Jump to content

"uTorrent has crashed. Unable to generate crash dump."


rulang

Recommended Posts

Posted

Every 10 minutes I get the message "uTorrent has crashed. Unable to generate crash dump." Can someone please help me?

I have windows XP Pro SP3 and I'm using wireless internet (if that help you..)

Here is my list from Hijack This:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:07:02, on 13.01.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE

C:\Programfiler\Norman\Npm\Bin\Zanda.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\agrsmsvc.exe

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programfiler\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\ifxspmgt.exe

C:\WINDOWS\system32\IFXTCS.exe

C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe

C:\SYS.000\Evl.exe

C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\IfxPsdSv.exe

C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Hewlett-Packard\IAM\bin\asghost.exe

C:\Programfiler\Analog Devices\Core\smax4pnp.exe

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\WINDOWS\system32\AccelerometerSt.exe

C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\Programfiler\Norman\Npm\bin\ZLH.EXE

C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe

C:\SYS.000\SW.exe

C:\SYS.000\hostsw.exe

C:\Programfiler\Roxio\Drag-to-Disc\DrgToDsc.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Hewlett-Packard\Embedded Security Software\PSDrt.exe

C:\Documents and Settings\runar.langseth\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe

C:\Programfiler\RocketDock\RocketDock.exe

C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe

C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexStoreSvr.exe

C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\SYS.000\svpr.exe

C:\Programfiler\Hewlett-Packard\Shared\HpqToaster.exe

C:\WINDOWS\system32\rundll32.exe

C:\Programfiler\Norman\nse\bin\NSESVC.EXE

C:\Programfiler\Norman\Nvc\BIN\NIP.EXE

C:\Programfiler\Norman\Nvc\bin\nvcoas.exe

C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE

C:\Programfiler\Norman\Nvc\bin\cclaw.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Programfiler\Internet Explorer\iexplore.exe

C:\Programfiler\Opera\opera.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

D:\Programfiler\uTorrent\uTorrent.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://itsl.ntvgs.no/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://itsl.ntvgs.no/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1F6C23D6-854C-497f-9275-439C89CF1F68} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Programfiler\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll

O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programfiler\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [startCCC] "C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe

O4 - HKLM\..\Run: [PTHOSTTR] c:\Programfiler\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule

O4 - HKLM\..\Run: [iFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon

O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [sSConfig] C:\SYS.000\SW.exe

O4 - HKLM\..\Run: [ProcMon] C:\SYS.000\hostsw.exe

O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programfiler\Roxio\Drag-to-Disc\DrgToDsc.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Programfiler\Fellesfiler\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\runar.langseth\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [RocketDock] "C:\Programfiler\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send til &Bluetooth-enhet... - C:\Programfiler\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Programfiler\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll

O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: DirectEdit - https://www.itslearning.com//file/DirectEdit.CAB

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1216030961260&h=f5bc1b26c862bb88ebddc147bd202ac2/&filename=jinstall-6u7-windows-i586-jc.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ntvgs.no

O17 - HKLM\Software\..\Telephony: DomainName = ntvgs.no

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ntvgs.no

O20 - AppInit_DLLs: APSHook.dll

O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll

O20 - Winlogon Notify: OneCard - C:\Programfiler\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE

O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe

O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - C:\Programfiler\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe

O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: Event Log Audit (MASEL) - CISL - C:\SYS.000\Evl.exe

O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe

O23 - Service: Norman NJeeves - Norman ASA - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Programfiler\Norman\nse\bin\NSESVC.EXE

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE

O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programfiler\Fellesfiler\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Programfiler\Fellesfiler\SureThing Shared\stllssvr.exe

--

End of file - 13168 bytes

Posted

Get Process Explorer from sysinternals.com, run it, Ctrl+D (to show the lower DLL pane), select the µTorrent process from the list, Ctrl+S (and save the list somewhere you'll find easily -- like the Desktop), then post the contents of the saved process list in the .txt file here.

Posted

I think I did correct now:

Process PID CPU Description Company Name

System Idle Process 0 61.43

Interrupts n/a 0.71 Hardware Interrupts

DPCs n/a 2.14 Deferred Procedure Calls

System 4 0.71

smss.exe 860 Windows NT Session Manager Microsoft Corporation

csrss.exe 908 0.71 Client Server Runtime Process Microsoft Corporation

winlogon.exe 948 Påloggingsprogram for Windows NT Microsoft Corporation

services.exe 996 2.14 Program for tjenester og kontroller Microsoft Corporation

svchost.exe 1188 Generic Host Process for Win32 Services Microsoft Corporation

ati2evxx.exe 1260 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 1276 Generic Host Process for Win32 Services Microsoft Corporation

wmiprvse.exe 820 WMI Microsoft Corporation

asghost.exe 3532 Global Virtual Card Host Bioscrypt Inc.

