Skaircrow Posted May 22, 2011 Report Share Posted May 22, 2011 Ok here goes. I have been using the 2.2 on 2 Win 7 ultimate PCs for about a year now. I have tried to update to Alpha multiple times on both PCs (Uninstall 2.2, Load Alpha, restart) over the last couple of months and as soon as it opens, I get this message: Utorrent has crashed. A crash dump has been saved as...(file location). It goes NO FURTHER than this message. I have not changed ANY settings on the PCs, I am running Kaspersky, and if I go back to 2.2 all is fine. The only reason I want to update is so I can control with the mobile app. I dont know if this is a common problem but if I was a dumbass and messed something up, PLEASE let me know, I would rather get it to work and not make the error again than worry about my pride. Your time is GREATLY appreciated and I hope the issue is resolvable, if not please advise me what to pick up to have mobile control. Thank You Sir\Ma'am. Ben S / Skaircrow. Link to comment Share on other sites More sharing options...
moogly Posted May 22, 2011 Report Share Posted May 22, 2011 Open the folder %appdata%\utorrent and upload the crashdumps (.dmp) to http://www.mediafire.com/ then post the link. Link to comment Share on other sites More sharing options...
Skaircrow Posted May 23, 2011 Author Report Share Posted May 23, 2011 They are U\Ling now. There are about 30 of them and will post link when done. For what ever reason ONE of the PCs started working with Alpha! I didnt change ANYTHING on it since I posted this last night and I was trying to find dmp address. I pulled it up expecting it to crash so I could get info needed and IT WORKS! All dumps uploaded are for the other pc, which is still acting up. Again THANK YOU for your time. Here is the link: http://www.mediafire.com/?g8p86cjb4i76g thanks again. Link to comment Share on other sites More sharing options...
moogly Posted May 23, 2011 Report Share Posted May 23, 2011 And can you post Hijackthis and Process Explorer logs too when uT is running.Guide: http://forum.utorrent.com/viewtopic.php?id=29748 Link to comment Share on other sites More sharing options...
Skaircrow Posted May 24, 2011 Author Report Share Posted May 24, 2011 Ok I ran both before and saved, during and saved as "2", and after as "3" here is the link :http://www.mediafire.com/?9a2jxbowz9ixz . One thing I didnt think of before is the PC that IS working is not a "Genuine" copy of win7 Ultimate, the one that all of these reports are coming from IS a certified copy. I dont know if it matters or makes a diff but i am trying to give any info that i can think of to resolve the issue. Again Thank you for you time. BS\ Skaircrow Link to comment Share on other sites More sharing options...
moogly Posted May 24, 2011 Report Share Posted May 24, 2011 Copy/paste the logs in your post, please. Link to comment Share on other sites More sharing options...
Skaircrow Posted May 24, 2011 Author Report Share Posted May 24, 2011 Here is the BEFORE for both:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 9:39:27 PM, on 5/23/2011Platform: Windows 7 (WinNT 6.00.3504)MSIE: Unable to get Internet Explorer version!Boot mode: NormalRunning processes:C:\Windows\PLFSetI.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\SysWOW64\RunDll32.exeC:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exeC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\Program Files (x86)\Launch Manager\LMworker.exeC:\Users\Ben\Downloads\HijackThis.exeC:\Program Files (x86)\uTorrent\uTorrent.