flounder_al Posted December 6, 2007 Report Share Posted December 6, 2007 I have been using utorrent for months now and it has been running fine. But last night it has started crashing when i try to add a new torrent to download. It keeps saying "Utorrent has crashed. Unable to generate crash dump".I haven't downloaded anything (updates) recently and also i tried uninstalling it and reinstalling after. Nothing worked.I am running Avast Anti-virus and it appears not to be blocking anything to do with Utorrent. Any ideas please?P.S. Please reply in noob style text as i am major crappo at comuters Link to comment Share on other sites More sharing options...
ajones81 Posted December 6, 2007 Report Share Posted December 6, 2007 Google HijackThis, download, run, generate a report, copy-paste here. Link to comment Share on other sites More sharing options...
flounder_al Posted December 6, 2007 Author Report Share Posted December 6, 2007 Is this what you are after?Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:01:41, on 06/12/2007Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16546)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Alwil Software\Avast4\ashDisp.exeC:\Windows\System32\rundll32.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\System32\rundll32.exeC:\Program Files\Internet Explorer\ieuser.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Windows\system32\Macromed\Flash\FlashUtil9d.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.worldseafishing.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXEO4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStartO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenterO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silentO13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe--End of file - 3640 bytes Link to comment Share on other sites More sharing options...
jewelisheaven Posted December 6, 2007 Report Share Posted December 6, 2007 Is it possible the torrent is bad? Are you using Windows Vista x64?Also does this happen on all torrents or only a specific one. Link to comment Share on other sites More sharing options...
flounder_al Posted December 6, 2007 Author Report Share Posted December 6, 2007 i have deleted all torrents and files out of the folders... still doing the same thing Link to comment Share on other sites More sharing options...
ajones81 Posted December 8, 2007 Report Share Posted December 8, 2007 Can you try backing up your settings, uninstalling and then reinstalling uTorrent? Recreate your firewall rules and make sure the port is forwarded properly. Then try the OpenOffice torrents once you've reinstalled. If the problem still persists, then it's probably conflicting with something and we need to figure out what. Link to comment Share on other sites More sharing options...
flounder_al Posted December 8, 2007 Author Report Share Posted December 8, 2007 Tried uninstalling and reinstalling utorrent from two different websites. Still does the same thing.Looked at my firewall settings and utorrent is enabled to access.Anymore thoughts? It's really doing my head in now. Link to comment Share on other sites More sharing options...
ovidiu44 Posted December 8, 2007 Report Share Posted December 8, 2007 am si eu o problema cu torrentul Link to comment Share on other sites More sharing options...
flounder_al Posted December 8, 2007 Author Report Share Posted December 8, 2007 ovidiu44...sorry i only speak English...didn't understand what you wrote Link to comment Share on other sites More sharing options...
jewelisheaven Posted December 8, 2007 Report Share Posted December 8, 2007 ovidiu44, can you describe your problem in english? or ask in Non-English Chat Link to comment Share on other sites More sharing options...
