Crash when opening a .torrent

[achovd]

Hijack log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:00:48, on 20.7.2009 г.

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Multimedia Keyboard Driver\M-KbdDrv.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [MutlimediaKbdDriver] C:\Program Files\Multimedia Keyboard Driver\M-KbdDrv.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')

O4 - HKUS\S-1-5-21-2000478354-1993962763-725345543-500\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" (User '?')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O4 - Global Startup: SkypeLauncher.exe.lnk = ?

O4 - Global Startup: Vidaoptics.lnk = ?

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present

O13 - DefaultPrefix:

O13 - WWW Prefix:

O13 - Home Prefix:

O13 - Mosaic Prefix:

O13 - FTP Prefix:

O13 - Gopher Prefix:

O17 - HKLM\System\CCS\Services\Tcpip\..\{4543114F-C2F3-493B-B8AA-AEA303FE8F28}: NameServer = 89.106.106.2 89.106.106.8

O17 - HKLM\System\CS1\Services\Tcpip\..\{4543114F-C2F3-493B-B8AA-AEA303FE8F28}: NameServer = 89.106.106.2 89.106.106.8

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Eset Nod32 Boot (NOD32FiXTemDono) - Unknown owner - C:\WINDOWS\system32\regedt32.exe (file missing)

--

End of file - 4034 bytes

Process Exp log

Process PID CPU Description Company Name

System Idle Process 0 68.18

Interrupts n/a 1.52 Hardware Interrupts

DPCs n/a 4.55 Deferred Procedure Calls

System 4 3.03

smss.exe 308 Windows NT Session Manager Microsoft Corporation

csrss.exe 364 Client Server Runtime Process Microsoft Corporation

winlogon.exe 392 Windows NT Logon Application Microsoft Corporation

services.exe 436 Services and Controller app Microsoft Corporation

ati2evxx.exe 572 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 612 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 668 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 708 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 780 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 856 Generic Host Process for Win32 Services Microsoft Corporation

ekrn.exe 1332 1.52 Eset Service ESET

lsass.exe 448 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 736 ATI External Event Utility EXE Module ATI Technologies Inc.

explorer.exe 972 1.52 Windows Explorer Microsoft Corporation

RTHDCPL.exe 1112 Realtek HD Audio Control Panel Realtek Semiconductor Corp.

egui.exe 1136 Eset GUI ESET

jusched.exe 1144 Java Platform SE binary Sun Microsystems, Inc.

M-KbdDrv.exe 1152 KbdDrv MFC Application

daemon.exe 1172 DAEMON Tools Lite DT Soft Ltd

firefox.exe 1612 3.03 Firefox Mozilla Corporation

opera.exe 764 Opera Internet Browser Opera Software

procexp.exe 956 6.06 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Skype.exe 1320 10.61 Skype Skype Technologies S.A.

Skype.exe 1836 Skype Skype Technologies S.A.

uTorrent.exe 940 µTorrent BitTorrent, Inc.

Unfortunately,i've done this logs a few time after the crashes.it was reproducible,but now it is not.I don't see any Crashdump.I hope I helped.

P.S. Utorrent was not crashing,it just stoped to respond and I had to close it with task manager.

[GTHK]

Missing the DLL portion of the PE log.