utorrent crashes

[pmlcs]

I'm also having the error "utorrent has crashed. Unable to generate crash dump" every time. Can you help me? THANKS!

The Hijackthis log is

Logfile of HijackThis v1.99.1

Scan saved at 11:12:35, on 18-10-2008

Platform: Unknown Windows (WinNT 6.00.1905 SP1)

MSIE: Internet Explorer v8.00 (8.00.6001.17184)

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\Program Files\TweakMASTER\TMTray.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\explorer.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Users\Pedro\Desktop\ANTI VIRUS\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: TweakMASTER Component - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - C:\PROGRA~1\TWEAKM~1\TweakBHO.dll

O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [TweakMASTER] "C:\PROGRA~1\TWEAKM~1\TMTray.exe"

O4 - HKCU\..\Run: [ehTray.exe] -C:\Windows\ehome\ehTray.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O13 - Gopher Prefix:

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.geoweb.pt/vector2/mgaxctrl.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{24976AC0-50B4-4F8D-A44B-C0E8F63DD178}: NameServer = 208.67.222.222,208.67.220.220

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - blank (file missing)

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - b:\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxcr_device - - C:\Windows\system32\lxcrcoms.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Process explorer log for utorrent is

Process PID CPU Description Company Name

System Idle Process 0 97.27

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 516

csrss.exe 584

wininit.exe 632

services.exe 676

svchost.exe 848

mobsync.exe 3584 Microsoft Sync Center Microsoft Corporation

nvvsvc.exe 932

rundll32.exe 1448

svchost.exe 960

svchost.exe 1024

svchost.exe 1084

audiodg.exe 1224

svchost.exe 1116

dwm.exe 1048 0.39 Desktop Window Manager Microsoft Corporation

svchost.exe 1128

taskeng.exe 420 Task Scheduler Engine Microsoft Corporation

taskeng.exe 2100

taskeng.exe 548

SLsvc.exe 1292

svchost.exe 1388

svchost.exe 1564

spoolsv.exe 1860

svchost.exe 1884

AppleMobileDeviceService.exe 2432

mDNSResponder.exe 2444

svchost.exe 2456

ekrn.exe 2500

LSSrvc.exe 2592

lxcrcoms.exe 2604

PnkBstrA.exe 2660

svchost.exe 2680

StarWindServiceAE.exe 2720

svchost.exe 2748

svchost.exe 2796

SearchIndexer.exe 2832

svchost.exe 3416

aawservice.exe 2308

lsass.exe 688

lsm.exe 696

csrss.exe 640

winlogon.exe 872

explorer.exe 1648 Windows Explorer Microsoft Corporation

MSASCui.exe 2236 Windows Defender User Interface Microsoft Corporation

wmdc.exe 2320 Windows Mobile Device Center Microsoft Corporation

rundll32.exe 2344 Windows host process (Rundll32) Microsoft Corporation

egui.exe 2368 Eset GUI ESET

TMTray.exe 2380 TweakMASTER Agent Hagel Technologies Ltd

firefox.exe 3192 Firefox Mozilla Corporation

explorer.exe 4056 Windows Explorer Microsoft Corporation

uTorrent.exe 1360 µTorrent BitTorrent, Inc.

HijackThis.exe 3920

notepad.exe 1472

procexp.exe 3620 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: uTorrent.exe Pid: 1360

Name Description Company Name Version

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.00.6001.18000

apphelp.dll Application Compatibility Client Library Microsoft Corporation 6.00.6001.18000

CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000

comctl32.dll.mui User Experience Controls Library Microsoft Corporation 6.10.6001.18000

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.6001.18000

CRYPT32.dll Crypto API32 Microsoft Corporation 6.00.6001.18000

DBGHELP.DLL Windows Image Helper Microsoft Corporation 6.00.6001.18000

dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.00.6001.18000

dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.00.6001.18000

DnsApi.dll DNS Client API DLL Microsoft Corporation 6.00.6001.18000

DUser.dll Windows DirectUser Engine Microsoft Corporation 6.00.6001.18000

duser.dll.mui Windows DirectUser Engine Microsoft Corporation 6.00.6000.16386

FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.00.6001.18000

GDI32.dll GDI Client DLL Microsoft Corporation 6.00.6001.18023

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.00.6001.17184

IESetting.dll Internet Explorer Settings Manager Microsoft Corporation 8.00.6001.17184

imageres.dll Windows Image Resource Microsoft Corporation 6.00.6000.16386

imageres.dll.mui Windows Image Resource Microsoft Corporation 6.00.6000.16386

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.00.6001.18000

Iphlpapi.dll IP Helper API Microsoft Corporation 6.00.6001.18000

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.00.6001.18000

locale.nls

locale.nls

LPK.DLL Language Pack Microsoft Corporation 6.00.6001.18000

mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 1.00.0005.0011

MPR.dll Multiple Provider Router DLL Microsoft Corporation 6.00.6001.18000

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.00.6000.16386

MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.00.6001.18000

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.6001.18000

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.00.6001.18000

napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.00.6001.18000

NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.00.6001.18000

npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.00.6000.16386

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.00.6001.18000

ntdll.dll NT Layer DLL Microsoft Corporation 6.00.6001.18000

ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.00.6001.18000

oleaut32.dll Microsoft Corporation 6.00.6001.18000

pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.00.6001.18000

PROPSYS.dll Microsoft Property System Microsoft Corporation 7.00.6001.16503

PSAPI.DLL Process Status Helper Microsoft Corporation 6.00.6000.16386

R000000000009.clb

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.00.6000.16386

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.00.6001.18051

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.00.6001.18000

Secur32.dll Security Support Provider Interface Microsoft Corporation 6.00.6001.18000

SETUPAPI.dll Windows Setup API Microsoft Corporation 6.00.6001.18000

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.6001.18062

shfolder.dll Shell Folder Service Microsoft Corporation 6.00.6000.16386

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.6001.18000

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 8.00.6001.17184

USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000

user32.dll.mui Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000

USERENV.dll Userenv Microsoft Corporation 6.00.6001.18000

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000

uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.6001.18000

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.00.6001.18000

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.00.6001.18000

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.00.6000.16386

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.00.6001.18000

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.00.6001.18000

wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.00.6001.18000

wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.00.6001.18000

[Firon]

Are you running 1.8.1?

[thelittlefire]

uTorrent 12639... ESET and NLA LSP injection :/

Startby stopping/closing TweakMaster.... Verify those LSP injections aren't causing trouble.

[Firon]

Just to tell you, those nla things are built into Vista. It's not 3rd party software.

[Ultima]

NLA is even a service under XP.

That WormRadar thing actually has me suspicious. If you search the fourm for wormradar*, you'll find a LOT of threads related to crashes.

[thelittlefire]

Built in LSP injection? Another reason Vista is two steps back. ><

[Ultima]

... In XP, perform Start > Run > cmd /k netsh winsock show catalog

You'll find that NLA is listed there as well -- it's not a Vista-only thing.