NMIndexStoreSvr.exe 320 Nero Home Nero AG

HpqToaster.exe 3416 HpqToaster Module

HpFkCrypt.exe 1348 Drive Encryption for HP ProtectTools Service SafeBoot International

svchost.exe 1388 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1432 Generic Host Process for Win32 Services Microsoft Corporation

btwdins.exe 1460 Bluetooth Support Server Broadcom Corporation.

elogsvc.exe 1500 Norman eLogger service Norman ASA

Zanda.exe 1588 0.71 Norman Zanda service Norman ASA

svchost.exe 1620 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1660 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1932 Spooler SubSystem App Microsoft Corporation

agrsmsvc.exe 596 Agere Soft Modem Call Progress Service Agere Systems

AppleMobileDeviceService.exe 612 Apple Mobile Device Service Apple Inc.

mDNSResponder.exe 632 Bonjour Service Apple Inc.

IFXSPMGT.exe 688 Security Platform Management Service Infineon Technologies AG

IFXTCS.exe 832 TCPA TSS Core Service Infineon Technologies AG

iviRegMgr.exe 904 RegMgr Module InterVideo

Evl.exe 1168 CISL

MDM.EXE 1532 Machine Debug Manager Microsoft Corporation

IfxPsdSv.exe 1552 PSD Service Infineon Technologies AG

Njeeves.exe 2008 NJeeves service Norman ASA

alg.exe 496 Application Layer Gateway Service Microsoft Corporation

scardsvr.exe 1916 Smart Card Resource Management Server Microsoft Corporation

hpqwmiex.exe 2544 hpqwmiex Module Hewlett-Packard Development Company, L.P.

Com4QLBEx.exe 2092 Com for QLB application Hewlett-Packard Development Company, L.P.

NMIndexingService.exe 2720 Nero Home Nero AG

iPodService.exe 3080 iPodService Module Apple Inc.

Nsesvc.exe 2696 Norman Scanner Engine Service Norman ASA

Nvcoas.exe 2704 1.43 NVC OnAccess virus scanner Norman ASA

Nvcsched.exe 2852 NVC Scheduler Norman ASA

svchost.exe 4016 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 1008 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 3472 ATI External Event Utility EXE Module ATI Technologies Inc.

explorer.exe 3700 1.43 Windows Utforsker Microsoft Corporation

smax4pnp.exe 3984 SMax4PNP Analog Devices, Inc.

SynTPEnh.exe 1548 1.43 Synaptics TouchPad Enhancements Synaptics, Inc.

accelerometerST.exe 1772 Hp Accelerometer System Tray Hewlett-Packard Corporation

QLBCTRL.exe 2644 Quick Launch Buttons Hewlett-Packard Development Company, L.P.

Zlh.exe 3464 Norman ZLH Norman ASA

Nip.exe 1164 NVC Internet Protection Norman ASA

jusched.exe 892 Java Platform SE binary Sun Microsystems, Inc.

SW.exe 3220 CISL

svpr.exe 3816 CISL

hostsw.exe 1340 SW

DrgToDsc.exe 1684 Drag To Disc Application Roxio

iTunesHelper.exe 1272 iTunesHelper Module Apple Inc.

ctfmon.exe 2748 CTF Loader Microsoft Corporation

GoogleUpdate.exe 1104 Google-oppdatering Google Inc.

RocketDock.exe 3992

iexplore.exe 2476 13.57 Internet Explorer Microsoft Corporation

opera.exe 1452 0.71 Opera Internet Browser Opera Software

uTorrent.exe 3016 2.14 µTorrent BitTorrent, Inc.

NMBgMonitor.exe 2448 Nero Home Nero AG

WINWORD.EXE 2156 Microsoft Office Word Microsoft Corporation

MOM.exe 3128 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.

CCC.exe 1928 Catalyst Control Centre: Host application ATI Technologies Inc.

