Picking14u Posted August 23, 2008 Report Share Posted August 23, 2008 I have been having this problem with utorrent locking up for about 10 seconds everytime i click any button is anyone else having this problem.. i check my memory usage and its under 10% and all my other windows have no problems.. its just with utorrent.. i would appreciate any help in this matter, it only started with this latest upgrade Link to comment Share on other sites More sharing options...
thelittlefire Posted August 23, 2008 Report Share Posted August 23, 2008 Can you go to the bottom of http://forum.utorrent.com/viewtopic.php?id=15992 and perform the steps for a Process Explorer logfile of the utorrent.exe process to see if something is injected there which shouldn't be? Link to comment Share on other sites More sharing options...
Picking14u Posted August 23, 2008 Author Report Share Posted August 23, 2008 Process PID CPU Description Company NameSystem Idle Process 0 95.45 Interrupts n/a 0.76 Hardware Interrupts DPCs n/a 0.76 Deferred Procedure Calls System 4 smss.exe 1260 Windows NT Session Manager Microsoft Corporation csrss.exe 1364 Client Server Runtime Process Microsoft Corporation winlogon.exe 1400 Windows NT Logon Application Microsoft Corporation services.exe 1448 0.76 Services and Controller app Microsoft Corporation ati2evxx.exe 1628 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 1644 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1716 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1772 Generic Host Process for Win32 Services Microsoft Corporation TPSrv.exe 1796 TPSrv Application Panda Software International svchost.exe 1988 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 248 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1152 Spooler SubSystem App Microsoft Corporation cisvc.exe 1184 Content Index service Microsoft Corporation cidaemon.exe 3168 Indexing Service filter daemon Microsoft Corporation ehRecvr.exe 296 Media Center Receiver Service Microsoft Corporation ehSched.exe 468 Media Center Scheduler Service Microsoft Corporation jqs.exe 1048 Java Quick Starter Service Sun Microsystems, Inc. PsCtrlS.exe 1288 Panda Software Controler Panda Software International PavBckPT.exe 1504 PavBckPT Aplicación Panda Software International, S.L. PAVFNSVR.EXE 1592 Panda Function Service Panda Software International PavPrSrv.exe 1060 Panda Process Protection Service Panda Software PAVSRV51.EXE 2088 Enhanced On-Access Anti-Malware Service. Panda Software International AVENGINE.EXE 2460 Enhanced On-Access Anti-Malware Protection. Panda Software International HPZipm12.exe 2412 PML Driver HP pskmssvc.exe 2864 Anti-malware protection service library executable Panda Software International PSHost.exe 3020 Panda Host Service Panda Software International PsImSvc.exe 3332 Panda Interface Manager Service Panda Software International StarWindService.exe 3864 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software svchost.exe 208 Generic Host Process for Win32 Services Microsoft Corporation dllhost.exe 484 COM Surrogate Microsoft Corporation alg.exe 3352 Application Layer Gateway Service Microsoft Corporation svchost.exe 2924 Generic Host Process for Win32 Services Microsoft Corporation lsass.exe 1460 LSA Shell (Export Version) Microsoft Corporation ati2evxx.exe 812 ATI External Event Utility EXE Module ATI Technologies Inc.explorer.exe 668 Windows Explorer Microsoft Corporation RTHDCPL.exe 3760 Realtek HD Audio Control Panel Realtek Semiconductor Corp. RtkBtMnt.exe 2728 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. apvxdwin.exe 2520 Platinum permanent protection Panda Software International SrvLoad.exe 2720 Panda AntiSpam Trainer Panda Software International WebProxy.exe 3152 Internet resident proxy Panda Security International msnmsgr.exe 2184 Messenger Microsoft Corporation ctfmon.exe 2480 CTF Loader Microsoft Corporation uTorrent.exe 2620 1.52 µTorrent BitTorrent, Inc. firefox.exe 3496 Firefox Mozilla Corporation procexp.exe 4884 0.76 Sysinternals Process Explorer Sysinternals - www.sysinternals.comMOM.exe 2844 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 3960 Catalyst Control Centre: Host application ATI Technologies Inc.YahooMessenger.exe 5224 Yahoo! Messenger Yahoo! Inc.Process: uTorrent.exe Pid: 2620Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.01.2600.2180ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000c_936.nls CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180COMRes.dll Microsoft Corporation 2001.12.4414.0258ctype.nls DnsApi.