MeekiMoo Posted March 12, 2009 Report Share Posted March 12, 2009 I read the tutorial and I'm still kind of sketchy when it comes to crash dump files with utorrent and what not... I'm not computer-friendly so I don't grasp things technologically even if they wreak simplicity. I copied the data.HiJack This reported this in its txt:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:57:51 PM, on 3/12/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Program Files (x86)\Microsoft Windows OneCare Live\winssnotify.exeC:\Program Files\ltmoh\ltmoh.exeC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Users\Owner\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exeC:\Program Files (x86)\BitComet\BitComet.exeC:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exeC:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exeC:\Program Files\Camera Assistant Software for Toshiba\traybar.exeC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO1 - Hosts: ::1 localhostO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.3.2.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUPO4 - HKLM\..\Run: [sVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTILO4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exeO4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /startO4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe" /hideO4 - HKLM\..\Run: [OneCareUI] "C:\Program Files (x86)\Microsoft Windows OneCare Live\winssnotify.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [sansaDispatch] C:\Users\Owner\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exeO4 - HKCU\..\Run: [bitComet] "C:\Program Files (x86)\BitComet\BitComet.exe" /trayO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htmO8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htmO8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: UseFlashGet - C:\FlashGet Network\Flashget\GetUrl.htmO8 - Extra context menu item: UseFlashGetDownloadAllLink - C:\FlashGet Network\Flashget\GetAllUrl.htmO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)O13 - Gopher Prefix: O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/SmileyCentralInitialSetup1.0.1.1.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cabO23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exeO23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\Jumpstart\jswpsapi.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exeO23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exeO23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exeO23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exeO23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 9078 bytesProcess Explorer reported this:Process PID CPU Description Company NameSystem Idle Process 0 50.10 Interrupts n/a 5.31 Hardware Interrupts DPCs n/a 1.52 Deferred Procedure Calls System 4 3.80 smss.exe 528 csrss.exe 596 wininit.exe 648 services.exe 704 svchost.exe 920 WmiPrvSE.exe 3132 ehmsas.exe 2748 Media Center Media Status Aggregator Service Microsoft Corporation unsecapp.exe 3952 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation WmiPrvSE.exe 4108 PresentationFontCache.exe 964 svchost.exe 1008 MsMpEng.exe 328 Ati2evxx.exe 672 Ati2evxx.exe 1368 svchost.exe 512 audiodg.exe 1144 svchost.exe 1040 3.04 wlanext.exe 1516 dwm.exe 3348 Desktop Window Manager Microsoft Corporation svchost.exe 1052 taskeng.exe 2944 taskeng.exe 3272 Task Scheduler Engine Microsoft Corporation taskeng.exe 4556 SLsvc.exe 1184 svchost.exe 1208 svchost.exe 1352 0.76 spoolsv.exe 1640 svchost.exe 1668 agr64svc.exe 1860 CFProcSRVC.exe 1888 CFSvcs.exe 2008 OcHealthMon.exe 1400 svchost.exe 2064 svchost.exe 2096 TMachInfo.exe 2152 TNaviSrv.exe 2176 TODDSrv.exe 2248 TosCoSrv.exe 2268 TosIPCSrv.exe 2312 ULCDRSvr.exe 2392 svchost.exe 2420 SearchIndexer.exe 2444 msfwsvc.exe 2488 winss.exe 2528 winssnotify.exe 3508 Windows Live OneCare Tray Notification Microsoft Corporation SmartFaceVWatchSrv.exe 2848 wmpnetwk.exe 3596 lsass.exe 720 lsm.exe 728 csrss.exe 668 winlogon.exe 764 explorer.exe 3372 0.76 Windows Explorer Microsoft Corporation RAVCpl64.exe 3544 HD Audio Control Panel Realtek Semiconductor TPwrMain.exe 3600 TOSHIBA Power Saver TOSHIBA Corporation SmoothView.exe 3700 SmoothView TOSHIBA Corporation TCrdMain.exe 3760 TOSHIBA Flash Cards TOSHIBA Corporation ltmoh.exe 3796 LtMoh MFC Application Agere Systems SynTPEnh.exe 3836 Synaptics TouchPad Enhancements Synaptics, Inc. SynTPHelper.exe 4728 TOSCDSPD.exe 3844 CD/DVD Drive Acoustic Silencer TOSHIBA msnmsgr.exe 3892 Windows Live Messenger Microsoft Corporation ehtray.exe 3908 Media Center Tray Applet Microsoft Corporation SansaDispatch.exe 3964 Sansa Dispatcher SanDisk Corporation wmpnscfg.exe 3248 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation BitComet.exe 1492 4.55 BitComet - a BitTorrent Client www.BitComet.com firefox.exe 4264 Firefox Mozilla Corporation procexp.exe 4700 Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 4476 3.04 Sysinternals Process Explorer Sysinternals - www.sysinternals.com notepad.exe 2524 Notepad Microsoft Corporation uTorrent.exe 2592 26.57 µTorrent BitTorrent, Inc.KeNotify.exe 3628 0.76 NDSTray.exe 3940 ConfigFree Task Tray Menu TOSHIBA CORPORATION CFSwMgr.exe 4180 ConfigFree Switch Manager TOSHIBA CORPORATIONtraybar.exe 2832 traybar ChiconyTSS.exe 3676 TOSHIBA Service Station TOSHIBA Corporationjusched.exe 2816 Java Platform SE binary Sun Microsystems, Inc.conime.exe 4348 Console IME Microsoft Corporationnotepad.exe 5036 Notepad Microsoft CorporationProcess: uTorrent.exe Pid: 2592Name Description Company Name VersionADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.0.6001.18000ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.0CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.6001.18000dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.0.6001.18000dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.0.6001.18000DnsApi.dll DNS Client API DLL Microsoft Corporation 6.0.6001.18000FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.0.6001.18000GDI32.dll GDI Client DLL Microsoft Corporation 6.0.6001.18159GPAPI.dll Group Policy Client API Microsoft Corporation 6.0.6001.18000hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 6.0.6001.18000iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.0.6001.18203IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.0.6001.18000Iphlpapi.dll IP Helper API Microsoft Corporation 6.0.6001.18000kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.0.6001.18000kernel32.dll.mui Windows NT BASE API Client DLL Microsoft Corporation 6.0.6001.18000locale.nls locale.nls LPK.DLL Language Pack Microsoft Corporation 6.0.6001.18000MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.0.6001.18000msctf.dll.mui MSCTF Server DLL Microsoft Corporation 6.0.6000.16386msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.6001.18000mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.0.6001.18000msxml3.dll MSXML 3.0 SP10 Microsoft Corporation 8.100.1048.0msxml3r.dll XML Resources Microsoft Corporation 8.20.8730.1napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.0.6001.18000netshell.dll Network Connections Shell Microsoft Corporation 6.0.6001.18000NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.0.6001.18000npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.0.6000.16386NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.0.6001.18000ntdll.dll NT Layer DLL Microsoft Corporation 6.0.6001.18000ntdll.dll NT Layer DLL Microsoft Corporation 6.0.6001.18000ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.0.6001.18000oleaut32.dll Microsoft Corporation 6.0.6001.18000pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.0.6001.18000PSAPI.DLL Process Status Helper Microsoft Corporation 6.0.6000.16386rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.0.6000.16386RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.0.6001.18051rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.0.6001.18000Secur32.dll Security Support Provider Interface Microsoft Corporation 6.0.6001.18000SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.6001.18167shfolder.dll Shell Folder Service Microsoft Corporation 6.0.6000.16386SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.6001.18000slc.dll Software Licensing Client Dll Microsoft Corporation 6.0.6001.18000SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.0.6000.16386SXS.DLL Fusion 2.5 Microsoft Corporation 6.0.6001.18000upnp.dll UPnP Control Point API Microsoft Corporation 6.0.6001.18000urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.0.6001.18203USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.0.6001.18000USERENV.dll Userenv Microsoft Corporation 6.0.6001.18000USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000uTorrent.exe µTorrent BitTorrent, Inc. 1.9.0.13582uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.6001.18000VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.0.6001.18000WINHTTP.dll Windows HTTP Services Microsoft Corporation 6.0.6001.18000WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.0.6001.18000winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.0.6000.16386WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.0.6001.18000wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.0.6001.18000wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.0.6001.18000wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.0.6001.18000WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.0.6001.18000wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.0.6001.18000wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.0.6001.18000WHAT DO I DO NOW? Link to comment Share on other sites More sharing options...
schnurlos Posted March 13, 2009 Report Share Posted March 13, 2009 Which version/build of µTorrent are you running?The last 1.8.3 beta build 14755 has some (known) problems to generate crash dumps. Just to point that. Link to comment Share on other sites More sharing options...
moogly Posted March 13, 2009 Report Share Posted March 13, 2009 It's written in the log:uTorrent.exe µTorrent BitTorrent, Inc. 1.9.0.13582 Link to comment Share on other sites More sharing options...
Switeck Posted March 13, 2009 Report Share Posted March 13, 2009 "(file missing)" can be a bad sign -- an improperly uninstalled program, hard drive corruption, or a virus/trojan that hides itself by renaming itself after windows starts.You have a file indexer running, which might interfere with uTorrent: SearchIndexer.exe 2444Unknown, possibly hostile hidden BHO?:O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)BitComet is running at the same time?:O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.3.2.dllBitComet.exe 1492 4.55 BitComet - a BitTorrent Client www.BitComet.comMultiple file sharing programs running at once can definitely stress a connection unless care is taken to limit their network resource grab. They could be overrunning windows half open limit as well. Link to comment Share on other sites More sharing options...
MeekiMoo Posted March 14, 2009 Author Report Share Posted March 14, 2009 I uninstalled bitcomet and I think those are probably very accurate hypotheses... but what do I do now? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.