awowogei Posted August 27, 2009 Report Posted August 27, 2009 utorrent has been crashing quite a lot in the last few days, first time it happen. Could someone help please?Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:43:23, on 27/08/2009Platform: Windows 2003 SP2 (WinNT 5.02.3790)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exeC:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exeC:\WINDOWS\syswow64\RunDll32.exeC:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exeC:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\BandwidthMonitor\BWMonitor.exeC:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exeC:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exeC:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exeC:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exeC:\Program Files (x86)\Xfire\Xfire.exeC:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exeC:\Program Files\Logitech\SetPoint\x86\SetPoint32.exeE:\recov 2\ETAdminMod Control Center\ETAdminModCC.exeC:\Program Files (x86)\uTorrent\uTorrent.exeC:\Program Files (x86)\IObit\IObit Security 360\is360.exeC:\WINDOWS\SysWOW64\PnkBstrA.exeC:\WINDOWS\SysWOW64\PnkBstrB.exeC:\Program Files (x86)\Pidgin\pidgin.exeC:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exeC:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = F2 - REG:system.ini: UserInit=userinitO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME (x86)\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /sO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [iObit Security 360] C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exeO4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exeO4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exeO4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exeO4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [bandwidthMonitor] C:\Program Files (x86)\BandwidthMonitor\BWMonitor.exeO4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe" /startupO4 - HKCU\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe"O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [iE8.1st_UserStart] rundll32.exe advpack.dll,LaunchINFSection 5erIE8.inf,1st_UserStart (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXEO4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exeO4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exeO4 - Global Startup: Logitech SetPoint.lnk = ?O4 - Global Startup: UltraMon.lnk = ?O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dllO15 - ESC Trusted Zone: http://runonce.msn.comO23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exeO23 - Service: BullGuard LiveUpdate (BgLiveSvc) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exeO23 - Service: BGRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\support\bgrasvc.exeO23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)O23 - Service: IS360service - IObit - C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files (x86)\Java\jre6\bin\jqs.exeO23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exeO23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exeO23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exeO23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - (no file)O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exeO23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exeO23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)--End of file - 9756 bytes_______________________________________________________________________________________________Process PID CPU Description Company NameSystem Idle Process 0 96.92 Interrupts n/a Hardware Interrupts DPCs n/a 0.38 Deferred Procedure Calls System 4 smss.exe 548 Windows NT Session Manager Microsoft Corporation csrss.exe 688 Client Server Runtime Process Microsoft Corporation winlogon.exe 712 Windows NT Logon Application Microsoft Corporation services.exe 768 0.38 Services and Controller app Microsoft Corporation svchost.exe 960 Generic Host Process for Win32 Services Microsoft Corporation wmiprvse.exe 3456 WMI Microsoft Corporation RTSHookInterop.exe 3340 RTSHookInterop Realtime Soft Ltd svchost.exe 1012 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1092 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1148 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1284 Spooler SubSystem App Microsoft Corporation schedul2.exe 1420 Acronis Scheduler 2 Acronis BullGuardUpdate.exe 1504 BullGuard LiveUpdate Service BullGuard Ltd. svchost.exe 1640 Generic Host Process for Win32 Services Microsoft Corporation is360srv.exe 1692 IObit is360.exe 3468 IObit Security 360 IObit svchost.exe 1988 Generic Host Process for Win32 Services Microsoft Corporation nvsvc64.exe 2036 NVIDIA Driver Helper Service, Version 182.50 NVIDIA Corporation svchost.exe 348 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 400 Generic Host Process for Win32 Services Microsoft Corporation TeamViewer_Service.exe 532 TeamViewer Service TeamViewer GmbH TeamViewer.exe 4196 TeamViewer Remote Control Application TeamViewer GmbH svchost.exe 896 Generic Host Process for Win32 Services Microsoft Corporation PnkBstrA.exe 3612 PnkBstrB.exe 5116 lsass.exe 780 LSA Shell Microsoft Corporationexplorer.exe 1608 Windows Explorer Microsoft Corporation rundll32.exe 2140 Run a DLL as an App Microsoft Corporation rundll32.exe 2348 Run a DLL as an App Microsoft Corporation schedhlp.exe 2388 Acronis Scheduler Helper Acronis WeatherEye.exe 2440 MétéoÉclair/WeatherEye MétéoMédia/The Weather Network GoogleUpdate.exe 2480 Google Installer Google Inc. GoogleCrashHandler.exe 2752 Google Installer Google Inc. BWMonitor.exe 2488 Bandwidth Monitor BWMONITOR.COM AWC.exe 2552 Advanced SystemCare 3 IObit BullGuard.exe 2560 BullGuard BullGuard Ltd. SetPoint.exe 2636 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. SetPoint32.exe 1580 KHALMNPR.exe 2508 Logitech KHAL Main Process Logitech, Inc. Xfire.exe 2784 Xfire Xfire Inc. xfire64.exe 1524 ETAdminModCC.exe 2748 [PND]Tintifax_x uTorrent.exe 2780 µTorrent BitTorrent, Inc. UltraMon.exe 4168 UltraMon Realtime Soft Ltd UltraMonTaskbar.exe 4124 UltraMon Taskbar Realtime Soft Ltd chrome.exe 1068 Google Chrome Google Inc. chrome.exe 4564 Google Chrome Google Inc. chrome.exe 4368 Google Chrome Google Inc. chrome.exe 3844 0.38 Google Chrome Google Inc. chrome.exe 2112 Google Chrome Google Inc. chrome.exe 4092 Google Chrome Google Inc. chrome.exe 5012 Google Chrome Google Inc.VCDDaemon.exe 2680 Virtual CloneDrive Daemon Elaborate Bytes AGis360tray.exe 2808 IObitTrueImageMonitor.exe 2816 Acronis True Image Monitor AcronisTimounterMonitor.exe 2876 Monitor for Acronis True Image Backup Archive Explorer Acronisjavaw.exe 2928 1.54 Java Platform SE binary Sun Microsystems, Inc.pidgin.exe 3256 Pidgin The Pidgin developer communityHijackThis.exe 4372 HijackThis Trend Micro Inc. notepad.exe 1828 Notepad Microsoft Corporationprocexp.exe 2168 Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 3808 0.38 Sysinternals Process Explorer Sysinternals - www.sysinternals.comAnd the utorrent dump file--> http://www.zshare.net/download/647305661a7b6324/Thanks
moogly Posted August 27, 2009 Report Posted August 27, 2009 Can you edit Process Explorer log: select utorrent.exe and enable DLL mode.Maybe BullGuard dll.
Jonick Posted August 27, 2009 Report Posted August 27, 2009 awowogei, how long ago did you install Logitech SetPoint? Is it switched on in StartUp?
awowogei Posted August 27, 2009 Author Report Posted August 27, 2009 I've always had logitech setpoint on my computer
Ultima Posted August 29, 2009 Report Posted August 29, 2009 To expand on moogly's point... Has that BullGuard thing always been around?
Recommended Posts
Archived
This topic is now archived and is closed to further replies.