Zed-PM Posted April 24, 2009 Report Share Posted April 24, 2009 I am having constant problems with uTorrent 1.8.2 and 1.8.3 beta. 1.8.2 started crashing a few days ago and wouldn't keep working no longer than 15-60 seconds. I updated and nothing is better. I have Windows Vista Ultimate 64bit.After crashed, uTorrent notifies it was unable to create crash dump. Link to comment Share on other sites More sharing options...
moogly Posted April 24, 2009 Report Share Posted April 24, 2009 Post Hijackthis and Process Explorer logs when uT is running.Select utorrenT.exe and enable DLL mode (ctrl+d) in PE.Guide: http://forum.utorrent.com/viewtopic.php?id=29748 Link to comment Share on other sites More sharing options...
Zed-PM Posted April 24, 2009 Author Report Share Posted April 24, 2009 I hope this information will suffice.----Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:41:49, on 24.4.2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18226)Boot mode: NormalRunning processes:C:\Program Files (x86)\F-Secure\common\FSM32.EXEC:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exeC:\Windows\SysWOW64\CtHelper.exeC:\Windows\SysWOW64\Ctxfihlp.exeC:\Program Files (x86)\F-Secure\FSGUI\fsguidll.exeC:\Windows\SysWOW64\CTXFISPI.EXEC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exeC:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exeC:\Windows\SysWOW64\conime.exeC:\Program Files (x86)\Spotify\spotify.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Users\Huurinainen\Downloads\ProcessExplorer\procexp.exeC:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exeC:\Program Files (x86)\uTorrent\uTorrent.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO1 - Hosts: ::1 localhostO2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splashO4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKLM\..\Run: [Module Loader] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRunO4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXEO4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exeO4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLLO4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXEO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLLO13 - Gopher Prefix: O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exeO23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exeO23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exeO23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FNRB32.EXEO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FSAUA\program\fsaua.exeO23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exeO23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXEO23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exeO23 - Service: Google Update Service (gupdate1c9860f8b9fd120) (gupdate1c9860f8b9fd120) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: DiRT Drivers Auto Removal (pr2ah4nb) (pr2ah4nb) - Unknown owner - C:\Windows\system32\pr2ah4nb.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exeO23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)O23 - Service: WTService - Unknown owner - C:\Windows\system32\atwtusb.exe--End of file - 11120 bytesAND THEN THE OTHER STUFFProcess PID CPU Description Company NameSystem Idle Process 0 74.54 Interrupts n/a Hardware Interrupts DPCs n/a 5.27 Deferred Procedure Calls System 4 3.76 smss.exe 436 csrss.exe 568 wininit.exe 620 csrss.exe 640 winlogon.exe 880 explorer.exe 2520 Resurssienhallinta Microsoft Corporation spotify.exe 7584 Spotify Spotify AB firefox.exe 10172 Firefox Mozilla Corporation procexp.exe 7288 Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 9584 0.75 Sysinternals Process Explorer Sysinternals - www.sysinternals.com uTorrent.exe 11768 10.54 µTorrent BitTorrent, Inc.GoogleUpdate.exe 1684 MSASCui.exe 3952 Windows Defender User Interface Microsoft Corporationitype.exe 2284 IType.exe Microsoft Corporation dpupdchk.exe 4864 dpupdchk.exe Microsoft Corporationehtray.exe 2816 Media Center Tray Applet Microsoft CorporationFSM32.EXE 124 F-Secure Settings and Statistics F-Secure Corporation fsguidll.exe 3296 F-Secure GUI component F-Secure CorporationDLLML.exe 3488 DLL Module Loader Creative Technology Ltd. EAXLoadr.exe 4976 Creative Entertainment Center EAX module loader Creative Technology LtdCtHelper.exe 3264 CtHelper Application Creative Technology LtdCtxfihlp.exe 3704 CTXfiHlp MFC Application Creative Technology Ltdjusched.exe 4024 Java Platform SE binary Sun Microsystems, Inc.iTunesHelper.exe 3784 iTunesHelper Module Apple Inc.MOM.exe 4016 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 4760 Catalyst Control Centre: Host application ATI Technologies Inc.splwow64.exe 4688 Thunking Spooler APIS from 32 to 64 Process Microsoft Corporationconime.exe 10588 HijackThis.exe 5960 notepad.exe 8640 Process: uTorrent.exe Pid: 11768Name Description Company Name