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv53a&r=273609104245l0444z135a4642d235R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mirostart.com/?cfg=2-365-0-2RJ8ZR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv53a&r=273609104245l0444z135a4642d235R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllR3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllF2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dllO2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllO2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dllO2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllO2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllO3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dllO3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dllO3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllO4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -kO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exeO4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -aO4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exeO4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWO4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automountO4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe" /startupO4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exeO4 - Global Startup: Bluetooth.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.htmlO8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocxO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeO23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeO23 - Service: Novatel Wireless Verizon Device Helper (NWVZHelper) - Novatel Wireless Inc. - C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exeO23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Updater Service - Acer Group - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 14610 bytesAND Process PID CPU Private Bytes Working Set Description Company NameSystem Idle Process 0 57.97 0 K 24 K System 4 0.73 120 K 404 K Interrupts n/a 2.67 0 K 0 K Hardware Interrupts and DPCs smss.exe 332 448 K 360 K csrss.exe 476 < 0.01 2,096 K 2,008 K conhost.exe 1408 896 K 596 K wininit.exe 548 1,624 K 716 K services.exe 612 < 0.01 5,860 K 6,284 K svchost.exe 808 4.64 4,296 K 4,688 K Host Process for Windows Services Microsoft Corporation WmiPrvSE.exe 2980 0.16 6,748 K 5,336 K unsecapp.exe 3280 2,028 K 2,480 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation WmiPrvSE.exe 3420 2,940 K 4,240 K svchost.exe 888 0.04 5,720 K 5,204 K Host Process for Windows Services Microsoft Corporation atiesrxx.exe 932 1,404 K 1,220 K AMD External Events Service Module AMD atieclxx.exe 1168 2,388 K 2,956 K svchost.exe 292 0.03 19,628 K 14,256 K Host Process for Windows Services Microsoft Corporation audiodg.exe 1072 16,952 K 17,044 K svchost.exe 368 0.29 135,188 K 131,028 K Host Process for Windows Services Microsoft Corporation wlanext.exe 1400 2,100 K 2,688 K dwm.exe 1156 1.54 40,164 K 30,704 K Desktop Window Manager Microsoft Corporation svchost.exe 696 0.38 29,808 K 28,660 K Host Process for Windows Services Microsoft Corporation svchost.exe 1084 0.01 11,260 K 13,280 K Host Process for Windows Services Microsoft Corporation svchost.exe 1316 < 0.01 16,168 K 11,656 K Host Process for Windows Services Microsoft Corporation spoolsv.exe 1592 6,564 K 4,960 K Spooler SubSystem App Microsoft Corporation svchost.exe 1624 15,676 K 13,136 K Host Process for Windows Services Microsoft Corporation btwdins.exe 1792 2,424 K 3,496 K Bluetooth Support Server Broadcom Corporation. taskhost.exe 1984 8,648 K 4,964 K Host Process for Windows Tasks Microsoft Corporation dsiwmis.exe 1688 < 0.01 2,556 K 2,776 K Dritek WMI Service Dritek System Inc. LMworker.exe 3156 1,208 K 1,552 K ePowerSvc.exe 844 2,492 K 1,508 K ePowerSvc Acer Incorporated ePowerEvent.exe 3660 0.66 1,668 K 980 K svchost.exe 824 0.01 8,544 K 10,012 K Host Process for Windows Services Microsoft Corporation GREGsvc.exe 1440 800 K 924 K Global Registration Service Acer Incorporated IScheduleSvc.exe 1304 < 0.01 5,204 K 7,024 K Backup Manager Module NewTech Infosystems, Inc. NWHelper_001.exe 1260 1,448 K 804 K NWHelper Module Novatel Wireless Inc. svchost.exe 2144 1,940 K 2,384 