Jump to content

uTorrent 1.8.1 Crashes Win2k3 Server


Recommended Posts

Hi, I have 1.8.1 running on Server 2003 (fresh install) and keep getting crashes, almost daily.

I have no idea why this is happening and have also eliminated all possible causes mentioned in the 'Having Crashes' sticky.

I have a few dmps in my uTorrent directory, is it kosher to upload and post them here for someone to inspect?



Link to comment
Share on other sites

Sure, uploading them should be fine.

As well...

a) get HijackThis from trendsecure.com, run it, view the log, and post the contents here

B) get Process Explorer from sysinternals.com, run it, Ctrl+D (to show the lower DLL pane), select the µTorrent process from the list, Ctrl+S (and save the list somewhere you'll find easily -- like the Desktop), then post the contents of the saved process list in the .txt file here

Link to comment
Share on other sites

Ok, here goes:

HiJackThis Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:32:48 PM, on 25/11/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Process Lasso\processlasso.exe
C:\Program Files\Process Lasso\processgovernor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/softAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://sis.com/
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ProcessSupervisorGUI] C:\Program Files\Process Lasso\processlasso.exe
O4 - HKLM\..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O15 - ESC Trusted Zone: http://runonce.msn.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1226393240437
O20 - AppInit_DLLs: C:\WINDOWS\system32\rserver30\newtstop.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Radmin Server V3 (RServer3) - Famatech International Corp. - C:\WINDOWS\system32\rserver30\RServer3.exe

End of file - 6244 bytes

PE Log:

Process    PID    CPU    Description    Company Name
System Idle Process 0 89.39
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 428 Windows NT Session Manager Microsoft Corporation
csrss.exe 476 Client Server Runtime Process Microsoft Corporation
winlogon.exe 508 Windows NT Logon Application Microsoft Corporation
services.exe 556 1.52 Services and Controller app Microsoft Corporation
svchost.exe 800 Generic Host Process for Win32 Services Microsoft Corporation
wmiprvse.exe 2544 WMI Microsoft Corporation
wmiprvse.exe 3272 WMI Microsoft Corporation
svchost.exe 872 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 928 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 964 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1000 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1160 Spooler SubSystem App Microsoft Corporation
msdtc.exe 1184 MS DTCconsole program Microsoft Corporation
dllhost.exe 1312 COM Surrogate Microsoft Corporation
schedul2.exe 1344 Acronis Scheduler 2 Acronis
spd.exe 1420 cFosSpeed Service cFos Software GmbH
svchost.exe 1476 Generic Host Process for Win32 Services Microsoft Corporation
ramaint.exe 1512 LogMeIn Maintenance Service LogMeIn, Inc.
LogMeIn.exe 1572 LogMeIn LogMeIn, Inc.
LMIGuardian.exe 1656 LMIGuardian LogMeIn, Inc.
nod32krn.exe 1708 NOD32 Kernel Service Eset
svchost.exe 1760 Generic Host Process for Win32 Services Microsoft Corporation
rserver3.exe 1788 6.06 Radmin Server Famatech International Corp.
FamItrfc.Exe 704 Radmin component Famatech International Corp.
FamItrf2.Exe 3444 1.52 Radmin component Famatech International Corp.
svchost.exe 1872 Generic Host Process for Win32 Services Microsoft Corporation
Dfsr.exe 2000 Distributed File System Replication Microsoft Corporation
svchost.exe 1008 Generic Host Process for Win32 Services Microsoft Corporation
dllhost.exe 2052 COM Surrogate Microsoft Corporation
alg.exe 2220 Application Layer Gateway Service Microsoft Corporation
svchost.exe 2676 Generic Host Process for Win32 Services Microsoft Corporation
lsass.exe 580 LSA Shell Microsoft Corporation
explorer.exe 2556 Windows Explorer Microsoft Corporation
LogMeInSystray.exe 1728 LogMeIn Desktop Application LogMeIn, Inc.
LMIGuardian.exe 2792 LMIGuardian LogMeIn, Inc.
UnlockerAssistant.exe 420
TrueImageMonitor.exe 1176 Acronis True Image Monitor Acronis
TimounterMonitor.exe 2708 Monitor for Acronis True Image Backup Archive Explorer Acronis
schedhlp.exe 2724 Acronis Scheduler Helper Acronis
cfosspeed.exe 2752 cFosSpeed Window cFos Software GmbH
nod32kui.exe 2756 NOD32 Control Center GUI Eset
ctfmon.exe 2896 CTF Loader Microsoft Corporation
orbitdm.exe 888 Orbit Downloader Orbitdownloader.com
orbitnet.exe 1932 P2P service of Orbit Downloader Orbitdownloader.com
procexp.exe 2820 1.52 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
ProcessLasso.exe 4048 Process Lasso management console Bitsum Technologies
ProcessGovernor.exe 3868 Process Lasso core engine Bitsum Technologies



Thanks for your help!