lucis29 Posted December 9, 2007 Report Share Posted December 9, 2007 I really need ypur help.I have tried 5 versions of utorrent, and all are crashing with the error: "utorrent has crashed. Unable to generate crash dump". This happens usually whe i make upload over 4 MB/s. The download works at 10MB/s withoout any problems.I have a Linksys WRT300N, and port forwarding. My files are saved on an external drive (linked through FireWire). I have uninstalled nvidia firewall, added the utorrent as an exception to the IMON, set afinity to 1 core, downloaded the new beta. I usually use utorrent for a private tracker so DHT network is disabled.For connection setings ai have:Global maximum:1000Max no of connect/peer:100No of upload slots:50I used the patch to change the number of max half open ports in windows, and i changed it to 75, but in utorrent, i have 30.The cache is set to 2 GB (i have 4 GB of RAM).I ran the HIjackThis Program, and i get the following report. Do i have to run it when the utorrent gave me the error or any time should be fine?Here is the repport from HijackThis:Logfile of HijackThis v1.99.1Scan saved at 3:45:10 AM, on 12/9/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft SQL Server\MSSQL$MSDE_VC\Binn\sqlservr.exeC:\Program Files\Internet Explorer\svchost.exeC:\Program Files\Eset\nod32krn.exeC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\system32\PnkBstrB.exeC:\WINDOWS\system32\CNAB4RPK.EXEC:\WINDOWS\system32\svchost.exeC:\Program Files\RealVNC\VNC4\WinVNC4.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Logitech\G-series Software\LGDCore.exeC:\Program Files\Logitech\G-series Software\LCDMon.exeC:\WINDOWS\system32\RunDll32.exeC:\Program Files\Eset\nod32kui.exeC:\Program Files\VMware\VMware Workstation\vmware-tray.exeC:\Program Files\Logitech\G-series Software\Applets\LCDClock.exeC:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeC:\Program Files\DAEMON Tools Pro\DTProAgent.exeC:\FRAPS\FRAPS.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Logitech\SetPoint\SetPoint.exeC:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXEC:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Opera\Opera.exeC:\WINDOWS\system32\taskmgr.exeC:\Program Files\uTorrent\uTorrent.exeD:\Utilitare\Archiver\WinRar\WinRAR.exeC:\DOCUME~1\Lucian\LOCALS~1\Temp\Rar$EX03.547\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.utcb.ro:8080O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllO4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /trayO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDEO4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWndO4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICEO4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeO4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXEO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeO4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exeO8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO11 - Options group: [iNTERNATIONAL] International*O11 - Options group: [TABS] Tabbed BrowsingO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dllO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: netpker - Unknown owner - C:\Program Files\Internet Explorer\svchost.exeO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exeO23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files\VMware\VMware Workstation\\" -s ufad-p2v.xml (file missing)O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exeO23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exeO23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exeO23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exeO23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing) Link to comment Share on other sites More sharing options...
DreadWingKnight Posted December 9, 2007 Report Share Posted December 9, 2007 O23 - Service: netpker - Unknown owner - C:\Program Files\Internet Explorer\svchost.exeTrojan. Link to comment Share on other sites More sharing options...
lucis29 Posted December 9, 2007 Report Share Posted December 9, 2007 Ohh damn.Can someone tell me a good trojan remover (free if possible)? Link to comment Share on other sites More sharing options...
jewelisheaven Posted December 9, 2007 Report Share Posted December 9, 2007 Spyboy S&D? Rootkit Revealer? Honestly if the one you're currently using doesn't red-flag a system process in the IE folder... Then again maybe you have the setup to ignore \Program Files\*. I don't know, all I know is that S&D decided that when I had left certain files able to be natively read by XP (.zip) S&D was able to read-into them and determine "unsafe file, remote access..." something or other. Then again i'm only one person giving advice based upon personal experience.Please note for removal, it may be necessary to run and re-run the process several times before and after a reboot, and in safe-mode. (usual process is before, reboot into safe mode, run again, reboot into normal mode, run again)OH, you want to disable system restore temporarily... but what you really should do is run the tool as-is right now... see what it picks up. If it doesn't tell you something is wrong, try another scanner. I'm not sure if HiJack This has any sort of trojan detector in its database, but a search after you know what it's called will definitely help in the suggested course of action necessary for a successful removal.To your clean and functional PC :cheer: Link to comment Share on other sites More sharing options...
lucis29 Posted December 9, 2007 Report Share Posted December 9, 2007 Well, i ran "stinger" in Safe Mode but didn't find anything. I than ran HijackThis in normal mode and "fixed" the Svchost process.Now when i scan with Hijack This, it doesn't show anything (i mean the svchost.exe), so i may have fixed it.I will scan with Ad-Aware SE, too, and see what will happen.Thank you for your advices. Link to comment Share on other sites More sharing options...
jewelisheaven Posted December 9, 2007 Report Share Posted December 9, 2007 Ad Aware doesn't scan for trojans afaik. it's an anti-malware / ad-ware application.You need to use a program with heuristics for trojans, unwanted services / processes. Doesn't microsoft have one.. bitdefender or something? Link to comment Share on other sites More sharing options...
