2 questions, banned email address, Utorrent crash with hijackthis

[g0tgot]

old email address from a long time ago has been banned for uknown reasons: jrogangel@hotmail.com

HIJACKTHIS: cheers

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 7:49:00 PM, on 3/31/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe

C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe

C:\Windows\DAODx.exe

C:\Users\ADMIN\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

C:\Program Files (x86)\MagicDisc\MagicDisc.exe

F:\Program Files (x86)\Xfire\Xfire.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\ADMIN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXGDNNZQ\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thepiratebay.org/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b

O4 - HKLM\..\Run: [six Engine] "C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b

O4 - HKLM\..\Run: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAC0AQQBUAEEARwBLAC0ARQBKAFIAMgAzAC0AMwBGAFAAMABBAC0AWQBZAEYAUQBXAC0ATgBCAEQAOABXAA\"&\"inst=NwA2AC0AOQA3ADMANwA4ADEAOQA2ADUALQBEAEQAVAArADAALQBOADEARAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkALQBGAFUASQArADIA\"&\"prod=92\"&\"ver=9.0.914

O4 - HKCU\..\Run: [uTorrent] "F:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\ADMIN\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [MusicManager] "C:\Users\ADMIN\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-2606381519-1741650068-1213751248-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2606381519-1741650068-1213751248-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe

O4 - Startup: Xfire.lnk = F:\Program Files (x86)\Xfire\Xfire.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab

O16 - DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} (LSICapture Control) - http://www.link-systems.com/sdkhtml/SDK/paste/lsiw9x.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11503 bytes

[g0tgot]

I read this, I do not think it applies.... please let me know if I am wrong....

We've examined the crash dump files for the latest version and noticed that the vast majority are caused by malware. Get an antivirus application (such as AVG free) and clean your system! You will most likely need to use LSPFix to repair your network connection after removing the malware. laf#.dll, t#.dll, ftp#.dll (# being an actual number, commonly 34), and gopher.dll are the most common ones.

The next leading cause is the NVIDIA Firewall. This is a bug with the NVIDIA firewall on multi-core systems. To fix it, either uninstall the firewall (Forceware Network Manager in Add/Remove programs), or set µTorrent's affinity to a single core. If you don't know how, open the task manager, go to the processes list, right click the process, hit set affinity and make sure only one is checked. Doesn't matter which one you choose.

Following that is the System Mechanic Professional 7 Firewall. Again, this is a bug with their firewall. The only solution is to uninstall it. I suggest using Outpost as your firewall.

Some versions of the Fritz! Firewall also have crash problems. All you can do is try the latest version and hope for the best. Failing that, again, all you can do is switch to another firewall.

NOD32's IMON has a similar issue. To work around it, you can add µTorrent to its exception list.

Norman Virus Control also has this issue (niphk.dll is the Norman component that causes it). If you wish to continue using Norman, you must disable the Internet Protection module:

Right click the N-icon in the system tray > Configuration Editor > Norman Virus Control > Components. There you can open the tab 'Start', and disable the Internet Protecion module.

Thanks SadBunny for these instructions

None of these are µTorrent bugs (trust me, we've looked into it quite thoroughly), and we can't really hack around it either. If you like the firewall software you are using, complain as much as possible to the developer of it so they can fix their software.

[DreadWingKnight]

Hotmail is banned because they fail at accepting the registration e-mails.

Crash report needs more info, such as the faulting module.

[g0tgot]

hope this helps

Faulting application name: uTorrent.exe, version: 3.2.0.26986, time stamp: 0x4f75f8e8

Faulting module name: uTorrent.exe, version: 3.2.0.26986, time stamp: 0x4f75f8e8

Exception code: 0xc0000005

Fault offset: 0x000f419b

Faulting process id: 0x1054

Faulting application start time: 0x01cd0fb13792a571

Faulting application path: F:\Program Files (x86)\uTorrent\uTorrent.exe

Faulting module path: F:\Program Files (x86)\uTorrent\uTorrent.exe

Report Id: 754b1732-7ba4-11e1-9ceb-bcaec51a1c81

[DreadWingKnight]

I'm honestly leaning towards avast or peerblock as the cause of the crash.

What are you doing when it crashes?

[g0tgot]

it opens upon system startup, recently I attempted to relocate to SSD in C: it worked, and then it did the same thing, therefore I left it on the other harddrive.. reloaded, it started , worked for a few days...

after I close utorrent (right click bottom right task bar) it will not reopen and I get the "utorrent has stopped working, windows can check online for a solution" error with :

roblem signature:

Problem Event Name: APPCRASH

Application Name: uTorrent.exe

Application Version: 3.2.0.26986

Application Timestamp: 4f75f8e8

Fault Module Name: uTorrent.exe

Fault Module Version: 3.2.0.26986

Fault Module Timestamp: 4f75f8e8

Exception Code: c0000005

Exception Offset: 000f419b

OS Version: 6.1.7601.2.1.0.256.1

Locale ID: 1033

Additional Information 1: 0a9e

Additional Information 2: 0a9e372d3b4ad19135b953a78882e789

Additional Information 3: 0a9e

Additional Information 4: 0a9e372d3b4ad19135b953a78882e789

Read our privacy statement online:

http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:

C:\Windows\system32\en-US\erofflps.txt

[DreadWingKnight]

You tried 3.1.3 stable instead of the 3.2 beta?

[g0tgot]

will try that now... was it me or did the forums go offline for a minute?>

[g0tgot]

^^ solved.

thanks for your help i appreciate it. I will stick with the stable. Maybe something with X64 platform?

[g0tgot]

BTW i tried with avast and peerblock disabled, still same crash... but i thought the same thing, however It was working with it since day 1 of the computer build. I know it may be an update with conflict of some sort... most recent update was windows defender KB915597 (definitions 1.121.1660.0/1.123.212.0/1.123.449.0/1.123.738.0 starting with oldest to most recent. 3/19/2021 - 3/30/2012)

[DreadWingKnight]

Maybe something with X64 platform?

Our x64 version is currently discontinued.