F u r u y á Posted April 26, 2008 Report Share Posted April 26, 2008 Happend two or three times here... the program never crashes except for this. When I have just clicked Open Containing Folder (in context menu) uTorrent crashes and the destination folder remais unopened. CPU Usage stays at normal level and nothing else is crashed, really nothing happens except that uTorrent need to be manually shutdown'ed and reopened. My computer is free os virus os spy/malwares.Just to reiterate: this is the only crash in uTorrent, and ONLY happens when I click Open Containing Folder... (but isn't always that that happens. As I said, it happend two or three times.) Link to comment Share on other sites More sharing options...
Firon Posted April 26, 2008 Report Share Posted April 26, 2008 Post a HijackThis log. Link to comment Share on other sites More sharing options...
F u r u y á Posted May 10, 2008 Author Report Share Posted May 10, 2008 There it is:Logfile of HijackThis v1.99.1Scan saved at 20:12:23, on 10/05/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Arquivos de programas\Sygate\SPF\smc.exeC:\WINDOWS\Explorer.EXEC:\ARQUIV~1\GbPlugin\GbpSv.exeC:\WINDOWS\system32\spoolsv.exeC:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exeC:\Arquivos de programas\DU Meter\DUMeter.exeC:\Arquivos de programas\CpuIdle\cpuidle.exeC:\Arquivos de programas\NVIDIA Corporation\NvMixer\NVMixerTray.exeC:\Arquivos de programas\Java\jre1.6.0_05\bin\jusched.exeC:\Arquivos de programas\uTorrent\uTorrent.exeC:\WINDOWS\system32\ctfmon.exeC:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exeC:\Arquivos de programas\Executive Software\Diskeeper\DkService.exed:\altera\72sp2\quartus\bin\jtagserver.exeC:\WINDOWS\system32\nvsvc32.exeD:\Arquivos de programas\Sandboxie\SbieSvc.exeC:\WINDOWS\System32\svchost.exeC:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\Arquivos de programas\MSN Messenger\usnsvc.exeC:\Arquivos de programas\Microsoft IntelliPoint\Point32.exeC:\Arquivos de programas\MSN Messenger\msnmsgr.exeC:\Arquivos de programas\IGZones\IGZones.exeC:\Arquivos de programas\Mozilla Firefox\firefox.exeC:\Arquivos de programas\Babylon\Babylon-Pro\Babylon.exeC:\Documents and Settings\Administrador\Desktop\hijackthis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.aspR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dllO3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\fgiebar.dllO4 - HKLM\..\Run: [smcService] C:\ARQUIV~1\Sygate\SPF\smc.exe -startguiO4 - HKLM\..\Run: [DU Meter] C:\Arquivos de programas\DU Meter\DUMeter.exeO4 - HKLM\..\Run: [CpuIdle] C:\Arquivos de programas\CpuIdle\cpuidle.exeO4 - HKLM\..\Run: [NVMixerTray] "C:\Arquivos de programas\NVIDIA Corporation\NvMixer\NVMixerTray.exe"O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKCU\..\Run: [uTorrent] "C:\Arquivos de programas\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO8 - Extra context menu item: Abrir destino no Firefox - file://D:\Firefox Profile\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.htmlO8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htmO8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htmO8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Exibir essa página no Firefox - file://D:\Firefox Profile\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Arquivos de programas\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exeO9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exeO11 - Options group: [iNTERNATIONAL] International*O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.aspO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188843034015O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{6126AA83-D3BE-43BB-B72E-FA24109CE6E8}: NameServer = 200.204.0.10 200.204.0.10O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLLO20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehcef.dllO20 - Winlogon Notify: atkctrs32 - atkctrs32.dll (file missing)O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dllO23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exeO23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exeO23 - Service: Diskeeper - Executive Software International, Inc. - C:\Arquivos de programas\Executive Software\Diskeeper\DkService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: Altera JTAG Server (JTAGServer) - Unknown owner - d:\altera\72sp2\quartus\bin\jtagserver.exeO23 - Service: MSCSPTISRV - Sony Corporation - C:\Arquivos de programas\Arquivos comuns\Sony Shared\AVLib\MSCSPTISRV.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: PACSPTISVR - Sony Corporation - C:\Arquivos de programas\Arquivos comuns\Sony Shared\AVLib\PACSPTISVR.exeO23 - Service: Sandboxie Service (SbieSvc) - tzuk - D:\Arquivos de programas\Sandboxie\SbieSvc.exeO23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Arquivos de programas\Sygate\SPF\smc.exeO23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Arquivos de programas\Arquivos comuns\SolidWorks Shared\Service\SolidWorksLicensing.exeO23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Arquivos de programas\Arquivos comuns\Sony Shared\AVLib\SPTISRV.exeO23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Arquivos de programas\Arquivos comuns\Sony Shared\AVLib\SSScsiSV.exe Link to comment Share on other sites More sharing options...