PSDrt.exe 1744 PSD Runtime Application Infineon Technologies AG

rundll32.exe 1700 Kjør en DLL som et program Microsoft Corporation

CClaw.exe 4084 CClaw Norman ASA

procexp.exe 1752 10.71 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: uTorrent.exe Pid: 3016

Name Description Company Name Version

ACTIVEDS.dll ADs ruterlags-DLL Microsoft Corporation 5.01.2600.5512

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.5512

ADVAPI32.dll Avansert Windows 32 Base-API Microsoft Corporation 5.01.2600.5512

APSHook.dll Application Protection Hook Bioscrypt Inc. 2.05.0000.0029

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0001

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0700

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.5512

comdlg32.dll DLL for felles dialogbokser Microsoft Corporation 6.00.2900.5512

COMRes.dll Microsoft Corporation 2001.12.4414.0700

credui.dll Brukergrensesnitt for behandling av legitimasjonsbeskrivelser Microsoft Corporation 5.01.2600.5512

CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.5512

ctype.nls

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.01.2600.5625

dot3api.dll 802.3-autokonfigurasjons-API Microsoft Corporation 5.01.2600.5512

dot3dlg.dll 802.3 UI - hjelpeprogram Microsoft Corporation 5.01.2600.5512

dwspy36.DLL SpyWorks support library. Desaware Inc. 6.00.0001.0003

eappcfg.dll Eap Peer Config Microsoft Corporation 5.01.2600.5512

eappprxy.dll Microsoft EAPHost Peer Client DLL Microsoft Corporation 5.01.2600.5512

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.5512

hnetcfg.dll Konfigurasjonsbehandling for hjemmenettverk Microsoft Corporation 5.01.2600.5512

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.5512

Iphlpapi.dll IP-hjelpeprogram-API Microsoft Corporation 5.01.2600.5512

ItClient.dll SSO Hook Module Cognizance Corporation 2.01.0000.0102

kernel32.dll DLL-fil for Windows NT BASE API-klient Microsoft Corporation 5.01.2600.5512

locale.nls

mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 1.00.0005.0011

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.5512

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.01.2600.5512

MSCTF.dll MSCTF-server-DLL Microsoft Corporation 5.01.2600.5512

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.5512

MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.02.3104.0000

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.5512

mswsock.dll Microsoft Windows Sockets 2.0-tjenesteprogram Microsoft Corporation 5.01.2600.5625

netapi32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.5512

NETSHELL.dll Skall for nettverkstilkoblinger Microsoft Corporation 5.01.2600.5512

Niphk.dll NVC Internet Protection Norman ASA 5.99.0000.0001

ntdll.dll NT nivå-dll Microsoft Corporation 5.01.2600.5512

NTMARTA.DLL Windows NT MARTA-leverandør Microsoft Corporation 5.01.2600.5512

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.5512

OLEACC.dll Active Accessibility Core Component Microsoft Corporation 4.02.5406.0000

oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.02.5406.0000

OLEAUT32.dll Microsoft Corporation 5.01.2600.5512

OneX.DLL IEEE 802.1X-anmoderbibliotek Microsoft Corporation 5.01.2600.5512

PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.5512

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.5512

RocketDock.dll

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.5512

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.5507

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.5512

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.5512

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.5512

SETUPAPI.dll Installasjons-API for Windows Microsoft Corporation 5.01.2600.5512

SHELL32.dll Felles DLL-fil for Windows-skall Microsoft Corporation 6.00.2900.5512

shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.5512

SHLWAPI.dll Lavnivåbibliotek for grensesnitt Microsoft Corporation 6.00.2900.5512

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll DLL-fil for Windows XP USER API-klient Microsoft Corporation 5.01.2600.5512

USERENV.dll Userenv Microsoft Corporation 5.01.2600.5512

uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639

uxtheme.dll Microsoft UxTema-bibliotek Microsoft Corporation 6.00.2900.5512

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.5512

WINSTA.dll Winstation Library Microsoft Corporation 5.01.2600.5512

WLDAP32.dll DLL-fil for Win32 LDAP-API Microsoft Corporation 5.01.2600.5512

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.5512

WS2HELP.dll Hjelpeprogram for Windows Socket 2.0 for Windows NT Microsoft Corporation 5.01.2600.5512

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.5512

WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.01.2600.5512

xpsp2res.dll Meldinger for Service Pack 2 Microsoft Corporation 5.01.2600.5512

Posted

APSHook.dll Application Protection Hook Bioscrypt Inc. 2.05.0000.0029

dwspy36.DLL SpyWorks support library. Desaware Inc. 6.00.0001.0003

Niphk.dll NVC Internet Protection Norman ASA 5.99.0000.0001

Most likely Norman.

Posted

You can disable Web protection of Norman and run again a PE log to see if Niphk.dll is still injected in uT.

If uT doesn't stop crashing, maybe the culprit is SpyWorks.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...