Jump to content

UTorrent Makes Windows Crash / Freeze


oduffy

Recommended Posts

When UTorrent is running for more than about 10 mins or so it causes my computer to crash - the screen freezes and the PC needs rebooting. Any help would be appreciated!

Hijack this -

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:18:36, on 14/05/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\VIA\RAID\vialogsv.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\PROGRA~1\AVG\AVG8\avgam.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe

O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--

End of file - 4735 bytes

Link to comment
Share on other sites

Process PID CPU Description Company Name

System Idle Process 0 82.89

Interrupts n/a 3.95 Hardware Interrupts

DPCs n/a 0.66 Deferred Procedure Calls

System 4

smss.exe 836 Windows NT Session Manager Microsoft Corporation

csrss.exe 924 Client Server Runtime Process Microsoft Corporation

winlogon.exe 956 Windows NT Logon Application Microsoft Corporation

services.exe 1000 Services and Controller app Microsoft Corporation

svchost.exe 1160 Generic Host Process for Win32 Services Microsoft Corporation

wmiprvse.exe 1368 WMI Microsoft Corporation

svchost.exe 1260 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1300 Generic Host Process for Win32 Services Microsoft Corporation

wuauclt.exe 1560 Windows Update Automatic Updates Microsoft Corporation

svchost.exe 1432 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1468 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1800 Spooler SubSystem App Microsoft Corporation

svchost.exe 1900 Generic Host Process for Win32 Services Microsoft Corporation

avgwdsvc.exe 164 AVG Watchdog Service AVG Technologies CZ, s.r.o.

avgam.exe 864 AVG Alert Manager AVG Technologies CZ, s.r.o.

avgrsx.exe 916 AVG Resident Shield Service AVG Technologies CZ, s.r.o.

avgnsx.exe 1136 AVG Network scanner Service AVG Technologies CZ, s.r.o.

jqs.exe 192 Java Quick Starter Service Sun Microsystems, Inc.

svchost.exe 340 Generic Host Process for Win32 Services Microsoft Corporation

vialogsv.exe 360

avgemc.exe 728 AVG E-Mail Scanner AVG Technologies CZ, s.r.o.

avgcsrvx.exe 1500 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.

alg.exe 372 Application Layer Gateway Service Microsoft Corporation

svchost.exe 2496 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 1012 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 976 Windows Explorer Microsoft Corporation

jusched.exe 2200 Java Platform SE binary Sun Microsystems, Inc.

avgtray.exe 2332 AVG Tray Monitor AVG Technologies CZ, s.r.o.

VTTimer.exe 2364 S3 Graphics, Inc.

VTTrayp.exe 2396 s3contrl (32-bit) S3 Graphics Co., Ltd.

cledx.exe 2756 Team H2O CLEDX Team H2O

ctfmon.exe 2764 CTF Loader Microsoft Corporation

iexplore.exe 3212 Internet Explorer Microsoft Corporation

iexplore.exe 3260 Internet Explorer Microsoft Corporation

iexplore.exe 4004 Internet Explorer Microsoft Corporation

iexplore.exe 1748 Internet Explorer Microsoft Corporation

procexp.exe 2828 1.32 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

uTorrent.exe 1296 11.18 µTorrent BitTorrent, Inc.

Process: uTorrent.exe Pid: 1296

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.1.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.1.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.3520

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.0

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.258

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.2180

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.258

credui.dll Credential Manager User Interface Microsoft Corporation 5.1.2600.2180

ctype.nls

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.1.2600.3394

GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.3466

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.1.2600.2180

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.2180

Iphlpapi.dll IP Helper API Microsoft Corporation 5.1.2600.2180

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.1.2600.3541

locale.nls

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.2180

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.3319

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.2180

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.1.2600.3394

netapi32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.3462

NETSHELL.dll Network Connections Shell Microsoft Corporation 5.1.2600.2180

ntdll.dll NT Layer DLL Microsoft Corporation 5.1.2600.3520

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.2180

oleaut32.dll Microsoft Corporation 5.1.2600.2180

R000000000007.clb

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.2180

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.2180

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.1.2600.2161

rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.3518

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.1.2600.2180

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.2900.3402

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.2180

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.3527

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.2180

USERENV.dll Userenv Microsoft Corporation 5.1.2600.2180

uTorrent.exe µTorrent BitTorrent, Inc. 1.8.2.15296

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.2180

xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.1.2600.2180

Thanks

Link to comment
Share on other sites

The chipset looks like some atheros, from the belkin -> jumpstart service ...

There are no indicators as to what it could be if your drivers for the NIC are updated to current. I'd try uninstalling unnecessary programs one at a time over time to see if the problem goes away. That is unless you want to play with http://slackware.com/torrents/ one night and take out everything in sucession. Things to start with the Uniblue registry booster, synchrosoft H2O, or even that additional VIA monitoring utility. Are you running a RAID for your drives? What about IE, is that your default browser, because 4 processes of it seems.. alot ??

Link to comment
Share on other sites

So now it crashes once a day? Or after the day delay it's crashing same as before multiple times / hour. You could always try replacing AV, as AVG sometimes causes its own problems.

Of note, sometimes things not obvious are the result of exploits/trojans, so if you haven't scanned lately... if you'd like something with great detection rates I'd recommend http://www.malwarebytes.org/mbam.php

Link to comment
Share on other sites

  • 2 weeks later...

I am fairly certain the cause is AVG. I have had issues before where uTorrent would give insufficient resource errors when a full system scan was running at the same time as a uTorrent download.

Last night my machine blue screened. Last night I was also running uTorrent and my machine did it's weekly avg scan. I analyzed the minidump file from the crash using windbg (I don't know much when doing this, but enough to get a little info out of it.) The most relevant portion? The crashing process was avgcsrvx.exe. This process is also present in oduffy's process lists.

AVG's product has been bothering me for a while. I think I'm going to remove it (make sure it gets completely removed) and try something else.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...