Jump to content

utorrent freezing my whole computer, manual restart

spotted zebra

By spotted zebra
in Troubleshooting

Recommended Posts

spotted zebra Newbie

spotted zebra

Posted
Posted

this started with the release of 1.8.3 . i would start utorrent and usually with in minutes it would freeze my computer solid and i would have to manually reboot, but sometimes it would take up to 24 hours for it to freeze. i would leave and come and realize the time was the same as when i left. i have scanned and scanned and scanned for malware and spyware but nothing comes up. i can't figure out what is going on for the life of me so here are my logs i am hoping someone can find something wrong so i can fix this and move on:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 5:26:59 PM, on 7/12/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v7.00 (7.00.6002.18005)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files (x86)\EDIMAX\Common\RaUI.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe

C:\Program Files (x86)\Folding@home\Folding@home-x86\Folding@home.exe

C:\Users\Michael\AppData\Roaming\Folding@home-x86\FahCore_a0.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (file missing)

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: PowerReg Scheduler.exe

O4 - Global Startup: Wireless Utility.lnk = C:\Program Files (x86)\EDIMAX\Common\RaUI.exe

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe

O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9858 bytes

Process PID CPU Description Company Name

System Idle Process 0 91.54

Interrupts n/a Hardware Interrupts

DPCs n/a 0.77 Deferred Procedure Calls

System 4 0.77

smss.exe 568

csrss.exe 636

wininit.exe 688

services.exe 744

svchost.exe 912

svchost.exe 1008

svchost.exe 304

Ati2evxx.exe 584

Ati2evxx.exe 1556

svchost.exe 608

audiodg.exe 1132

svchost.exe 628

svchost.exe 896

taskeng.exe 1584

taskeng.exe 2552 Task Scheduler Engine Microsoft Corporation

SLsvc.exe 1180

svchost.exe 1240

svchost.exe 1368

spoolsv.exe 1652

svchost.exe 1684

AppleMobileDeviceService.exe 1472

AdskScSrv.exe 1308

mDNSResponder.exe 2016

raysat_3dsMax2009_32server.exe 2092

NBService.exe 2132

IoctlSvc.exe 2292

PnkBstrA.exe 2304

svchost.exe 2320

svchost.exe 2344

svchost.exe 2436

SearchIndexer.exe 2468

TrustedInstaller.exe 2664

lsass.exe 756

lsm.exe 764

csrss.exe 708

winlogon.exe 944

explorer.exe 1096 Windows Explorer Microsoft Corporation

MSASCui.exe 1712 Windows Defender User Interface Microsoft Corporation

RAVCpl64.exe 1276 HD Audio Control Panel Realtek Semiconductor

sidebar.exe 2932 Windows Sidebar Microsoft Corporation

RaUI.exe 3104 Edimax Wireless Utility Edimax Technology Co., Ltd.

firefox.exe 3220 Firefox Mozilla Corporation

procexp.exe 3364 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

procexp64.exe 2872 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

MOM.exe 3240 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.

CCC.exe 3608 Catalyst Control Centre: Host application ATI Technologies Inc.

uTorrent.exe 3756 6.92 µTorrent BitTorrent, Inc.

Process: uTorrent.exe Pid: 3756

Name Description Company Name Version

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.0.6002.18005

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.0

CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6002.18005

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.6002.18005

dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.0.6002.18005

dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.0.6002.18005

DnsApi.dll DNS Client API DLL Microsoft Corporation 6.0.6002.18005

FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.0.6001.18000

GDI32.dll GDI Client DLL Microsoft Corporation 6.0.6002.18005

GPAPI.dll Group Policy Client API Microsoft Corporation 6.0.6002.18005

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 6.0.6001.18000

hnetcfg.dll.mui Home Networking Configuration Manager Microsoft Corporation 6.0.6000.16386

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.0.6002.18005

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.0.6002.18005

Iphlpapi.dll IP Helper API Microsoft Corporation 6.0.6002.18005

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.0.6002.18005

kernel32.dll.mui Windows NT BASE API Client DLL Microsoft Corporation 6.0.6001.18000

locale.nls

locale.nls

LPK.DLL Language Pack Microsoft Corporation 6.0.6002.18005

mdnsNSP.dll Bonjour Namespace Provider Apple Computer, Inc. 1.0.3.1

MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.0.6002.18005

msctf.dll.mui MSCTF Server DLL Microsoft Corporation 6.0.6000.16386

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.6002.18005

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.0.6002.18005

msxml3.dll MSXML 3.0 SP10 Microsoft Corporation 8.100.5000.0

msxml3r.dll XML Resources Microsoft Corporation 8.20.8730.1

napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.0.6001.18000

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 6.0.6002.18005

netshell.dll Network Connections Shell Microsoft Corporation 6.0.6002.18005

NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.0.6001.18000

npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.0.6000.16386

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.0.6001.18000

ntdll.dll NT Layer DLL Microsoft Corporation 6.0.6002.18005

ntdll.dll NT Layer DLL Microsoft Corporation 6.0.6002.18005

ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.0.6002.18005

oleaut32.dll Microsoft Corporation 6.0.6002.18005

pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.0.6001.18000

PSAPI.DLL Process Status Helper Microsoft Corporation 6.0.6000.16386

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.0.6000.16386

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.0.6002.18024

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.0.6002.18005

Secur32.dll Security Support Provider Interface Microsoft Corporation 6.0.6002.18005

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.6002.18005

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.6000.16386

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.6002.18005

slc.dll Software Licensing Client Dll Microsoft Corporation 6.0.6002.18005

SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.0.6000.16386

SXS.DLL Fusion 2.5 Microsoft Corporation 6.0.6001.18000

upnp.dll UPnP Control Point API Microsoft Corporation 6.0.6001.18000

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.0.6002.18024

USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.0.6002.18005

USERENV.dll Userenv Microsoft Corporation 6.0.6002.18005

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6002.18005

uTorrent.exe µTorrent BitTorrent, Inc. 1.8.3.15772

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.6001.18000

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.0.6002.18005

WINHTTP.dll Windows HTTP Services Microsoft Corporation 6.0.6002.18005

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.0.6001.18000

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.0.6002.18005

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.0.6002.18005

wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.0.6002.18005

wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.0.6002.18005

wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.0.6002.18005

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.0.6001.18000

wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.0.6001.18000

wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.0.6001.18000

Link to comment
Share on other sites
spotted zebra Newbie

spotted zebra

Posted
  • Author
Posted

i uninstalled it already. i was before i ran this scan too so i dont know why that showed up but i will double check. do you want me to re-run the scan after i make sure its uninstalled.

EDIT: i looked everywhere i could think to uninstall and delete super anit spyware but i found nothing and it's still showing up in the HijackThis log file. i can post it if you need it.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...