Neolitz Posted November 9, 2010 Report Posted November 9, 2010 i already installed any type of torrent downloadereven utorrent from old verion..still i always get crased. but it just happen not too long ago..b4 that i still can download.here the hijack filesLogfile of Trend Micro HijackThis v2.0.4Scan saved at 8:35:02 AM, on 11/9/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18828)Boot mode: NormalRunning processes:C:\Program Files (x86)\RocketDock\RocketDock.exeC:\Program Files (x86)\Internet Download Manager\IDMan.exeC:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exeC:\Program Files (x86)\Razer\Lycosa\razerhid.exeC:\Program Files (x86)\Razer\Mamba\RazerTray.exeC:\Program Files (x86)\Razer\Lycosa\razertra.exeC:\Program Files (x86)\Internet Download Manager\IEMonitor.exeC:\Program Files (x86)\Java\jre6\bin\javaw.exeC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeS:\foobar2000\foobar2000.exeC:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Neolitz\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = PreserveR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)F2 - REG:system.ini: UserInit=userinit.exeO1 - Hosts: ::1 localhostO1 - Hosts: 85.17.162.237 l2authd.lineage2.comO1 - Hosts: 85.17.162.237 l2patcher.lineage2.comO2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dllO2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MI1933~1\Office14\GROOVEEX.DLLO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MI1933~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO3 - Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dllO4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /rO4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"O4 - HKLM\..\Run: [Lycosa] "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe"O4 - HKLM\..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exeO4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"O4 - HKCU\..\Run: [EPSON Stylus T11 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEBI.EXE /FU "C:\Windows\TEMP\E_S3626.tmp" /EF "HKCU"O4 - HKCU\..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onbootO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htmO8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htmO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exeO23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exeO23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exeO23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeO23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exeO23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 11834 bytesfrom the process that show many chrome. i always save usefull tab so. dont confuse.technicaly my spec areWindows Vista Ultimate 64bit Sp1 spec:intel core 2 quad Q6700 GeForce 8800 GT1.5 TB of hdd1 dvd RW comboCorsair PSU 550w4 gb of Patriot ram DDR 2with Sound blaster fx 5.1 [driver installed]razer mamba [driver installed]razer lycosa mirro [driver installed]additional software that insalledTuneUp Utilities 2010WinrarMicrosoft Office 2010Microsoft Visual Studio 2010 ExpressMicrosoft Visual Studio 2008 Expressfoobar chromemozilaoperaIErocket docksJDownloaderIDMKaspersky Anti VirusMsnYmaLsee K-lite mega codec packjavaand Nvidia Driver up to date
moogly Posted November 9, 2010 Report Posted November 9, 2010 Can you post Process Explorer log when µT is running if possible.Guide: http://forum.utorrent.com/viewtopic.php?id=29748
Neolitz Posted November 10, 2010 Author Report Posted November 10, 2010 my u torrent wont started. so how i can do it..
moogly Posted November 10, 2010 Report Posted November 10, 2010 Do you have crash dumps (.dmp) in %appdata%\utorrent?If yes, upload them to http://www.mediafire.com/
Neolitz Posted November 11, 2010 Author Report Posted November 11, 2010 ah. its ok..utorrent go well again after i fully update my windows vista 64 bit ultimate edition with important updates..thx for the help
Recommended Posts
Archived
This topic is now archived and is closed to further replies.