uTorrent randomly crashes

[aditya_t90]

I am on 1.8.1

I have uploaded the dumps to mediafire in zip form(there are 4-5)

The link is http://www.mediafire.com/?sharekey=1aeff22b4bbe25f1d2db6fb9a8902bda

The dump is not getting sent from utorrent automatically.

Hijack This log shows

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:57:24 AM, on 11/20/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\uTorrent\uTorrent.exe

E:\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: uTorrent.exe.lnk = C:\Program Files\uTorrent\uTorrent.exe

O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

--

End of file - 5292 bytes

Process Explorer log

Process PID CPU Description Company Name

System Idle Process 0 95.83

Interrupts n/a 0.38 Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 440 Windows Session Manager Microsoft Corporation

csrss.exe 504 Client Server Runtime Process Microsoft Corporation

wininit.exe 560 Windows Start-Up Application Microsoft Corporation

services.exe 604 Services and Controller app Microsoft Corporation

svchost.exe 756 Host Process for Windows Services Microsoft Corporation

IDMan.exe 3852 Internet Download Manager (IDM) Tonec Inc.

IEMonitor.exe 448 Internet Download Manager agent for click monitoring in IE-based browsers Tonec Inc.

HiJackThis.exe 216 HijackThis Trend Micro Inc.

notepad.exe 4040 Notepad Microsoft Corporation

WinRAR.exe 2712

procexp.exe 348 0.38 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

WmiPrvSE.exe 1160 WMI Provider Host Microsoft Corporation

dllhost.exe 3900 0.76 COM Surrogate Microsoft Corporation

svchost.exe 820 Host Process for Windows Services Microsoft Corporation

svchost.exe 904 Host Process for Windows Services Microsoft Corporation

Ati2evxx.exe 964 ATI External Event Utility EXE Module ATI Technologies Inc.

Ati2evxx.exe 1416 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 1000 Host Process for Windows Services Microsoft Corporation

audiodg.exe 1196 Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1044 Host Process for Windows Services Microsoft Corporation

dwm.exe 460 0.38 Desktop Window Manager Microsoft Corporation

svchost.exe 1060 0.38 Host Process for Windows Services Microsoft Corporation

taskeng.exe 496 Task Scheduler Engine Microsoft Corporation

taskeng.exe 2564 Task Scheduler Engine Microsoft Corporation

svchost.exe 1228 Host Process for Windows Services Microsoft Corporation

SLsvc.exe 1272 Microsoft Software Licensing Service Microsoft Corporation

svchost.exe 1356 Host Process for Windows Services Microsoft Corporation

svchost.exe 1496 Host Process for Windows Services Microsoft Corporation

spoolsv.exe 1756 Spooler SubSystem App Microsoft Corporation

svchost.exe 1784 Host Process for Windows Services Microsoft Corporation

mDNSResponder.exe 2400 Bonjour Service Apple Computer, Inc.

NBService.exe 2548 Nero BackItUp Nero AG

svchost.exe 2680 Host Process for Windows Services Microsoft Corporation

svchost.exe 2744 Host Process for Windows Services Microsoft Corporation

SearchIndexer.exe 2780 Microsoft Windows Search Indexer Microsoft Corporation

nSvcAppFlt.exe 2844 app_filter Module

nSvcIp.exe 2964 NVIDIA Corporation

wmpnetwk.exe 3288 Windows Media Player Network Sharing Service Microsoft Corporation

lsass.exe 616 Local Security Authority Process Microsoft Corporation

lsm.exe 628 Local Session Manager Service Microsoft Corporation

csrss.exe 572 Client Server Runtime Process Microsoft Corporation

winlogon.exe 860 Windows Logon Application Microsoft Corporation

explorer.exe 696 Windows Explorer Microsoft Corporation

MSASCui.exe 2060 Windows Defender User Interface Microsoft Corporation

sidebar.exe 2084 Windows Sidebar Microsoft Corporation

sidebar.exe 3552 1.89 Windows Sidebar Microsoft Corporation

wmpnscfg.exe 3244 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

firefox.exe 2520 Firefox Mozilla Corporation

uTorrent.exe 308 µTorrent BitTorrent, Inc.

MOM.exe 2076 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.

CCC.exe 2276 Catalyst Control Centre: Host application ATI Technologies Inc.

Anything else?

Please tell me.

Thanks

[Firon]

You need to uninstall the NVIDIA firewall (also known as the forceware network manager).

[aditya_t90]

Ok Done.

But could you tell me why this is done?

[Firon]

There's a bug in the NVIDIA firewall that causes crashes in P2P apps (it's not limited to ut) and causes other weird annoying problems, like eating all the memory on the system.

[Ultima]

And it's been like this for years now. Doesn't seem like nVidia cares enough to fix it, which is why we need to resort to telling users to simply uninstall it.

[aditya_t90]

Thank you very much.

uTorrent zindabaad