K Host Process for Windows Services Microsoft Corporation UpdaterService.exe 2176 1,256 K 1,392 K Updater Service Acer Group svchost.exe 2580 2,520 K 3,176 K Host Process for Windows Services Microsoft Corporation SearchIndexer.exe 3032 < 0.01 41,016 K 13,788 K Microsoft Windows Search Indexer Microsoft Corporation wmpnetwk.exe 3624 0.01 15,028 K 12,660 K Windows Media Player Network Sharing Service Microsoft Corporation avp.exe 3768 14.50 164,760 K 92,868 K Kaspersky Anti-Virus Kaspersky Lab ZAO svchost.exe 4624 71,056 K 28,664 K Host Process for Windows Services Microsoft Corporation taskhost.exe 6072 7,708 K 5,644 K msiexec.exe 5832 2,184 K 6,176 K Windows® installer Microsoft Corporation svchost.exe 2468 984 K 2,660 K lsass.exe 628 3.21 4,224 K 6,172 K Local Security Authority Process Microsoft Corporation lsm.exe 636 0.06 2,760 K 2,384 K csrss.exe 580 0.88 3,616 K 9,964 K winlogon.exe 728 2,892 K 2,824 K explorer.exe 1252 0.41 51,668 K 50,092 K Windows Explorer Microsoft Corporation RAVCpl64.exe 2304 9,308 K 3,460 K Realtek HD Audio Manager Realtek Semiconductor SynTPEnh.exe 3052 2.07 8,472 K 5,368 K Synaptics TouchPad Enhancements Synaptics Incorporated SynTPHelper.exe 3168 1,532 K 1,156 K PLFSetI.exe 2192 2,392 K 3,760 K DefaultSettingEXE MFC Application ePowerTray.exe 2096 0.45 3,668 K 3,580 K ePowerTray Acer Incorporated SetPoint.exe 2856 16,892 K 11,456 K Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. KHALMNPR.exe 3968 0.02 5,364 K 5,608 K Logitech KHAL Main Process Logitech, Inc. XBoxStat.exe 2412 0.15 3,384 K 3,612 K XBoxStat.exe Microsoft Corporation GoogleToolbarNotifier.exe 2948 < 0.01 3,240 K 2,452 K GoogleToolbarNotifier Google Inc. sidebar.exe 3104 3.02 54,640 K 29,216 K Windows Desktop Gadgets Microsoft Corporation MSOSYNC.EXE 3316 0.01 6,160 K 6,612 K Microsoft Office Document Cache Microsoft Corporation RCHelper.exe 3336 < 0.01 6,956 K 2,020 K CleanMyPC Scheduler CleanMyPC Software BTTray.exe 3356 0.01 6,232 K 2,964 K Bluetooth Tray Application Broadcom Corporation. rundll32.exe 3992 1,352 K 1,144 K Windows host process (Rundll32) Microsoft Corporation uTorrent.exe 1068 0.12 10,588 K 20,544 K µTorrent BitTorrent, Inc.BackupManagerTray.exe 3772 1,812 K 1,596 K Gateway MyBackup NewTech Infosystems, Inc.LManager.exe 3800 12,104 K 4,496 K Launch Manager Keyboard Application Dritek System Inc. MMDx64Fx.exe 3244 2,152 K 1,092 K MMDx64Fx Application Dritek System Inc.VideoWebCamera.exe 3812 0.04 3,204 K 6,456 K Video Web Camera Suyinavp.exe 3824 1.16 20,244 K 6,548 K Kaspersky Anti-Virus Kaspersky Lab ZAOAdobeARM.exe 3896 3,572 K 2,332 K Adobe Reader and Acrobat Manager Adobe Systems Incorporatedjusched.exe 3984 1,204 K 2,440 K Java Update Scheduler Sun Microsystems, Inc.Reader Library Launcher.exe 4032 18,864 K 7,388 K Reader Library Launcher Sony CorporationDivXUpdate.exe 4080 0.02 7,044 K 10,320 K DivX Update MOM.exe 3764 0.03 40,476 K 6,832 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 4832 < 0.01 54,296 K 5,172 K Catalyst Control Center: Host application ATI Technologies Inc.HijackThis.exe 5544 5,896 K 3,476 K procexp.exe 3820 1,836 K 8,132 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 1300 4.65 23,704 K 44,332 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com Link to comment Share on other sites More sharing options...
