RuLLy Posted November 27, 2009 Report Share Posted November 27, 2009 i have a biiig problem. I'm stuck with te 1.8 version with uTorrent, cuz everytime i try to update it, i get a error: the process can't acces file, because another process is using it....or something like that... i checked out task manager and there was only one process using uTorrent ....i really want a new version, any suggestions ? Link to comment Share on other sites More sharing options...
moogly Posted November 27, 2009 Report Share Posted November 27, 2009 Post Hijackthis log please.Guide: http://forum.utorrent.com/viewtopic.php?id=29748 Link to comment Share on other sites More sharing options...
RuLLy Posted November 27, 2009 Author Report Share Posted November 27, 2009 http://datoteka.si/file/1720/hijackthis-log.html i ran it in the moment i got the error message...i wont be avalible untill tomorow.....bed time ! Link to comment Share on other sites More sharing options...
moogly Posted November 27, 2009 Report Share Posted November 27, 2009 The culprit is surely AVG, enable option "append .!ut to incomplete files" in uTorrent (General).And report here if the error is still here. Link to comment Share on other sites More sharing options...
RuLLy Posted November 28, 2009 Author Report Share Posted November 28, 2009 i still have the same problem...http://datoteka.si/file/1721/hijackthis-log.html Link to comment Share on other sites More sharing options...
moogly Posted November 28, 2009 Report Share Posted November 28, 2009 Can you paste the log in your message, easier to read. Link to comment Share on other sites More sharing options...
RuLLy Posted November 28, 2009 Author Report Share Posted November 28, 2009 Running processes:D:\WINDOWS\System32\smss.exeD:\WINDOWS\system32\winlogon.exeD:\WINDOWS\system32\services.exeD:\WINDOWS\system32\lsass.exeD:\WINDOWS\system32\Ati2evxx.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\System32\svchost.exeD:\Program Files\AVG\avgchsvx.exeD:\Program Files\AVG\avgrsx.exeD:\Program Files\AVG\avgcsrvx.exeD:\WINDOWS\system32\Ati2evxx.exeD:\WINDOWS\system32\spoolsv.exeD:\WINDOWS\Explorer.EXED:\WINDOWS\SOUNDMAN.EXED:\WINDOWS\VM_STI.EXED:\Program Files\HP\HP Software Update\HPWuSchd2.exeD:\Program Files\Java\jre6\bin\jusched.exeD:\PROGRA~1\AVG\avgtray.exeD:\Program Files\Windows Live\Messenger\MsnMsgr.ExeD:\WINDOWS\system32\ctfmon.exeD:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeD:\Program Files\AVG\avgwdsvc.exeD:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exeD:\Program Files\Java\jre6\bin\jqs.exeD:\Program Files\AVG\avgnsx.exeD:\Program Files\HP\Digital Imaging\bin\hpqimzone.exeD:\WINDOWS\system32\svchost.exeD:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeD:\WINDOWS\system32\HPZipm12.exeD:\Program Files\Mozilla Firefox\firefox.exeD:\WINDOWS\system32\msiexec.exeD:\WINDOWS\system32\wuauclt.exeD:\DOCUME~1\UPORAB~1\LOCALS~1\Temp\utt100.tmp.exeD:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1060O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\avgssie.dllO2 - BHO: Windows Live - Pomoc pri vpisu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [bigDogPath] D:\WINDOWS\VM_STI.EXE Philips SPC315NC WebcamO4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [AVG9_TRAY] D:\PROGRA~1\AVG\avgtray.exeO4 - HKLM\..\RunOnce: [CleanSetup] cmd /C rmdir /S /Q "D:\Documents and Settings\Uporabnik\Local Settings\Temp\nro.tmp\"O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [LightScribe Control Panel] D:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: Connection through NVIDIA nForce Networking Controller.lnk = ?O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: HP Photosmart Premier Fast Start.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exeO8 - Extra context menu item: I&zvoz v Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Raziskovanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exeO16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabO16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{8DE79B1D-B3E1-4771-981E-E8EDCD40D974}: NameServer = 212.18.32.10 212.18.32.12O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\avgpp.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dllO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exeO23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\avgwdsvc.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe--End of file - 6625 bytes Link to comment Share on other sites More sharing options...
moogly Posted November 28, 2009 Report Share Posted November 28, 2009 Can you add Process Explorer log please.Select utorrent.exe and enable DLL mode (ctrl+d).Guide: http://forum.utorrent.com/viewtopic.php?id=29748Sounds like something is injected into uT. Link to comment Share on other sites More sharing options...
