utorrent locks up

Picking14u · August 23, 2008

I have been having this problem with utorrent locking up for about 10 seconds everytime i click any button is anyone else having this problem.. i check my memory usage and its under 10% and all my other windows have no problems.. its just with utorrent.. i would appreciate any help in this matter, it only started with this latest upgrade

thelittlefire · August 23, 2008

Can you go to the bottom of http://forum.utorrent.com/viewtopic.php?id=15992 and perform the steps for a Process Explorer logfile of the utorrent.exe process to see if something is injected there which shouldn't be?

Picking14u · August 23, 2008

Process PID CPU Description Company Name

System Idle Process 0 95.45

Interrupts n/a 0.76 Hardware Interrupts

DPCs n/a 0.76 Deferred Procedure Calls

System 4

smss.exe 1260 Windows NT Session Manager Microsoft Corporation

csrss.exe 1364 Client Server Runtime Process Microsoft Corporation

winlogon.exe 1400 Windows NT Logon Application Microsoft Corporation

services.exe 1448 0.76 Services and Controller app Microsoft Corporation

ati2evxx.exe 1628 ATI External Event Utility EXE Module ATI Technologies Inc.

svchost.exe 1644 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1716 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1772 Generic Host Process for Win32 Services Microsoft Corporation

TPSrv.exe 1796 TPSrv Application Panda Software International

svchost.exe 1988 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 248 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1152 Spooler SubSystem App Microsoft Corporation

cisvc.exe 1184 Content Index service Microsoft Corporation

cidaemon.exe 3168 Indexing Service filter daemon Microsoft Corporation

ehRecvr.exe 296 Media Center Receiver Service Microsoft Corporation

ehSched.exe 468 Media Center Scheduler Service Microsoft Corporation

jqs.exe 1048 Java Quick Starter Service Sun Microsystems, Inc.

PsCtrlS.exe 1288 Panda Software Controler Panda Software International

PavBckPT.exe 1504 PavBckPT Aplicación Panda Software International, S.L.

PAVFNSVR.EXE 1592 Panda Function Service Panda Software International

PavPrSrv.exe 1060 Panda Process Protection Service Panda Software

PAVSRV51.EXE 2088 Enhanced On-Access Anti-Malware Service. Panda Software International

AVENGINE.EXE 2460 Enhanced On-Access Anti-Malware Protection. Panda Software International

HPZipm12.exe 2412 PML Driver HP

pskmssvc.exe 2864 Anti-malware protection service library executable Panda Software International

PSHost.exe 3020 Panda Host Service Panda Software International

PsImSvc.exe 3332 Panda Interface Manager Service Panda Software International

StarWindService.exe 3864 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software

svchost.exe 208 Generic Host Process for Win32 Services Microsoft Corporation

dllhost.exe 484 COM Surrogate Microsoft Corporation

alg.exe 3352 Application Layer Gateway Service Microsoft Corporation

svchost.exe 2924 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 1460 LSA Shell (Export Version) Microsoft Corporation

ati2evxx.exe 812 ATI External Event Utility EXE Module ATI Technologies Inc.

explorer.exe 668 Windows Explorer Microsoft Corporation

RTHDCPL.exe 3760 Realtek HD Audio Control Panel Realtek Semiconductor Corp.

RtkBtMnt.exe 2728 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp.

apvxdwin.exe 2520 Platinum permanent protection Panda Software International

SrvLoad.exe 2720 Panda AntiSpam Trainer Panda Software International

WebProxy.exe 3152 Internet resident proxy Panda Security International

msnmsgr.exe 2184 Messenger Microsoft Corporation

ctfmon.exe 2480 CTF Loader Microsoft Corporation

uTorrent.exe 2620 1.52 µTorrent BitTorrent, Inc.

firefox.exe 3496 Firefox Mozilla Corporation

procexp.exe 4884 0.76 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

MOM.exe 2844 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.

CCC.exe 3960 Catalyst Control Centre: Host application ATI Technologies Inc.

YahooMessenger.exe 5224 Yahoo! Messenger Yahoo! Inc.

Process: uTorrent.exe Pid: 2620

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180

apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.01.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000

c_936.nls

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.0258

ctype.nls

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3394

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3316

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180

icl_cfg.dll Internet Resident Configuration Panda Software International 7.09.0033.0503

idle.dll Idle Module Yahoo! Inc. 1.00.0000.0002

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180

Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119

locale.nls

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.3319

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180

MSVCP71.dll Microsoft® C++ Runtime Library Microsoft Corporation 7.10.3077.0000

MSVCR71.dll Microsoft® C Runtime Library Microsoft Corporation 7.10.3052.0004

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3394

netapi32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726

oleaut32.dll Microsoft Corporation 5.01.2600.3266

pavipc.dll PavIpc Dynamic Link Library Panda Software International 8.00.0000.0000

pavlsp.dll Internet Resident Layered Service Provider Panda Software International 7.09.0022.0502

pavoepl.dll Outlook Express Integration Panda Software International 8.08.0006.0005

PAVSHOOK.DLL PavSHook Dynamic Link Library Panda Software International 8.00.0001.0000

PavTrc.dll Internet resident forwarding Panda Security International 7.12.0026.0509

PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.2161

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241

shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.2180

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3354

sortkey.nls

sorttbls.nls

systools.dll SYSTOOLS Panda Software 7.00.0002.0000

TpUtil.dll TpUtil Dynamic Link Library Panda Software International 8.00.0001.0000

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099

USERENV.dll Userenv Microsoft Corporation 5.01.2600.2180

uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.11903

UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180

WSOCK32.dll Windows Socket 32-Bit DLL Microsoft Corporation 5.01.2600.2180

thanks for any help

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:07:16 AM, on 8/23/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe

C:\DOCUME~1\Admin\LOCALS~1\Temp\RtkBtMnt.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE

C:\Documents and Settings\Admin\Desktop\procexp.exe

C:\Documents and Settings\Admin\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

--

End of file - 5979 bytes

thelittlefire · August 23, 2008

Well, the first thing that stands out is the implementation of ALL THOSE Panda DLLs

Additionally Yahoo toolbar/messenger added their idle monitor (apparently into all running processes) lol.

I don't know what to say other than add uTorrent to all monitor application exceptions in the panda suite... If you don't know how to do that, uninstall panda temporarily and reboot. If that solves the problem, you can/should install each component in panda one at a time until the problem re-manifests so you KNOW which service/component causes this. I would start with those which would inspect/analyze internet traffic and RAM.

Picking14u · August 23, 2008

it was doing it , when i had avg as my security , but i guess i can try uninstalling it and running it without it, and how do i get rid of the yahoo , that is into everything...i don't even use IE , so anything i can get rid of i would love to

ok,, uninstalled my panda. and that did it.. what do you recommend

thelittlefire · August 23, 2008

Since Yahoo is smaller.. I'd start by uninstalling that first. Hmm that's odd AVG did it as well, but make sure you reboot between uninstall and testing again. Also run Process Explorer again to be sure nothing else is injected.

Picking14u · August 23, 2008

here you go....well i like yahoo messanger