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3394GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3316hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180icl_cfg.dll Internet Resident Configuration Panda Software International 7.09.0033.0503idle.dll Idle Module Yahoo! Inc. 1.00.0000.0002IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119locale.nls MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.3319msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180MSVCP71.dll Microsoft® C++ Runtime Library Microsoft Corporation 7.10.3077.0000MSVCR71.dll Microsoft® C Runtime Library Microsoft Corporation 7.10.3052.0004msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3394netapi32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726oleaut32.dll Microsoft Corporation 5.01.2600.3266pavipc.dll PavIpc Dynamic Link Library Panda Software International 8.00.0000.0000pavlsp.dll Internet Resident Layered Service Provider Panda Software International 7.09.0022.0502pavoepl.dll Outlook Express Integration Panda Software International 8.08.0006.0005PAVSHOOK.DLL PavSHook Dynamic Link Library Panda Software International 8.00.0001.0000PavTrc.dll Internet resident forwarding Panda Security International 7.12.0026.0509PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.2161rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.2180SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3354sortkey.nls sorttbls.nls systools.dll SYSTOOLS Panda Software 7.00.0002.0000TpUtil.dll TpUtil Dynamic Link Library Panda Software International 8.00.0001.0000unicode.nls USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099USERENV.dll Userenv Microsoft Corporation 5.01.2600.2180uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.11903UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180WSOCK32.dll Windows Socket 32-Bit DLL Microsoft Corporation 5.01.2600.2180thanks for any helpLogfile of Trend Micro HijackThis v2.0.2Scan saved at 2:07:16 AM, on 8/23/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exeC:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exeC:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exeC:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXEC:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exec:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXEC:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\dllhost.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\System32\svchost.exeC:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXEC:\Program Files\MSN Messenger\msnmsgr.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXEC:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exeC:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exeC:\DOCUME~1\Admin\LOCALS~1\Temp\RtkBtMnt.exeC:\WINDOWS\system32\cidaemon.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXEC:\Documents and Settings\Admin\Desktop\procexp.exeC:\Documents and Settings\Admin\Desktop\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exeO4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /sO4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exeO23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exeO23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exeO23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exeO23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXEO23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeO23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe--End of file - 5979 bytes Link to comment Share on other sites More sharing options...
thelittlefire Posted August 23, 2008 Report Share Posted August 23, 2008 Well, the first thing that stands out is the implementation of ALL THOSE Panda DLLs Additionally Yahoo toolbar/messenger added their idle monitor (apparently into all running processes) lol.I don't know what to say other than add uTorrent to all monitor application exceptions in the panda suite... If you don't know how to do that, uninstall panda temporarily and reboot. If that solves the problem, you can/should install each component in panda one at a time until the problem re-manifests so you KNOW which service/component causes this. I would start with those which would inspect/analyze internet traffic and RAM. Link to comment Share on other sites More sharing options...
Picking14u Posted August 23, 2008 Author Report Share Posted August 23, 2008 it was doing it , when i had avg as my security , but i guess i can try uninstalling it and running it without it, and how do i get rid of the yahoo , that is into everything...i don't even use IE , so anything i can get rid of i would love took,, uninstalled my panda. and that did it.. what do you recommend Link to comment Share on other sites More sharing options...
thelittlefire Posted August 23, 2008 Report Share Posted August 23, 2008 Since Yahoo is smaller.. I'd start by uninstalling that first. Hmm that's odd AVG did it as well, but make sure you reboot between uninstall and testing again. Also run Process Explorer again to be sure nothing else is injected. Link to comment Share on other sites More sharing options...