flounder_al Posted December 9, 2007 Author Report Share Posted December 9, 2007 So anymore advice on how to deal with my problem? Link to comment Share on other sites More sharing options...
mmartym Posted December 9, 2007 Report Share Posted December 9, 2007 when i click the torrent i require to start downloading a pop up box pops up in which i click ok to start the download in utorrent but nothing happens at all, dosent even show in utorrent.. what am i doin wrong... thanx for any help received Link to comment Share on other sites More sharing options...
jewelisheaven Posted December 9, 2007 Report Share Posted December 9, 2007 Did you try the programs I suggested? Also I was wrong before it is Windows Defender. Link to comment Share on other sites More sharing options...
lucis29 Posted December 9, 2007 Report Share Posted December 9, 2007 mmartym, that happened to me too. See if your utorrent isn't set to show you only "completed" ones.I just had to click on All ( on the wright side of your utorrent window)Fo the others....i think my problem was that Trojan, because until now it didn't crash. Link to comment Share on other sites More sharing options...
ajones81 Posted December 9, 2007 Report Share Posted December 9, 2007 @flounder_al: Are you using Vista 64-bit? Link to comment Share on other sites More sharing options...
lucis29 Posted December 9, 2007 Report Share Posted December 9, 2007 nope. Still crashing.Anybody having another ideea?One more thing. The utorrent give me the error, and then the windows report error, but i still can control the utorrent (i mean click on the torrents, select them but no right click)This is from windows report log:AppName: utorrent-1.8-alpha-6838.upx.exe AppVer: 1.8.0.6838 ModName: utorrent-1.8-alpha-6838.upx.exeModVer: 1.8.0.6838 Offset: 00011dacLogfile of HijackThis v1.99.1Scan saved at 10:17:53 PM, on 12/9/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft SQL Server\MSSQL$MSDE_VC\Binn\sqlservr.exeC:\Program Files\Eset\nod32krn.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\RealVNC\VNC4\WinVNC4.exeC:\WINDOWS\system32\CNAB4RPK.EXEC:\WINDOWS\Explorer.EXEC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Logitech\G-series Software\LGDCore.exeC:\Program Files\Logitech\G-series Software\LCDMon.exeC:\WINDOWS\system32\RunDll32.exeC:\Program Files\Eset\nod32kui.exeC:\Program Files\VMware\VMware Workstation\vmware-tray.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\Program Files\Logitech\G-series Software\Applets\LCDClock.exeC:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exeC:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exeC:\Program Files\DAEMON Tools Pro\DTProAgent.exeC:\FRAPS\FRAPS.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeC:\Program Files\Logitech\SetPoint\SetPoint.exeC:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXEC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Opera\Opera.exeC:\Program Files\uTorrent\uTorrent.exeC:\Documents and Settings\Lucian\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.utcb.ro:8080O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllO4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /trayO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDEO4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWndO4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICEO4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeO4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXEO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeO4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exeO8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO11 - Options group: [iNTERNATIONAL] International*O11 - Options group: [TABS] Tabbed BrowsingO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dllO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exeO23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files\VMware\VMware Workstation\\" -s ufad-p2v.xml (file missing)O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exeO23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exeO23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exeO23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exeO23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing) Link to comment Share on other sites More sharing options...
mmartym Posted December 9, 2007 Report Share Posted December 9, 2007 when i browse utorrent site for downloads then choose the 1 i want i click start download then a box pops up in which i click ok an thats all that happens i dont know if its a pop up blocker problem because before todayutorrent always showed up in utorrent window then it starts automatically ... now it doesn't even get off the utorrent site start download option help!! Link to comment Share on other sites More sharing options...
jewelisheaven Posted December 9, 2007 Report Share Posted December 9, 2007 It is possible something changed the associations for .torrent files.You should re-set the Ctrl-P -> Assocate uT with .torrent files. And also be sure open with uTorrent is the default action in your browser. Link to comment Share on other sites More sharing options...
mmartym Posted December 9, 2007 Report Share Posted December 9, 2007 how do i check uTorrent is the default action in browser im a newbie Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.