Link to comment
Share on other sites

I thought the NOD32 issues were only related to V3.x. Guess I was wrong...

I'll add the exception in IMON. However, I must say I have never experienced any uTorrent issues while running NOD 2.x on my other machine...

Anything else look fishy?

Process: uTorrent.exe Pid: 2336

Name Description Company Name Version
ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.02.3790.3959
adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.02.3790.3959
ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.02.3790.3959
apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.02.3790.3959
ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2283.0000
CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.4720.3959
CLUSAPI.dll Cluster API Library Microsoft Corporation 5.02.3790.3959
COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.3790.3959
comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.3790.3959
COMRes.dll COM+ Resources Microsoft Corporation 2001.12.4720.3959
credui.dll Credential Manager User Interface Microsoft Corporation 5.02.3790.3959
DnsApi.dll DNS Client API DLL Microsoft Corporation 5.02.3790.4318
GDI32.dll GDI Client DLL Microsoft Corporation 5.02.3790.4237
hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.02.3790.3959
IMM32.DLL Windows IMM32 API Client DLL Microsoft Corporation 5.02.3790.3959
Iphlpapi.dll IP Helper API Microsoft Corporation 5.02.3790.3959
kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.02.3790.4062
LPK.DLL Language Pack Microsoft Corporation 5.02.3790.3959
MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.02.3790.3959
MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.02.3790.3959
msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.02.3790.3959
msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.3790.3959
mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.02.3790.4318
netapi32.dll Net Win32 API DLL Microsoft Corporation 5.02.3790.4392
NETSHELL.dll Network Connections Shell Microsoft Corporation 5.02.3790.3959
ntdll.dll NT Layer DLL Microsoft Corporation 5.02.3790.3959
ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.02.3790.3959
oleaut32.dll Microsoft Corporation 5.02.3790.4202
PSAPI.DLL Process Status Helper Microsoft Corporation 5.02.3790.3959
rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.02.3790.3959
RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.02.3790.4115
rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.02.3790.3959
rtutils.dll Routing Utilities Microsoft Corporation 5.02.3790.3959
SAMLIB.dll SAM Library DLL Microsoft Corporation 5.02.3790.3959
Secur32.dll Security Support Provider Interface Microsoft Corporation 5.02.3790.3959
SETUPAPI.dll Windows Setup API Microsoft Corporation 5.02.3790.3959
SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.3790.4184
shfolder.dll Shell Folder Service Microsoft Corporation 6.00.3790.3959
SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.3790.3959
USER32.dll Windows USER API Client DLL Microsoft Corporation 5.02.3790.4033
USERENV.dll Userenv Microsoft Corporation 5.02.3790.3959
USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.422.3790.3959
uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639
UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.3790.3959
VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.02.3790.3959
winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.02.3790.3959
WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.02.3790.3959
WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.02.3790.3959
WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.02.3790.3959
wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.02.3790.3959
xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.02.3790.3959

Link to comment
Share on other sites

It's just uTorrent that crashes...

Ran memtest for 7 passes, no errors detected.

I'm starting to think this is hardware/driver related...

The machine in question isn't brand new. Specs are as follows:

MB: GA-8S648FX-775 (SiS 648FX chipset)

CPU: Intel Celeron 2.8

RAM: 1.25GB DDR333


Western Digital WDC-WD800BB-60JKA0 80GB (system drive) (IDE)

Seagate ST3200826A 200GB (data drive) (IDE)

Samsung HD753LJ 700GB (data drive) (SATA II)

PSU: it's a decent Thermaltake 450W

GPU: ATI Radeon 9250 AGP

LAN: Realtek based PCI RTL8169/8110

Optical: Pioneer DVR 111L

All drivers seem to be installed correctly, I have the latest ones available.

The only possible issue that comes to mind is the Samsung HDD (SATA II) installed on a SATA I board.

The OS recognises it as a SCSI drive which seems fine according to some research I performed.

Had a good look in the Event Viewer and all appears to be OK.

I'm running out of ideas here...


Link to comment
Share on other sites

Backup your appdata and try the 1.9 alpha that was just released? Also, check to see if the Samsung is supposed to have a driver set, SATA II drives on older SATA I controllers may need a jumper due to some detection problem or something, though this may only apply to WD drives.

You're sure all the drivers are updated?

Link to comment
Share on other sites

GTHK, in my Samsung drive there's no jumper. They have a boot disk utility that sets the limit at 1.5Gb/s. I think this method should only be used if the drive isn't detected at all.

I'm going to run it tonight on different cache settings. If it still crashes I'll try 1.9 alpha.

I'll report back with my findings...

Thanks for all your help guys!



Ok, it appears I've fixed the problem. Have not had a crash in a couple of days!

All I did was set a jumper on my 80GB WD IDE system drive to master. There was no jumper there before.

BIOS and Windows seemed to be happy, that's why I didn't bother checking...

Anyway...fingers crossed!


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...