Ultima Posted May 11, 2008 Report Share Posted May 11, 2008 I don't see anything obvious, but I've this nagging feeling that this BHO might be problematic:O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dllTry removing it and its associated application to see if the problem persists? Link to comment Share on other sites More sharing options...
F u r u y á Posted May 11, 2008 Author Report Share Posted May 11, 2008 This BHO is used by some internet banking here, already searched about it (first time I saw it I got the same nagging feeling), so it isn't a malware or spyware. Link to comment Share on other sites More sharing options...
Firon Posted May 11, 2008 Report Share Posted May 11, 2008 Could be AntiVir... Kind of a weird issue. Link to comment Share on other sites More sharing options...
Switeck Posted May 11, 2008 Report Share Posted May 11, 2008 F u r u y á said: "This BHO is used by some internet banking here, already searched about it (first time I saw it I got the same nagging feeling), so it isn't a malware or spyware."Commercial software, even for something meant to be as secure as internet banking, cannot be automatically ruled out as non-spyware anymore. Is it possible to reinstall that if removed for testing purposes? Link to comment Share on other sites More sharing options...
hermanm Posted May 11, 2008 Report Share Posted May 11, 2008 Can you copy & paste the name of folder µTorrent is trying to open?You can open Explorer.exe from Windows, no problem? Link to comment Share on other sites More sharing options...
Ultima Posted May 11, 2008 Report Share Posted May 11, 2008 @F u r u y á: I didn't suspect it of being malware. I suspected it of behaving stupidly. As Switeck said, try removing it simply for testing purposes. We're trying to narrow down the possible problems here. Link to comment Share on other sites More sharing options...
jewelisheaven Posted May 11, 2008 Report Share Posted May 11, 2008 Irregardless of whether you expect it to be there or not... VERY few things belong O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehcef.dllO20 - Winlogon Notify: atkctrs32 - atkctrs32.dll (file missing)there. Winlogon hooks into ALL processes. WGA is expected and even some firewalls, but removing that GB is a test, and finding out what that atkctrs goes to... would be high on my list of things to troubleshoot. Link to comment Share on other sites More sharing options...
F u r u y á Posted May 12, 2008 Author Report Share Posted May 12, 2008 Well, the problem haven't happening for some time now, so maybe the problem is with my system, not with uTorrent. There should be more occurences like that from others users but as I see that it's only happening to me, so uT prolly isn't the problem.In a few days (or month!) I will reinstall the whole system (I will make an image of a WinXP+SP3 fresh installation), and let's see if the problem persists.Answering to the questions:- Sorry, at this time I won't remove the plugin until the next windows reinstallation.- No, from windows explorer that kind of problem have never happened (I don't remember to which torrents the problem occured, so I can't tell you the folder's name). Link to comment Share on other sites More sharing options...
chuim Posted October 7, 2008 Report Share Posted October 7, 2008 I'm having the exact same problem for a long time; at least since version 1.7 (but I think it began even before that). For me it happens every time uTorrent tries to open a directory or a file. And, I discovered today, even when I try go to "Help | uTorrent Help", when it should launch a browser to show that web page.Any new ideas about how to solve that problem? Link to comment Share on other sites More sharing options...
thelittlefire Posted October 7, 2008 Report Share Posted October 7, 2008 F1 doesn't go to the web anymore. It loads (or downloads) the uTorrent Manual.So why didn't you follow the steps the others were asked in this situation?By the way, are you aware uTorrent 1.8 was released almost 2 months ago? You can auto-update or download it manually from http://utorrent.com/download.php Link to comment Share on other sites More sharing options...