Skaircrow Posted May 24, 2011 Author Report Share Posted May 24, 2011 Here is DURING :Logfile of Trend Micro HijackThis v2.0.4Scan saved at 1:11:15 PM, on 5/24/2011Platform: Windows 7 (WinNT 6.00.3504)MSIE: Unable to get Internet Explorer version!Boot mode: NormalRunning processes:C:\Windows\PLFSetI.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\SysWOW64\RunDll32.exeC:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exeC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\Program Files (x86)\Launch Manager\LMworker.exeC:\Program Files (x86)\WinRAR\WinRAR.exeC:\Users\Ben\AppData\Local\Temp\Rar$EX25.008\procexp.exeC:\Users\Ben\Downloads\HijackThis.exeC:\Windows\SysWOW64\NOTEPAD.EXEC:\Program Files (x86)\uTorrent\uTorrent.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv53a&r=273609104245l0444z135a4642d235R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mirostart.com/?cfg=2-365-0-2RJ8ZR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv53a&r=273609104245l0444z135a4642d235R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllR3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllF2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dllO2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllO2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dllO2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllO2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllO3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dllO3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dllO3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllO4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -kO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exeO4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -aO4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exeO4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWO4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automountO4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe" /startupO4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exeO4 - Global Startup: Bluetooth.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.htmlO8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocxO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeO23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeO23 - Service: Novatel Wireless Verizon Device Helper (NWVZHelper) - Novatel Wireless Inc. - C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exeO23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Updater Service - Acer Group - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 14679 bytesAND Process PID CPU Private Bytes Working Set Description Company NameSystem Idle Process 0 73.06 0 K 24 K System 4 0.46 120 K 464 K Interrupts n/a 2.35 0 K 0 K Hardware Interrupts and DPCs smss.exe 332 448 K 220 K csrss.exe 476 2,096 K 1,676 K conhost.exe 1408 896 K 440 K wininit.exe 548 1,624 K 440 K services.exe 612 < 0.01 5,720 K 5,756 K svchost.exe 808 7.40 4,300 K 4,020 K Host Process for Windows Services Microsoft Corporation WmiPrvSE.exe 2980 0.15 6,636 K 6,960 K unsecapp.exe 3280 2,060 K 2,164 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation WmiPrvSE.exe 3420 2,936 K 3,984 K svchost.exe 888 0.04 5,672 K 4,960 K Host Process for Windows Services Microsoft Corporation atiesrxx.exe 932 1,404 K 1,052 K AMD External Events Service Module AMD atieclxx.exe 1168 2,388 K 2,600 K svchost.exe 292 < 0.01 20,600 K 14,716 K Host Process for Windows Services Microsoft Corporation audiodg.exe 4584 17,204 K 17,504 K svchost.exe 368 < 0.01 147,676 K 140,488 K Host Process for Windows Services Microsoft Corporation wlanext.exe 1400 2,080 K 2,440 K dwm.exe 1156 0.51 40,508 K 31,124 K Desktop Window Manager Microsoft Corporation svchost.exe 696 0.37 32,024 K 28,460 K Host Process for Windows Services Microsoft Corporation svchost.exe 1084 0.01 11,916 K 14,060 K Host Process for Windows Services Microsoft Corporation svchost.exe 1316 < 0.01 16,032 K 10,820 K Host Process for Windows Services Microsoft Corporation spoolsv.exe 1592 6,564 K 4,032 K Spooler SubSystem App Microsoft Corporation svchost.exe 1624 16,504 K 12,900 K Host Process for Windows Services Microsoft Corporation btwdins.exe 1792 2,432 K 2,960 K Bluetooth Support Server Broadcom Corporation. taskhost.exe 1984 8,464 K 5,132 K Host Process for Windows Tasks Microsoft Corporation dsiwmis.exe 1688 < 0.01 2,564 K 2,480 K Dritek WMI