Jump to content

Double clicking on utorrent doesnt load the program.


pras0x84

Recommended Posts

lately my utorrent has been acting weird. I tried v1.7.7 and even v1.8 RC6. At the time of installation its working good. i can add downloads and start downloading stuff. After some time, say in hours, it refuses to start when double clicked. Besides, other softwares like Flash Movie player v1.4, v1.5 and Magic Iso v5.3 are failing to load. Failing in the sense, the mouse pointer turns busy for less than a sec and then nothing happens. I dont know why this is happening. I have done formatting and fresh loading of OS as a last resort but it couldnt help too. Iam not using any antivirus software and iam sure that its not cus of virus. I don know what further information could help you guys to help me. Please ask me if u would like to know anything.

I searched the forum and came up with this.

Backup settings.dat in Start > Run > %appdata%\uTorrent, then delete settings.dat and settings.dat.old and reconfigure µTorrent.

I had to test this yet. Maybe the next time my utorrent crashes. But can anyone explain why those 2 other software fail to load along with utorrent ?

----------------------------------------------------

Logfile of HijackThis v1.99.1

Scan saved at 5:43:20 PM, on 7/27/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ping.exe

C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm

O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{77AEA8D2-A98B-49F0-831B-F0AC34F622EB}: NameServer = 172.16.11.1,202.56.250.7,202.63.100.2,202.56.250.6

O17 - HKLM\System\CS1\Services\Tcpip\..\{77AEA8D2-A98B-49F0-831B-F0AC34F622EB}: NameServer = 172.16.11.1,202.56.250.7,202.63.100.2,202.56.250.6

O17 - HKLM\System\CS2\Services\Tcpip\..\{77AEA8D2-A98B-49F0-831B-F0AC34F622EB}: NameServer = 172.16.11.1,202.56.250.7,202.63.100.2,202.56.250.6

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)

-------------------------------------------------------------------------

Link to comment
Share on other sites

I had a problem similar to this. But it wasn't caused by hostile software. It was a usb flash drive that I had left connected to the computer when I rebooted. Removing the drive solved the problem instantly. The problem has not reappeared even when the drive has been reconnected, so it was probably the rebooting while connected.

Link to comment
Share on other sites

I think i have found the reason. The reason is latest version of Flashget. When ever i opened flashget, the installed utorrent wouldnt work. Don know what is the cause. I guess it has to do something with flashget now supporting bittorrent. Now i have uninstalled the Flashget, and have been using utorrent ever since. Its working awesome. Think i have to shift to someother flashget look alike software cus its killing utorrent.

Link to comment
Share on other sites

No if its just the association of Flashget to .torrent files i would have done it a long while ago. Even after resetting association for .torrent in Flashget, utorrent still continued to collapse or say not load at all for double click. Hope you guys understand what iam talkin bout. Thanx for all those who cared to help me. Its good to be here.

Link to comment
Share on other sites

Finally i had found out why utorrent fails. Its virus with name svchost.exe (created at C:\Windows). Its running itself as a service when entered into the system. As its common for windows to run many instances of svchost.exe (originally at C:\Windows\System32), it looks unsuspicious.

It took sometime to discover that the file contents of utorrent.exe are changing as the time passes. Thats why it works when installed for sometime. Later when the file is tampered, it stops working. I have also observed that this svchost.exe (virus) is overwriting the contents of the programs executed on windows at random tailoring it with its own code. The file size may seem same but the checksums before and after attack fails to match.

I have used ProcessMoniter from sysinternals to know which process is overwriting this utorrent. Took sometime to catch the svchost.exe (virus). The infected or overwritten utorrent now contains the virus within itself. The next time if somehow i managed to clean virus from memory, and if i start utorrent, utorrent reinfects my pc with a copy of svchost.exe present within itself and quit immediately. Interesting thing with this virus is that .. if i somehow clear the virus from memory again .. and reexecute the utorrent, utorrent which was modified earlier, that which isnt working, is not infecting this time. I personally think that the virus isolates itself from the program it resides in once it gets into memory. This still invalidates the host (infected) program.

I havent noticed all this because of the name and nature of svchost.exe. Many instances of it run under normal circumstances. I have used many executable files on my drive ever since it got infected. Each and everytime i run a program, iam making it get infected. Days passed and almost 40% of software that i had on my disk were infected just because i ran them once or twice while my pc is infected with this new svchost.exe. Every such infected programs carry a copy of this infected svchost.exe. I have tried to scan the infected file but the scanners are not good at locating it. When it detaches from the host exe and copies itself as svchost.exe, then the spyware softwares are able to identify it.

So beware people. Now iam taking precautions. I got my utorrent back. All those days with out it was a nightmare !! utorrent rocks !!

By the way, for all those who had shown concern, thank you very much !!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...