Jump to content

Utorrent 1.8.3 build 15562 crashing (logs created)


Bill

Recommended Posts

Posted

Paste into your thread the logs, it's easy to read. ;)

Process Explorer log is NOT complete when uT is running. You have to select utorrent.exe and enable DLL mode (ctrl+d).

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 7:14:04 PM, on 6/1/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18226)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Pidgin\pidgin.exe

C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\System32\notepad.exe

C:\Windows\Explorer.exe

C:\Users\PRIVATE\Desktop\HiJackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F3 - REG:win.ini: load=

F3 - REG:win.ini: run=

O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')

O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe

O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe

O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\USERS\CHANGED FOR PRICVACY REASONS\DESKTOP\A2USB\a2service.exe (file missing)

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 4810 bytes

Process PID CPU Description Company Name

System Idle Process 0 100.00

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 404 Windows Session Manager Microsoft Corporation

csrss.exe 480 Client Server Runtime Process Microsoft Corporation

wininit.exe 540 Windows Start-Up Application Microsoft Corporation

services.exe 588 Services and Controller app Microsoft Corporation

svchost.exe 804 Host Process for Windows Services Microsoft Corporation

mobsync.exe 3396 Microsoft Sync Center Microsoft Corporation

unsecapp.exe 2660 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation

WmiPrvSE.exe 2520 WMI Provider Host Microsoft Corporation

nvvsvc.exe 852 NVIDIA Driver Helper Service, Version 180.84 NVIDIA Corporation

rundll32.exe 1388 Windows host process (Rundll32) Microsoft Corporation

svchost.exe 884 Host Process for Windows Services Microsoft Corporation

svchost.exe 916 Host Process for Windows Services Microsoft Corporation

svchost.exe 1000 Host Process for Windows Services Microsoft Corporation

audiodg.exe 1172 Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1076 Host Process for Windows Services Microsoft Corporation

WUDFHost.exe 2352 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation

dwm.exe 2792 Desktop Window Manager Microsoft Corporation

svchost.exe 1088 Host Process for Windows Services Microsoft Corporation

taskeng.exe 468 Task Scheduler Engine Microsoft Corporation

taskeng.exe 3304 Task Scheduler Engine Microsoft Corporation

svchost.exe 1200 Host Process for Windows Services Microsoft Corporation

SLsvc.exe 1224 Microsoft Software Licensing Service Microsoft Corporation

svchost.exe 1276 Host Process for Windows Services Microsoft Corporation

svchost.exe 1452 Host Process for Windows Services Microsoft Corporation

spoolsv.exe 1640 Spooler SubSystem App Microsoft Corporation

svchost.exe 1664 Host Process for Windows Services Microsoft Corporation

a2service.exe 1920 a-squared Service Emsi Software GmbH

avgwdsvc.exe 1944 AVG Watchdog Service AVG Technologies CZ, s.r.o.

avgrsx.exe 772 AVG Resident Shield Service AVG Technologies CZ, s.r.o.

Crypserv.exe 1972 CrypKey License Service CrypKey (Canada) Ltd.

NMSAccessU.exe 2032

svchost.exe 376 Host Process for Windows Services Microsoft Corporation

svchost.exe 396 Host Process for Windows Services Microsoft Corporation

TomTomHOMEService.exe 1160 Windows Service for TomTom HOME TomTom

svchost.exe 1468 Host Process for Windows Services Microsoft Corporation

SearchIndexer.exe 1772 Microsoft Windows Search Indexer Microsoft Corporation

avgemc.exe 1940 AVG E-Mail Scanner AVG Technologies CZ, s.r.o.

avgcsrvx.exe 2444 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.

SDWinSec.exe 2136 Spybot-S&D Security Center integration Safer Networking Ltd.

wmpnetwk.exe 3736 Windows Media Player Network Sharing Service Microsoft Corporation

lsass.exe 620 Local Security Authority Process Microsoft Corporation

lsm.exe 628 Local Session Manager Service Microsoft Corporation

csrss.exe 548 Client Server Runtime Process Microsoft Corporation

winlogon.exe 636 Windows Logon Application Microsoft Corporation

explorer.exe 2820 Windows Explorer Microsoft Corporation

avgtray.exe 2980 AVG Tray Monitor AVG Technologies CZ, s.r.o.

sidebar.exe 3012 Windows Sidebar Microsoft Corporation

pidgin.exe 3032 Pidgin The Pidgin developer community

FirefoxPreloader.exe 3052 Loads some parts of Firefox into memory before it is used to improve startup speed. 6XGate Incorporated

firefox.exe 3612 Firefox Mozilla Corporation

wmpnscfg.exe 3668 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

notepad.exe 3144 Notepad Microsoft Corporation

explorer.exe 1256 Windows Explorer Microsoft Corporation

procexp.exe 2968 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Posted

Ok, I think this is what you are after.