Service Dritek System Inc. LMworker.exe 3156 1,208 K 1,012 K ePowerSvc.exe 844 2,492 K 1,496 K ePowerSvc Acer Incorporated ePowerEvent.exe 3660 0.86 1,668 K 692 K svchost.exe 824 8,824 K 10,012 K Host Process for Windows Services Microsoft Corporation GREGsvc.exe 1440 800 K 916 K Global Registration Service Acer Incorporated IScheduleSvc.exe 1304 < 0.01 5,204 K 6,236 K Backup Manager Module NewTech Infosystems, Inc. NWHelper_001.exe 1260 1,448 K 484 K NWHelper Module Novatel Wireless Inc. svchost.exe 2144 2,076 K 2,160 K Host Process for Windows Services Microsoft Corporation UpdaterService.exe 2176 1,260 K 1,904 K Updater Service Acer Group svchost.exe 2580 2,536 K 2,940 K Host Process for Windows Services Microsoft Corporation wmpnetwk.exe 3624 15,020 K 13,020 K Windows Media Player Network Sharing Service Microsoft Corporation avp.exe 3768 0.58 135,960 K 12,148 K Kaspersky Anti-Virus Kaspersky Lab ZAO svchost.exe 4624 < 0.01 70,968 K 27,848 K Host Process for Windows Services Microsoft Corporation msiexec.exe 6072 8,284 K 18,152 K Windows® installer Microsoft Corporation SearchIndexer.exe 1036 < 0.01 40,208 K 29,752 K Microsoft Windows Search Indexer Microsoft Corporation SearchProtocolHost.exe 2540 < 0.01 2,536 K 8,120 K SearchFilterHost.exe 2924 2,672 K 6,476 K svchost.exe 5836 1,144 K 3,240 K Host Process for Windows Services Microsoft Corporation lsass.exe 628 5.17 4,272 K 5,556 K Local Security Authority Process Microsoft Corporation lsm.exe 636 2,648 K 2,092 K csrss.exe 580 0.82 3,612 K 10,084 K winlogon.exe 728 2,892 K 2,388 K explorer.exe 1252 0.47 56,688 K 58,816 K Windows Explorer Microsoft Corporation RAVCpl64.exe 2304 9,308 K 2,280 K Realtek HD Audio Manager Realtek Semiconductor SynTPEnh.exe 3052 < 0.01 8,476 K 4,412 K Synaptics TouchPad Enhancements Synaptics Incorporated SynTPHelper.exe 3168 1,532 K 736 K PLFSetI.exe 2192 2,392 K 3,248 K DefaultSettingEXE MFC Application ePowerTray.exe 2096 0.62 3,720 K 3,868 K ePowerTray Acer Incorporated SetPoint.exe 2856 16,892 K 8,164 K Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. KHALMNPR.exe 3968 0.02 5,364 K 4,920 K Logitech KHAL Main Process Logitech, Inc. XBoxStat.exe 2412 0.24 3,448 K 2,792 K XBoxStat.exe Microsoft Corporation GoogleToolbarNotifier.exe 2948 < 0.01 3,316 K 3,664 K GoogleToolbarNotifier Google Inc. sidebar.exe 3104 3.03 54,696 K 27,840 K Windows Desktop Gadgets Microsoft Corporation MSOSYNC.EXE 3316 6,312 K 7,620 K Microsoft Office Document Cache Microsoft Corporation RCHelper.exe 3336 < 0.01 6,956 K 1,752 K CleanMyPC Scheduler CleanMyPC Software BTTray.exe 3356 0.01 6,232 K 2,220 K Bluetooth Tray Application Broadcom Corporation. rundll32.exe 3992 1,352 K 824 K Windows host process (Rundll32) Microsoft CorporationBackupManagerTray.exe 3772 1,812 K 1,172 K Gateway MyBackup NewTech Infosystems, Inc.LManager.exe 3800 12,104 K 3,276 K Launch Manager Keyboard Application Dritek System Inc. MMDx64Fx.exe 3244 2,152 K 748 K MMDx64Fx Application Dritek System Inc.VideoWebCamera.exe 3812 0.04 3,204 K 5,972 K Video Web Camera Suyinavp.exe 3824 1.40 20,080 K 6,628 K Kaspersky Anti-Virus Kaspersky Lab ZAOjusched.exe 3984 1,204 K 1,456 K Java Update Scheduler Sun Microsystems, Inc.Reader Library Launcher.exe 4032 18,860 K 5,108 K Reader Library Launcher Sony CorporationDivXUpdate.exe 4080 0.03 7,044 K 6,300 K DivX Update MOM.exe 3764 0.03 40,476 K 5,760 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 4832 0.01 54,324 K 6,348 K Catalyst Control Center: Host application ATI Technologies Inc.WinRAR.exe 3860 < 0.01 8,096 K 17,880 K WinRAR archiver Alexander Roshal procexp.exe 6128 1,824 K 5,504 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 4776 2.26 22,644 K 40,276 K Sysinternals Process Explorer Sysinternals - www.sysinternals.comHijackThis.exe 1768 17,108 K 32,016 K Link to comment Share on other sites More sharing options...