VersionADVAPI32.dll Windows 32 -pohjainen lisä-API Microsoft Corporation 6.0.6001.18000C_936.NLS CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000COMCTL32.dll Käyttäjäkokemus-ohjausobjektien kirjasto Microsoft Corporation 6.10.6001.18000comdlg32.dll Yleisten valintaikkunoiden dll-tiedosto Microsoft Corporation 6.0.6001.18000ctagent.dll ctagent Creative Technology Ltd 6.0.1.1283dhcpcsvc.DLL DHCP-asiakaspalvelu Microsoft Corporation 6.0.6001.18000dhcpcsvc6.DLL DHCPv6-asiakas Microsoft Corporation 6.0.6001.18000DnsApi.dll DNS Client API DLL Microsoft Corporation 6.0.6001.18000FirewallAPI.dll Windows-palomuurin API Microsoft Corporation 6.0.6001.18000fsgkiapi.dll fsgkiapi F-Secure Corp. 7.70.14204.15921FSLSP.DLL F-Secure Protocol Scanner LSP F-Secure Corporation 2.1.610.0GDI32.dll GDI Client DLL Microsoft Corporation 6.0.6001.18159IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.0.6001.18000Iphlpapi.dll IP Helper API Microsoft Corporation 6.0.6001.18000kernel32.dll Windows NT BASE APIn asiakas-DLL Microsoft Corporation 6.0.6001.18215kernel32.dll.mui Windows NT BASE APIn asiakas-DLL Microsoft Corporation 6.0.6001.18000locale.nls locale.nls LPK.DLL Language Pack Microsoft Corporation 6.0.6001.18000MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.0.6001.18000msctf.dll.mui MSCTF Server DLL Microsoft Corporation 6.0.6000.16386msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.6001.18000mswsock.dll Microsoft Windows Sockets 2.0 -palveluntarjoaja Microsoft Corporation 6.0.6001.18000napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.0.6001.18000NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.0.6001.18000npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.0.6000.16386NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.0.6001.18000ntdll.dll NT Layer -kirjasto (DLL) Microsoft Corporation 6.0.6001.18000ntdll.dll NT Layer -kirjasto (DLL) Microsoft Corporation 6.0.6001.18000ole32.dll Microsoft OLE Windowsia varten Microsoft Corporation 6.0.6001.18000oleaut32.dll Microsoft Corporation 6.0.6001.18000pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.0.6001.18000PSAPI.DLL Process Status Helper Microsoft Corporation 6.0.6000.16386rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.0.6000.16386RPCRT4.dll Etäproseduurikutsun suoritusaika Microsoft Corporation 6.0.6001.18051rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.0.6001.18000Secur32.dll Security Support Provider Interface Microsoft Corporation 6.0.6001.18215SHELL32.dll Windows-käyttöliittymän yleinen DLL Microsoft Corporation 6.0.6001.18167shfolder.dll Shell Folder Service Microsoft Corporation 6.0.6000.16386SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.6001.18000USER32.dll Yhteiskäyttö-Windows USER API Client -DLL-kirjasto Microsoft Corporation 6.0.6001.18000USERENV.dll Userenv Microsoft Corporation 6.0.6001.18000USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000uTorrent.exe µTorrent BitTorrent, Inc. 1.8.3.15104uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.6001.18000VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.0.6001.18000WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.0.6001.18000winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.0.6000.16386WLDAP32.dll Win32 Ldap API dll Microsoft Corporation 6.0.6001.18000wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.0.6001.18000wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.0.6001.18000wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.0.6001.18000WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.0.6001.18000wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.0.6001.18000wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.0.6001.18000 Link to comment Share on other sites More sharing options...
moogly Posted April 24, 2009 Report Share Posted April 24, 2009 fsgkiapi.dll fsgkiapi F-Secure Corp. 7.70.14204.15921FSLSP.DLL F-Secure Protocol Scanner LSP F-Secure Corporation 2.1.610.0Protocol Scanner sounds like possible culprit of crashing. Did you set F-Secure to exclude ut?You can Link to comment Share on other sites More sharing options...
Zed-PM Posted April 24, 2009 Author Report Share Posted April 24, 2009 uT is allowed to connect however it wants (F-Secure Program Management in Internet Protection section). Link to comment Share on other sites More sharing options...
moogly Posted April 24, 2009 Report Share Posted April 24, 2009 Try to exclude uT from this module or remove this module temporarily to see if crashing continues. Link to comment Share on other sites More sharing options...
Zed-PM Posted April 25, 2009 Author Report Share Posted April 25, 2009 Yeah. I'm no geek, but I doubt it, because F-Secure has been running the same all the time (except if some latest patch has evoked something surprising). Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.