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exeO23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exeO23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exeO23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe--End of file - 10586 bytes.....??? no sign of uTorrent dlls/list anywere....like the program is not even registeredor is in stealth mode or something....I run procedure same as abovehowever this time I shut down Firewall b4 downloading uTorrent.exeI keep Win Firewall off until exe has finished dowloadingI run scans:Process PID CPU Private Bytes Working Set Description Company NameSystem Idle Process 0 81.54 0 K 16 K Interrupts n/a 0 K 0 K Hardware Interrupts DPCs n/a 0 K 0 K Deferred Procedure Calls System 4 0 K 228 K smss.exe 464 172 K 408 K Windows NT Session Manager Microsoft Corporation csrss.exe 524 1,884 K 4,024 K Client Server Runtime Process Microsoft Corporation winlogon.exe 552 6,720 K 5,028 K Windows NT Logon Application Microsoft Corporation services.exe 596 7.69 1,892 K 4,776 K Services and Controller app Microsoft Corporation nvsvc32.exe 760 4,496 K 6,256 K NVIDIA Driver Helper Service, Version 258.96 NVIDIA Corporation svchost.exe 852 2,996 K 4,828 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 912 1,984 K 4,596 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 980 16,312 K 25,680 K Generic Host Process for Win32 Services Microsoft Corporation wuauclt.exe 800 6,372 K 6,748 K Windows Update Microsoft Corporation wscntfy.exe 3892 596 K 2,628 K Windows Security Center Notification App Microsoft Corporation svchost.exe 1064 2,308 K 3,328 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1328 1,460 K 3,752 K Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1400 1,072 K 2,976 K Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1488 3,400 K 5,256 K Spooler SubSystem App Microsoft Corporation svchost.exe 2020 1,208 K 3,444 K Generic Host Process for Win32 Services Microsoft Corporation AppleMobileDeviceService.exe 132 2,428 K 3,436 K Apple Mobile Device Service Apple Inc. mDNSResponder.exe 168 1,748 K 4,416 K Bonjour Service Apple Inc. mscorsvw.exe 164 1,716 K 3,784 K .NET Runtime Optimization Service Microsoft Corporation fsgk32st.exe 200 328 K 400 K F-Secure Anti-Virus Scanning Service F-Secure Corporation fsgk32.exe 364 6,092 K 2,340 K Gatekeeper Handler II F-Secure Corporation fssm32.exe 2400 64,632 K 35,836 K F-Secure Scanner Manager F-Secure Corporation fsav32.exe 3304 2,952 K 2,260 K FSAV Handler F-Secure Corporation FSMA32.EXE 356 812 K 956 K F-Secure Management Agent F-Secure Corporation FSHDLL32.EXE 392 9,156 K 4,668 K F-Secure DLL Hosting Plugin F-Secure Corporation jqs.exe 512 2,728 K 1,460 K Java Quick Starter Service Sun Microsystems, Inc. McciCMService.exe 1000 2,384 K 4,520 K mcci+McciCMService Motive Communications, Inc. nHancerService.exe 816 10,104 K 7,760 K nHancerService KSE - Korndörfer Software Engineering HPZipm12.exe 1716 956 K 2,344 K PML Driver HP svchost.exe 1564 3.08 2,468 K 4,448 K Generic Host Process for Win32 Services Microsoft Corporation iPodService.exe 2196 2,864 K 4,616 K iPodService Module (32-bit) Apple Inc. fsdfwd.exe 2340 5,784 K 1,744 K F-Secure Internet Shield daemon F-Secure Corporation fsorsp.exe 2684 3,076 K 396 K F-Secure ORSP Service F-Secure Corporation alg.exe 2940 1,392 K 3,832 K Application Layer Gateway Service Microsoft Corporation lsass.exe 608 3.08 4,404 K 1,892 K LSA Shell (Export Version) Microsoft Corporationexplorer.exe 1256 31,364 K 44,100 K Windows Explorer Microsoft Corporation StartFX.exe 1572 12,912 K 9,760 K Start Advanced Video FX Engine Application Creative Technology Ltd. rundll32.exe 1596 4,192 K 5,604 K Run a DLL as an App Microsoft Corporation ctfmon.exe 1668 1,008 K 3,776 K CTF Loader Microsoft Corporation notepad.exe 4056 1,320 K 708 K Notepad Microsoft Corporation utorrent.exe 1428 6,508 K 13,300 K µTorrent BitTorrent, Inc. uTorrent.exe 1836 4,348 K 8,324 K µTorrent BitTorrent, Inc. procexp.exe 3060 4.62 13,416 K 18,560 K Sysinternals Process Explorer Sysinternals - www.sysinternals.comandLogfile of Trend Micro HijackThis v2.0.4Scan saved at 11:40:01 PM, on 29/08/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16981)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exeC:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exeC:\Program Files\Shaw Secure\Common\FSMA32.EXEC:\Program Files\Shaw Secure\Anti-Virus\FSGK32.EXEC:\Program Files\Shaw Secure\Common\FSHDLL32.EXEC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Motive\McciCMService.exeC:\Program Files\nHancer\nHancerService.exeC:\WINDOWS\System32\HPZipm12.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exeC:\Program Files\Shaw Secure\Anti-Virus\fssm32.exeC:\Program Files\Shaw Secure\Anti-Virus\fsav32.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\system32\wscntfy.exeC:\Documents and Settings\Edo\Desktop\utorrent.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Trend Micro\HiJackThis\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.localR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dllO2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dllO4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Shaw Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquietO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKCU\..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [FFTI] C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\kx9prwmn.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [FFTI] C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\kx9prwmn.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Download with Download Accelerator! - C:\Program Files\Download Accelerator\DownloadAccelerator.htmO8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htmO8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htmO9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dllO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169263600093O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by112fd.bay112.hotmail.msn.com/activex/HMAtchmt.ocxO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cabO18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)O18 - Protocol: intu-qt2008 - {05E53CE9-66C8-4A9E-A99F-FDB7A8E7B596} - (no file)O18 - Protocol: intu-qt2009 - {03947252-2355-4E9B-B446-8CCC75C43370} - (no file)O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dllO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exeO23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Shaw Secure\Common\FSMA32.EXEO23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exeO23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exeO23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exeO23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe--End of file - 10435 bytes....where is the uTorrent dll list ?? I hope You and your team can fix this for everyone very soon, I read other peoplewith Win7/64 having same problem.I am very happy with uTorrent a great little program which allowed me to access media whichis discontinued or otherwise out of budget well at least for me. I will hate to lose it if there is no solution.Cheers and Good Luck finding a solution for folks.Thanks AgainEdo1952 Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 30, 2010 Report Share Posted August 30, 2010 So you either have f-secure (shaw internet security) interfering or you have the IPv6 issue (microsoft bug) coming up Link to comment Share on other sites More sharing options...
Edo1952 Posted August 31, 2010 Author Report Share Posted August 31, 2010 So you either have f-secure (shaw internet security) interfering or you have the IPv6 issue (microsoft bug) coming upThanks for reply...I will look into it some more. Cheers Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.