Skaircrow Posted May 24, 2011 Author Report Share Posted May 24, 2011 Here is AFTER:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 1:12:11 PM, on 5/24/2011Platform: Windows 7 (WinNT 6.00.3504)MSIE: Unable to get Internet Explorer version!Boot mode: NormalRunning processes:C:\Windows\PLFSetI.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\SysWOW64\RunDll32.exeC:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exeC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\Program Files (x86)\Launch Manager\LMworker.exeC:\Program Files (x86)\WinRAR\WinRAR.exeC:\Users\Ben\AppData\Local\Temp\Rar$EX25.008\procexp.exeC:\Users\Ben\Downloads\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv53a&r=273609104245l0444z135a4642d235R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mirostart.com/?cfg=2-365-0-2RJ8ZR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv53a&r=273609104245l0444z135a4642d235R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllR3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllF2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dllO2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllO2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dllO2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllO2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dllO3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dllO3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dllO3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllO4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -kO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exeO4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -aO4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exeO4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWO4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automountO4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe" /startupO4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exeO4 - Global Startup: Bluetooth.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.htmlO8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dllO16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocxO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeO23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeO23 - Service: Novatel Wireless Verizon Device Helper (NWVZHelper) - Novatel Wireless Inc. - C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exeO23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Updater Service - Acer Group - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 14600 bytesAND Process PID CPU Private Bytes Working Set Description Company NameSystem Idle Process 0 81.24 0 K 24 K System 4 0.33 120 K 464 K Interrupts n/a 1.30 0 K 0 K Hardware Interrupts and DPCs smss.exe 332 448 K 220 K csrss.exe 476 2,096 K 1,676 K conhost.exe 1408 896 K 440 K wininit.exe 548 1,624 K 440 K services.exe 612 < 0.01 5,720 K 5,756 K svchost.exe 808 3.09 4,300 K 4,020 K Host Process for Windows Services Microsoft Corporation WmiPrvSE.exe 2980 0.15 6,636 K 6,960 K unsecapp.exe 3280 2,060 K 2,164 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation WmiPrvSE.exe 3420 2,936 K 3,984 K svchost.exe 888 0.05 5,672 K 4,968 K Host Process for Windows Services Microsoft Corporation atiesrxx.exe 932 1,404 K 1,052 K AMD External Events Service Module AMD atieclxx.exe 1168 2,388 K 2,600 K svchost.exe 292 20,600 K 14,720 K Host Process for Windows Services Microsoft Corporation audiodg.exe 4584 17,204 K 17,504 K svchost.exe 368 0.03 147,676 K 140,452 K Host Process for Windows Services Microsoft Corporation wlanext.exe 1400 2,080 K 2,440 K dwm.exe 1156 1.01 40,508 K 30,920 K Desktop Window Manager Microsoft Corporation svchost.exe 696 0.38 31,972 K 28,444 K Host Process for Windows Services Microsoft Corporation svchost.exe 1084 0.01 11,916 K 14,060 K Host Process for Windows Services Microsoft Corporation svchost.exe 1316 < 0.01 16,032 K 10,820 K Host Process for Windows Services Microsoft Corporation spoolsv.exe 1592 6,564 K 4,032 K Spooler SubSystem App Microsoft Corporation svchost.exe 1624 16,504 K 12,896 K Host Process for Windows Services Microsoft Corporation btwdins.exe 1792 2,432 K 2,960 K Bluetooth Support Server Broadcom Corporation. taskhost.exe 1984 8,464 K 5,132 K Host Process for Windows Tasks Microsoft Corporation dsiwmis.exe 1688 < 0.01 2,564 K 2,480 K Dritek WMI Service Dritek System