khaos4ng31 Posted April 18, 2011 Report Share Posted April 18, 2011 Problem:uTorrent seems to be the cause of my laptop freezing completely, which makes me have to reboot it by means of the power button/battery. Also, when my laptop does its automatic chkdsk, it deletes then reindexes files named resume.dat (i think) and resume.dat.old. Those are utorrent files I presume. (It happens only when I have two or more torrents and when I have to check the files to see how much of it has been completed. It almost always happened. I've disabled p2p shield from Avast, doesn't work. Maybe I have to uninstall it? Oh well...HiJackThis:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 9:36:23 PM, on 4/17/2011Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v7.00 (7.00.6002.18005)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\DellTPad\Apoint.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\System32\WLTRAY.EXEC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\Alwil Software\Avast5\AvastUI.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\DellTPad\HidFind.exeC:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\wuauclt.exeC:\Program Files\Trend Micro\HiJackThis\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405280R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by DellR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exeO4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeO4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exeO4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exeO4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenterO4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exeO4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /noguiO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbyloginO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttrayO4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [Google Update] "C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO17 - HKLM\System\CCS\Services\Tcpip\..\{CD45171D-7FFF-422B-893E-D0BB3B96D1B7}: NameServer = 8.8.8.8,4.2.2.4O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files\Cozi Express\CoziProtocolHandler.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dllO22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exeO23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exeO23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exeO23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exeO23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exeO23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXEO23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)--End of file - 9290 bytesProcessExlporer:See below.Thank you in advance. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted April 18, 2011 Report Share Posted April 18, 2011 missing dll list for the utorrent.exe process. Link to comment Share on other sites More sharing options...
khaos4ng31 Posted April 18, 2011 Author Report Share Posted April 18, 2011 missing dll list for the utorrent.exe process.And how do I do that? Link to comment Share on other sites More sharing options...
moogly Posted April 18, 2011 Report Share Posted April 18, 2011 missing dll list for the utorrent.exe process.And how do I do that?Select utorrent.exe and enable DLL mode (ctrl+D). Edit your Process Explorer log. Link to comment Share on other sites More sharing options...
khaos4ng31 Posted April 18, 2011 Author Report Share Posted April 18, 2011 Process PID CPU Private Bytes Working Set Description Company Name uTorrent.exe 3556 1.51 16,504 K 20,788 K µTorrent BitTorrent, Inc.Driver for Windows NT/2000/XP/Vista Alps Electric Co., Ltd.Process: uTorrent.exe Pid: 3556Name Description Company Name Versionadvapi32.dll Advanced Windows 32 Base API Microsoft Corporation 6.0.6002.18005clbcatq.dll COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000comctl32.dll User Experience Controls Library Microsoft Corporation 6.10.6002.18305comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.6002.18005dadkeyb.dll dadkeyb Dynamic Link Library Dell Inc. 9.2.11.0dhcpcsvc.dll DHCP Client Service Microsoft Corporation 6.0.6002.18005dhcpcsvc6.dll DHCPv6 Client Microsoft Corporation 6.0.6002.18005dnsapi.dll DNS Client API DLL Microsoft Corporation 6.0.6002.18416FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.0.6001.18000gdi32.dll GDI Client DLL Microsoft Corporation 6.0.6002.18005iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.0.6002.18005imm32.dll Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.0.6002.18005IPHLPAPI.DLL IP Helper API Microsoft Corporation 6.0.6002.18005kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.0.6002.18005locale.nls locale.nls lpk.dll Language Pack Microsoft Corporation 6.0.6002.18051mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 2.0.3.0msctf.dll MSCTF Server DLL Microsoft Corporation 6.0.6002.18005msi.dll Windows Installer Microsoft Corporation 4.5.6002.18005msimg32.dll GDIEXT Client DLL Microsoft Corporation 6.0.6000.16386msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.6002.18005mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.0.6002.18005NapiNSP.dll E-mail Naming Shim Provider Microsoft Corporation 6.0.6001.18000nlaapi.dll Network Location Awareness 2 Microsoft Corporation 6.0.6001.18000nsi.dll NSI User-mode interface DLL Microsoft Corporation 6.0.6001.18000ntdll.dll NT Layer DLL Microsoft Corporation 6.0.6002.18327ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.0.6002.18277oleaut32.dll Microsoft Corporation 6.0.6002.18005pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.0.6001.18000psapi.dll Process Status Helper Microsoft Corporation 6.0.6000.16386rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.0.6000.16386rpcrt4.dll Remote Procedure Call Runtime Microsoft Corporation 6.0.6002.18024rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.0.6002.18005secur32.dll Security Support Provider Interface Microsoft Corporation 6.0.6002.18051shell32.dll Windows Shell Common Dll Microsoft Corporation 6.0.6002.18393shfolder.dll Shell Folder Service Microsoft Corporation 6.0.6000.16386shlwapi.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.6002.18393urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.0.6002.18407user32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.0.6002.18005userenv.dll Userenv Microsoft Corporation 6.0.6002.18005usp10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6002.18244uTorrent.exe µTorrent BitTorrent, Inc. 2.2.0.23703uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.6001.18000version.dll Version Checking and File Installation Libraries Microsoft Corporation 6.0.6002.18005winnsi.dll Network Store Information RPC interface Microsoft Corporation 6.0.6001.18000winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.0.6002.18005Wldap32.dll Win32 LDAP API DLL Microsoft Corporation 6.0.6002.18005ws2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.0.6001.18000wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.0.6001.18000WSHTCPIP.DLL Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.0.6001.18000 Link to comment Share on other sites More sharing options...
DreadWingKnight Posted April 18, 2011 Report Share Posted April 18, 2011 dadkeyb.dll dadkeyb Dynamic Link Library Dell Inc. 9.2.11.0What portion of the dell software is this from? It may be causing the problem.Also, 2.2.1 is out. Link to comment Share on other sites More sharing options...
khaos4ng31 Posted April 19, 2011 Author Report Share Posted April 19, 2011 dadkeyb.dll dadkeyb Dynamic Link Library Dell Inc. 9.2.11.0What portion of the dell software is this from? It may be causing the problem.Also, 2.2.1 is out.maybe i should update...And dadkeyb is from the Dell Quickset and keyboard shortcuts. Link to comment Share on other sites More sharing options...
moogly Posted April 19, 2011 Report Share Posted April 19, 2011 And try without your security programs, uninstall them one by one. I see Malwarebytes and nProtect GameGuard. These programs can think p2p traffic is malicious and imply some freezes. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.