chuim Posted October 7, 2008 Report Share Posted October 7, 2008 The steps, you mean, by posting a HijackThis log? Ok, I'll post it at the end of this message.I use the auto-update feature and I'm still having the same problems with version 1.8.And thanks for helping me out... Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:50:01, on 6/10/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\GbPlugin\GbpSv.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Creative\Shared Files\CTAudSvc.exeC:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exeC:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\Program Files\Raxco\PerfectDisk\PDAgent.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\UPHClean\uphclean.exeC:\WINDOWS\Explorer.EXEC:\Program Files\TortoiseSVN\bin\TSVNCache.exeC:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exeC:\Program Files\Microsoft IntelliType Pro\itype.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Documents and Settings\carlos\Local Settings\Application Data\Google\Update\GoogleUpdate.exeC:\utils\Launchy\Launchy.exeC:\Program Files\Logitech\SetPoint\SetPoint.exeC:\Program Files\Microsoft IntelliType Pro\dpupdchk.exeC:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXEC:\utils\Mozilla Firefox\firefox.exeC:\UTILS\PROCESS EXPLORER\PROCEXP.EXEC:\WINDOWS\system32\rundll32.exeC:\Program Files\uTorrent\uTorrent.exeC:\WINDOWS\Explorer.EXEC:\utils\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dllO2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbit Downloader\orbitcth.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\utils\SPYBOT~1\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dllO2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dllO2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dllO2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.20.0\gears.dllO4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /minO4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\carlos\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exeO4 - Global Startup: Google Updater.lnk.disabledO4 - Global Startup: Launchy.lnk = C:\utils\Launchy\Launchy.exeO4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exeO4 - Global Startup: PowerMenu.lnk.disabledO8 - Extra context menu item: &Download All by Gigaget - C:\utils\Gigaget\getallurl.htmO8 - Extra context menu item: &Download by Gigaget - C:\utils\Gigaget\geturl.htmO8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbit Downloader\orbitmxt.dll/201O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbit Downloader\orbitmxt.dll/204O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\utils\Offline Explorer Pro\Add_UrlO.htmO8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\utils\Offline Explorer Pro\Add_AllO.htmO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbit Downloader\orbitmxt.dll/203O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbit Downloader\orbitmxt.dll/202O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htmO9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dllO9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dllO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.20.0\gears.dllO9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.20.0\gears.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\utils\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\utils\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cabO16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cabO16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cabO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - Winlogon Notify: GbPluginAbn - C:\Program Files\GbPlugin\gbiehabn.dllO20 - Winlogon Notify: GbPluginBb - C:\PROGRAM FILES\GBPLUGIN\gbieh.dllO20 - Winlogon Notify: __GbPluginAbn - C:\Program Files\GbPlugin\gbiehabn.dllO20 - Winlogon Notify: __GbPluginBb - C:\Program Files\GbPlugin\gbieh.dllO23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exeO23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exeO23 - Service: AST Service (astcc) - Unknown owner - C:\WINDOWS\SYSTEM32\astsrv.exe (file missing)O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exeO23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\utils\FileZilla Server\FileZilla Server.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Update Service (gupdate1c8ed35c616ed20) (gupdate1c8ed35c616ed20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exeO23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe--End of file - 10795 bytes Link to comment Share on other sites More sharing options...
GTHK Posted October 7, 2008 Report Share Posted October 7, 2008 1.8.1 is out now. Link to comment Share on other sites More sharing options...
Firon Posted October 7, 2008 Report Share Posted October 7, 2008 Try removing GbPlugin. Link to comment Share on other sites More sharing options...
thelittlefire Posted October 7, 2008 Report Share Posted October 7, 2008 What is this GBPlugin... you both have it, the OP did not want to remove it, would you be more willing to help fix the problem? Link to comment Share on other sites More sharing options...
chuim Posted October 7, 2008 Report Share Posted October 7, 2008 The first time I saw this GBPlugin running, more then one year ago, I was worried too. But I did some research and found out it was installed my bank for on line security purposes (a Brazilian bank named Real).Anyway, tonight, I'll update my uTorrent to version 1.8.1 and try disabling GBPlugin to check if this solves anything. And I'll post the results here. Link to comment Share on other sites More sharing options...
thelittlefire Posted October 7, 2008 Report Share Posted October 7, 2008 Bank plugins? Amazing indeed. Well if you can do that it would certainly help remove extraneous variables. All the sites for banks I've seen in the US just use SSL in their webpages. Link to comment Share on other sites More sharing options...
chuim Posted October 8, 2008 Report Share Posted October 8, 2008 Sorry but I didn't have the time to do those steps yesterday night. Hope to do it tonight.About the bank plugins: banks here are a much scared about key logging trojans and the like, which could compromise the login process of their home banking site. That's why they're installing this kind of "semi-spy-ware" softwares in their clients machines. Sad but true... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.