Inc. LMworker.exe 3156 1,208 K 1,012 K ePowerSvc.exe 844 2,492 K 1,496 K ePowerSvc Acer Incorporated ePowerEvent.exe 3660 0.37 1,668 K 692 K svchost.exe 824 8,824 K 10,012 K Host Process for Windows Services Microsoft Corporation GREGsvc.exe 1440 800 K 916 K Global Registration Service Acer Incorporated IScheduleSvc.exe 1304 < 0.01 5,204 K 6,236 K Backup Manager Module NewTech Infosystems, Inc. NWHelper_001.exe 1260 1,448 K 484 K NWHelper Module Novatel Wireless Inc. svchost.exe 2144 2,076 K 2,160 K Host Process for Windows Services Microsoft Corporation UpdaterService.exe 2176 1,260 K 1,904 K Updater Service Acer Group svchost.exe 2580 2,588 K 2,956 K Host Process for Windows Services Microsoft Corporation wmpnetwk.exe 3624 < 0.01 15,020 K 13,020 K Windows Media Player Network Sharing Service Microsoft Corporation avp.exe 3768 0.52 135,520 K 23,004 K Kaspersky Anti-Virus Kaspersky Lab ZAO svchost.exe 4624 < 0.01 70,968 K 27,812 K Host Process for Windows Services Microsoft Corporation msiexec.exe 6072 8,284 K 18,148 K Windows® installer Microsoft Corporation SearchIndexer.exe 1036 0.01 40,260 K 29,836 K Microsoft Windows Search Indexer Microsoft Corporation SearchProtocolHost.exe 2540 < 0.01 2,536 K 8,148 K SearchFilterHost.exe 2924 2,672 K 6,476 K svchost.exe 5836 1,144 K 3,240 K Host Process for Windows Services Microsoft Corporation lsass.exe 628 2.14 4,276 K 5,564 K Local Security Authority Process Microsoft Corporation lsm.exe 636 2,648 K 2,092 K csrss.exe 580 0.51 3,612 K 10,084 K winlogon.exe 728 2,892 K 2,388 K explorer.exe 1252 0.37 56,688 K 58,816 K Windows Explorer Microsoft Corporation RAVCpl64.exe 2304 9,308 K 2,280 K Realtek HD Audio Manager Realtek Semiconductor SynTPEnh.exe 3052 < 0.01 8,476 K 4,412 K Synaptics TouchPad Enhancements Synaptics Incorporated SynTPHelper.exe 3168 1,532 K 736 K PLFSetI.exe 2192 2,392 K 3,248 K DefaultSettingEXE MFC Application ePowerTray.exe 2096 0.26 3,720 K 3,868 K ePowerTray Acer Incorporated SetPoint.exe 2856 16,892 K 8,164 K Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. KHALMNPR.exe 3968 0.02 5,364 K 4,920 K Logitech KHAL Main Process Logitech, Inc. XBoxStat.exe 2412 0.23 3,448 K 2,792 K XBoxStat.exe Microsoft Corporation GoogleToolbarNotifier.exe 2948 < 0.01 3,316 K 3,664 K GoogleToolbarNotifier Google Inc. sidebar.exe 3104 3.93 55,172 K 27,900 K Windows Desktop Gadgets Microsoft Corporation MSOSYNC.EXE 3316 6,280 K 7,596 K Microsoft Office Document Cache Microsoft Corporation RCHelper.exe 3336 0.01 6,956 K 1,752 K CleanMyPC Scheduler CleanMyPC Software BTTray.exe 3356 6,232 K 2,220 K Bluetooth Tray Application Broadcom Corporation. rundll32.exe 3992 1,352 K 824 K Windows host process (Rundll32) Microsoft CorporationBackupManagerTray.exe 3772 1,812 K 1,172 K Gateway MyBackup NewTech Infosystems, Inc.LManager.exe 3800 12,104 K 3,276 K Launch Manager Keyboard Application Dritek System Inc. MMDx64Fx.exe 3244 2,152 K 748 K MMDx64Fx Application Dritek System Inc.VideoWebCamera.exe 3812 0.04 3,204 K 5,972 K Video Web Camera Suyinavp.exe 3824 1.36 20,136 K 6,660 K Kaspersky Anti-Virus Kaspersky Lab ZAOjusched.exe 3984 1,204 K 1,456 K Java Update Scheduler Sun Microsystems, Inc.Reader Library Launcher.exe 4032 18,860 K 5,108 K Reader Library Launcher Sony CorporationDivXUpdate.exe 4080 0.02 7,044 K 6,300 K DivX Update MOM.exe 3764 0.02 40,476 K 5,760 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 4832 < 0.01 54,324 K 6,348 K Catalyst Control Center: Host application ATI Technologies Inc.WinRAR.exe 3860 0.01 8,096 K 17,876 K WinRAR archiver Alexander Roshal procexp.exe 6128 1,824 K 5,476 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 4776 2.56 23,720 K 41,356 K Sysinternals Process Explorer Sysinternals - www.sysinternals.comHijackThis.exe 1768 17,108 K 32,012 K Link to comment Share on other sites More sharing options...
moogly Posted May 24, 2011 Report Share Posted May 24, 2011 In PE, you need to select utorrent.exe and enable DLL mode (ctrl+D).Maybe Kaspersky is the culprit. Link to comment Share on other sites More sharing options...
Firon Posted May 24, 2011 Report Share Posted May 24, 2011 What build number of 3.0 are you running? The latest is 25317. Link to comment Share on other sites More sharing options...
Skaircrow Posted May 25, 2011 Author Report Share Posted May 25, 2011 That is the one I am running. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.