RuLLy Posted November 28, 2009 Author Report Share Posted November 28, 2009 is this the right stuff ? ctfmon.exe 1128 CTF Loader Microsoft Corporation hpqtra08.exe 1280 HP Digital Imaging Monitor Hewlett-Packard Development Company, L.P. hpqste08.exe 3164 HP CUE Status Hewlett-Packard Development Company, L.P. uTorrent.exe 2420 44.62 µTorrent BitTorrent, Inc.hpqimzone.exe 560 HP Photosmart Premier Hewlett-Packard Development Company, L.P.firefox.exe 980 1.54 Firefox Mozilla Corporation AcroRd32.exe 3272 Adobe Reader 8.1 Adobe Systems Incorporatedprocexp.exe 1256 3.08 Sysinternals Process Explorer Sysinternals - www.sysinternals.comProcess: uTorrent.exe Pid: 2420Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.1.2600.5512adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.1.2600.5512adsldpc.dll.mui ADs LDAP ponudnik C DLL Microsoft Corporation 5.1.2600.0ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.5755ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.2CLBCATQ.DLL Microsoft Corporation 2001.12.4414.700COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.5512comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.2900.5512COMRes.dll Microsoft Corporation 2001.12.4414.700credui.dll Credential Manager User Interface Microsoft Corporation 5.1.2600.5512CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.5512ctype.nls DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.1.2600.5625dot3api.dll 802.3 Autoconfiguration API Microsoft Corporation 5.1.2600.5512dot3dlg.dll 802.3 UI Helper Microsoft Corporation 5.1.2600.5512eappcfg.dll Eap Peer Config Microsoft Corporation 5.1.2600.5512eappprxy.dll Microsoft EAPHost Peer Client DLL Microsoft Corporation 5.1.2600.5512GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.5698hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.1.2600.5512IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.5512Iphlpapi.dll IP Helper API Microsoft Corporation 5.1.2600.5512iphlpapi.dll.mui API pomočnika za IP-je Microsoft Corporation 5.1.2600.2kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.1.2600.5781kernel32.dll.mui DLL za Windows NT BASE API odjemalec Microsoft Corporation 5.1.2600.0locale.nls MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.1.2600.5512MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.5875MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.5512msctf.dll.mui DLL MSCTF strežnika Microsoft Corporation 5.1.2600.0msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.5768MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.2.3104.0msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.5512mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.1.2600.5625NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.5694NETSHELL.dll Network Connections Shell Microsoft Corporation 5.1.2600.5512ntdll.dll NT Layer DLL Microsoft Corporation 5.1.2600.5755ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.5512oleaut32.dll Microsoft Corporation 5.1.2600.5512OneX.DLL IEEE 802.1X supplicant library Microsoft Corporation 5.1.2600.5512rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.1.2600.5512RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.5795rtutils.dll Routing Utilities Microsoft Corporation 5.1.2600.5512SAMLIB.dll SAM Library DLL Microsoft Corporation 5.1.2600.5512Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.5834SETUPAPI.dll Windows Setup API Microsoft Corporation 5.1.2600.5512setupapi.dll.mui Namestitveni API za Windows Microsoft Corporation 5.1.2600.0SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.2900.5622shfolder.dll Shell Folder Service Microsoft Corporation 6.0.2900.5512SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.5512sortkey.nls sorttbls.nls unicode.nls USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.5512uTorrent.exe µTorrent BitTorrent, Inc. 1.8.0.11813uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.5512VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.5512WINSTA.dll Winstation Library Microsoft Corporation 5.1.2600.5512WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.5512WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.5512WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.5512wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.1.2600.5512WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.1.2600.5512xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.1.2600.5512xpsp2res.dll Sporočila servisnega paketa SP 2 Microsoft Corporation 5.1.2600.5512 Link to comment Share on other sites More sharing options...
moogly Posted November 28, 2009 Report Share Posted November 28, 2009 Yes, it's that.Anyway it's weird, I see no strange process injected into uT.You have 2 solutions:1/ Using freeware Unlocker (http://ccollomb.free.fr/unlocker/) to see which program is using utorrent.exe and try to stop that. Then applying the uT update.2/ Updating manually uT. Download uT1.8.5 (http://www.utorrent.com/downloads) and replace the old utorrent.exe by the new one in Program Files\uTorrent. Link to comment Share on other sites More sharing options...
RuLLy Posted November 28, 2009 Author Report Share Posted November 28, 2009 if i update manually, will it keep all my download progress ? Link to comment Share on other sites More sharing options...
moogly Posted November 28, 2009 Report Share Posted November 28, 2009 Of course. You will see the installer (don't forget to uncheck all the 3 boxes about Ask toolbar if you don't need it) and uT will start with your previous history and settings. Don't forget to renew the rules in your firewall if necessary. Link to comment Share on other sites More sharing options...
RuLLy Posted November 28, 2009 Author Report Share Posted November 28, 2009 tnx, ill do this ..... ur gr8 ! Link to comment Share on other sites More sharing options...
moogly Posted November 28, 2009 Report Share Posted November 28, 2009 Anyway surely one of your security module is the culprit, you should verify you have excluded utorrent.exe from scanning (Unlocker can help you to identify the program). Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.