Process PID CPU Description Company Name

System Idle Process 0 73.85

Interrupts n/a Hardware Interrupts

DPCs n/a 1.54 Deferred Procedure Calls

System 4 4.62

smss.exe 404 Windows Session Manager Microsoft Corporation

csrss.exe 480 Client Server Runtime Process Microsoft Corporation

wininit.exe 540 Windows Start-Up Application Microsoft Corporation

services.exe 588 Services and Controller app Microsoft Corporation

svchost.exe 804 Host Process for Windows Services Microsoft Corporation

mobsync.exe 3396 Microsoft Sync Center Microsoft Corporation

unsecapp.exe 2660 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation

WmiPrvSE.exe 2520 WMI Provider Host Microsoft Corporation

nvvsvc.exe 852 NVIDIA Driver Helper Service, Version 180.84 NVIDIA Corporation

rundll32.exe 1388 Windows host process (Rundll32) Microsoft Corporation

svchost.exe 884 Host Process for Windows Services Microsoft Corporation

svchost.exe 916 Host Process for Windows Services Microsoft Corporation

svchost.exe 1000 Host Process for Windows Services Microsoft Corporation

audiodg.exe 1172 Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1076 Host Process for Windows Services Microsoft Corporation

WUDFHost.exe 2352 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation

dwm.exe 2792 6.15 Desktop Window Manager Microsoft Corporation

svchost.exe 1088 Host Process for Windows Services Microsoft Corporation

taskeng.exe 468 Task Scheduler Engine Microsoft Corporation

taskeng.exe 3304 Task Scheduler Engine Microsoft Corporation

svchost.exe 1200 Host Process for Windows Services Microsoft Corporation

SLsvc.exe 1224 Microsoft Software Licensing Service Microsoft Corporation

svchost.exe 1276 Host Process for Windows Services Microsoft Corporation

svchost.exe 1452 Host Process for Windows Services Microsoft Corporation

spoolsv.exe 1640 Spooler SubSystem App Microsoft Corporation

svchost.exe 1664 Host Process for Windows Services Microsoft Corporation

a2service.exe 1920 a-squared Service Emsi Software GmbH

avgwdsvc.exe 1944 AVG Watchdog Service AVG Technologies CZ, s.r.o.

avgrsx.exe 772 AVG Resident Shield Service AVG Technologies CZ, s.r.o.

Crypserv.exe 1972 CrypKey License Service CrypKey (Canada) Ltd.

NMSAccessU.exe 2032

svchost.exe 376 Host Process for Windows Services Microsoft Corporation

svchost.exe 396 Host Process for Windows Services Microsoft Corporation

TomTomHOMEService.exe 1160 Windows Service for TomTom HOME TomTom

svchost.exe 1468 Host Process for Windows Services Microsoft Corporation

SearchIndexer.exe 1772 Microsoft Windows Search Indexer Microsoft Corporation

avgemc.exe 1940 AVG E-Mail Scanner AVG Technologies CZ, s.r.o.

avgcsrvx.exe 2444 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.

SDWinSec.exe 2136 Spybot-S&D Security Center integration Safer Networking Ltd.

wmpnetwk.exe 3736 Windows Media Player Network Sharing Service Microsoft Corporation

lsass.exe 620 Local Security Authority Process Microsoft Corporation

lsm.exe 628 Local Session Manager Service Microsoft Corporation

csrss.exe 548 Client Server Runtime Process Microsoft Corporation

winlogon.exe 636 Windows Logon Application Microsoft Corporation

explorer.exe 2820 Windows Explorer Microsoft Corporation

avgtray.exe 2980 AVG Tray Monitor AVG Technologies CZ, s.r.o.

sidebar.exe 3012 Windows Sidebar Microsoft Corporation

pidgin.exe 3032 Pidgin The Pidgin developer community

wmpnscfg.exe 3668 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

uTorrent.exe 736 9.23 µTorrent BitTorrent, Inc.

firefox.exe 2340 Firefox Mozilla Corporation

explorer.exe 3448 Windows Explorer Microsoft Corporation

procexp.exe 2548 4.62 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: uTorrent.exe Pid: 736

Name Description Company Name Version

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.0.6001.18000

CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.6001.18000

dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.0.6001.18000

dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.0.6001.18000

DnsApi.dll DNS Client API DLL Microsoft Corporation 6.0.6001.18000

FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.0.6001.18000

GDI32.dll GDI Client DLL Microsoft Corporation 6.0.6001.18159

ICMP.DLL ICMP DLL Microsoft Corporation 6.0.6000.16386

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.0.6001.18000

Iphlpapi.dll IP Helper API Microsoft Corporation 6.0.6001.18000

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.0.6001.18215

locale.nls

locale.nls

LPK.DLL Language Pack Microsoft Corporation 6.0.6001.18000

MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.0.6001.18000

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.6001.18000

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.0.6001.18000

napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.0.6001.18000

NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.0.6001.18000

npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.0.6000.16386

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.0.6001.18000

ntdll.dll NT Layer DLL Microsoft Corporation 6.0.6001.18000

ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.0.6001.18000

oleaut32.dll Microsoft Corporation 6.0.6001.18000

pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.0.6001.18000

PSAPI.DLL Process Status Helper Microsoft Corporation 6.0.6000.16386

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.0.6000.16386

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.0.6001.18051

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.0.6001.18000

Secur32.dll Security Support Provider Interface Microsoft Corporation 6.0.6001.18215

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.6001.18167

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.6000.16386

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.6001.18000

USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.0.6001.18000

USERENV.dll Userenv Microsoft Corporation 6.0.6001.18000

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000

uTorrent.exe µTorrent BitTorrent, Inc. 1.8.3.15562

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.6001.18000

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.0.6001.18000

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.0.6001.18000

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.0.6000.16386

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.0.6001.18000

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.0.6001.18000

wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.0.6001.18000

wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.0.6001.18000

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...