g0tgot Posted April 1, 2012 Report Share Posted April 1, 2012 old email address from a long time ago has been banned for uknown reasons: jrogangel@hotmail.comHIJACKTHIS: cheersLogfile of Trend Micro HijackThis v2.0.4Scan saved at 7:49:00 PM, on 3/31/2012Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v9.00 (9.00.8112.16421)Boot mode: NormalRunning processes:C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exeC:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exeC:\Windows\DAODx.exeC:\Users\ADMIN\AppData\Local\Programs\Google\MusicManager\MusicManager.exeC:\Program Files (x86)\MagicDisc\MagicDisc.exeF:\Program Files (x86)\Xfire\Xfire.exeC:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exeC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\Program Files\Alwil Software\Avast5\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\ADMIN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXGDNNZQ\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thepiratebay.org/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dllR3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllO2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllO4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -bO4 - HKLM\..\Run: [six Engine] "C:\Program Files (x86)\ASUS\EPU\EPU.exe" -bO4 - HKLM\..\Run: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exeO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesO4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /noguiO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exeO4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAC0AQQBUAEEARwBLAC0ARQBKAFIAMgAzAC0AMwBGAFAAMABBAC0AWQBZAEYAUQBXAC0ATgBCAEQAOABXAA\"&\"inst=NwA2AC0AOQA3ADMANwA4ADEAOQA2ADUALQBEAEQAVAArADAALQBOADEARAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkALQBGAFUASQArADIA\"&\"prod=92\"&\"ver=9.0.914O4 - HKCU\..\Run: [uTorrent] "F:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZEDO4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exeO4 - HKCU\..\Run: [Google Update] "C:\Users\ADMIN\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [MusicManager] "C:\Users\ADMIN\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-21-2606381519-1741650068-1213751248-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')O4 - HKUS\S-1-5-21-2606381519-1741650068-1213751248-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exeO4 - Startup: Xfire.lnk = F:\Program Files (x86)\Xfire\Xfire.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cabO16 - DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} (LSICapture Control) - http://www.link-systems.com/sdkhtml/SDK/paste/lsiw9x.cabO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exeO23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 11503 bytes Link to comment Share on other sites More sharing options...
g0tgot Posted April 1, 2012 Author Report Share Posted April 1, 2012 I read this, I do not think it applies.... please let me know if I am wrong....We've examined the crash dump files for the latest version and noticed that the vast majority are caused by malware. Get an antivirus application (such as AVG free) and clean your system! You will most likely need to use LSPFix to repair your network connection after removing the malware. laf#.dll, t#.dll, ftp#.dll (# being an actual number, commonly 34), and gopher.dll are the most common ones. The next leading cause is the NVIDIA Firewall. This is a bug with the NVIDIA firewall on multi-core systems. To fix it, either uninstall the firewall (Forceware Network Manager in Add/Remove programs), or set µTorrent's affinity to a single core. If you don't know how, open the task manager, go to the processes list, right click the process, hit set affinity and make sure only one is checked. Doesn't matter which one you choose.Following that is the System Mechanic Professional 7 Firewall. Again, this is a bug with their firewall. The only solution is to uninstall it. I suggest using Outpost as your firewall.Some versions of the Fritz! Firewall also have crash problems. All you can do is try the latest version and hope for the best. Failing that, again, all you can do is switch to another firewall.NOD32's IMON has a similar issue. To work around it, you can add µTorrent to its exception list.Norman Virus Control also has this issue (niphk.dll is the Norman component that causes it). If you wish to continue using Norman, you must disable the Internet Protection module:Right click the N-icon in the system tray > Configuration Editor > Norman Virus Control > Components. There you can open the tab 'Start', and disable the Internet Protecion module.Thanks SadBunny for these instructionsNone of these are µTorrent bugs (trust me, we've looked into it quite thoroughly), and we can't really hack around it either. If you like the firewall software you are using, complain as much as possible to the developer of it so they can fix their software. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted April 1, 2012 Report Share Posted April 1, 2012 Hotmail is banned because they fail at accepting the registration e-mails.Crash report needs more info, such as the faulting module. Link to comment Share on other sites More sharing options...
g0tgot Posted April 1, 2012 Author Report Share Posted April 1, 2012 hope this helpsFaulting application name: uTorrent.exe, version: 3.2.0.26986, time stamp: 0x4f75f8e8Faulting module name: uTorrent.exe, version: 3.2.0.26986, time stamp: 0x4f75f8e8Exception code: 0xc0000005Fault offset: 0x000f419bFaulting process id: 0x1054Faulting application start time: 0x01cd0fb13792a571Faulting application path: F:\Program Files (x86)\uTorrent\uTorrent.exeFaulting module path: F:\Program Files (x86)\uTorrent\uTorrent.exeReport Id: 754b1732-7ba4-11e1-9ceb-bcaec51a1c81 Link to comment Share on other sites More sharing options...
DreadWingKnight Posted April 1, 2012 Report Share Posted April 1, 2012 I'm honestly leaning towards avast or peerblock as the cause of the crash.What are you doing when it crashes? Link to comment Share on other sites More sharing options...
g0tgot Posted April 1, 2012 Author Report Share Posted April 1, 2012 it opens upon system startup, recently I attempted to relocate to SSD in C: it worked, and then it did the same thing, therefore I left it on the other harddrive.. reloaded, it started , worked for a few days...after I close utorrent (right click bottom right task bar) it will not reopen and I get the "utorrent has stopped working, windows can check online for a solution" error with :roblem signature: Problem Event Name: APPCRASH Application Name: uTorrent.exe Application Version: 3.2.0.26986 Application Timestamp: 4f75f8e8 Fault Module Name: uTorrent.exe Fault Module Version: 3.2.0.26986 Fault Module Timestamp: 4f75f8e8 Exception Code: c0000005 Exception Offset: 000f419b OS Version: 6.1.7601.2.1.0.256.1 Locale ID: 1033 Additional Information 1: 0a9e Additional Information 2: 0a9e372d3b4ad19135b953a78882e789 Additional Information 3: 0a9e Additional Information 4: 0a9e372d3b4ad19135b953a78882e789Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt Link to comment Share on other sites More sharing options...
DreadWingKnight Posted April 1, 2012 Report Share Posted April 1, 2012 You tried 3.1.3 stable instead of the 3.2 beta? Link to comment Share on other sites More sharing options...
g0tgot Posted April 1, 2012 Author Report Share Posted April 1, 2012 will try that now... was it me or did the forums go offline for a minute?> Link to comment Share on other sites More sharing options...
g0tgot Posted April 1, 2012 Author Report Share Posted April 1, 2012 ^^ solved.thanks for your help i appreciate it. I will stick with the stable. Maybe something with X64 platform? Link to comment Share on other sites More sharing options...
g0tgot Posted April 1, 2012 Author Report Share Posted April 1, 2012 BTW i tried with avast and peerblock disabled, still same crash... but i thought the same thing, however It was working with it since day 1 of the computer build. I know it may be an update with conflict of some sort... most recent update was windows defender KB915597 (definitions 1.121.1660.0/1.123.212.0/1.123.449.0/1.123.738.0 starting with oldest to most recent. 3/19/2021 - 3/30/2012) Link to comment Share on other sites More sharing options...
DreadWingKnight Posted April 1, 2012 Report Share Posted April 1, 2012 Maybe something with X64 platform?Our x64 version is currently discontinued. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.