Picking14u Posted August 23, 2008 Author Report Share Posted August 23, 2008 here you go....well i like yahoo messanger Process PID CPU Description Company NameSystem Idle Process 0 96.92 Interrupts n/a Hardware Interrupts DPCs n/a 1.54 Deferred Procedure Calls System 4 smss.exe 1260 Windows NT Session Manager Microsoft Corporation csrss.exe 1364 Client Server Runtime Process Microsoft Corporation winlogon.exe 1400 Windows NT Logon Application Microsoft Corporation services.exe 1448 Services and Controller app Microsoft Corporation ati2evxx.exe 1628 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 1644 Generic Host Process for Win32 Services Microsoft Corporation wmiprvse.exe 1440 WMI Microsoft Corporation svchost.exe 1716 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1772 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1988 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 248 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1152 Spooler SubSystem App Microsoft Corporation cisvc.exe 1184 Content Index service Microsoft Corporation cidaemon.exe 3168 Indexing Service filter daemon Microsoft Corporation ehRecvr.exe 296 Media Center Receiver Service Microsoft Corporation ehSched.exe 468 Media Center Scheduler Service Microsoft Corporation jqs.exe 1048 Java Quick Starter Service Sun Microsystems, Inc. PavPrSrv.exe 1060 Panda Process Protection Service Panda Software HPZipm12.exe 2412 PML Driver HP StarWindService.exe 3864 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software svchost.exe 208 Generic Host Process for Win32 Services Microsoft Corporation dllhost.exe 484 COM Surrogate Microsoft Corporation alg.exe 3352 Application Layer Gateway Service Microsoft Corporation svchost.exe 2924 Generic Host Process for Win32 Services Microsoft Corporation lsass.exe 1460 LSA Shell (Export Version) Microsoft Corporation ati2evxx.exe 812 ATI External Event Utility EXE Module ATI Technologies Inc.explorer.exe 668 Windows Explorer Microsoft Corporation RTHDCPL.exe 3760 Realtek HD Audio Control Panel Realtek Semiconductor Corp. RtkBtMnt.exe 2728 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. msnmsgr.exe 2184 Messenger Microsoft Corporation ctfmon.exe 2480 CTF Loader Microsoft Corporation uTorrent.exe 2620 µTorrent BitTorrent, Inc. firefox.exe 3496 Firefox Mozilla Corporation HiJackThis.exe 4980 HijackThis Trend Micro Inc. procexp.exe 6096 1.54 Sysinternals Process Explorer Sysinternals - www.sysinternals.comMOM.exe 2844 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 3960 Catalyst Control Centre: Host application ATI Technologies Inc.YahooMessenger.exe 5224 Yahoo! Messenger Yahoo! Inc.Process: uTorrent.exe Pid: 2620Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.01.2600.2180ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000c_936.nls CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180COMRes.dll Microsoft Corporation 2001.12.4414.0258ctype.nls DnsApi.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3394GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3316hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180icl_cfg.dll Internet Resident Configuration Panda Software International 7.09.0033.0503idle.dll Idle Module Yahoo! Inc. 1.00.0000.0002IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119locale.nls MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.3319msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180MSVCP71.dll Microsoft® C++ Runtime Library Microsoft Corporation 7.10.3077.0000MSVCR71.dll Microsoft® C Runtime Library Microsoft Corporation 7.10.3052.0004msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3394netapi32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726oleaut32.dll Microsoft Corporation 5.01.2600.3266pavipc.dll PavIpc Dynamic Link Library Panda Software International 8.00.0000.0000pavlsp.dll Internet Resident Layered Service Provider Panda Software International 7.09.0022.0502PAVSHOOK.DLL PavSHook Dynamic Link Library Panda Software International 8.00.0001.0000PavTrc.dll Internet resident forwarding Panda Security International 7.12.0026.0509PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.2161rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.2180SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3354sortkey.nls sorttbls.nls systools.dll SYSTOOLS Panda Software 7.00.0002.0000TpUtil.dll TpUtil Dynamic Link Library Panda Software International 8.00.0001.0000unicode.nls USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099USERENV.dll Userenv Microsoft Corporation 5.01.2600.2180uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.11903UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180WSOCK32.dll Windows Socket 32-Bit DLL Microsoft Corporation 5.01.2600.2180 Link to comment Share on other sites More sharing options...
thelittlefire Posted August 23, 2008 Report Share Posted August 23, 2008 You didn't uninstall panda before you ran this logfile? Did the problem stop happening before uninstalling panda?If not, uninstall.. reboot, test and run another logfile to verify.Well I guess you could stop all the services by doing this and then running uTorrent to verify... start > run > services.msc find all the services for panda (there are 8) and right click, stop, right click, disable. Or you may need to go to properties and then select disable, it's been a while.Hmm, actually O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exelooks like the most promising one "process protection" certainly sounds like it mucks with process RAM to "protect" you from things. Since you get GUI lag when interacting with the interface, perhaps there is a configuration panel for this service. Link to comment Share on other sites More sharing options...
Picking14u Posted August 23, 2008 Author Report Share Posted August 23, 2008 ok,, lets try again.,,.here it goes.. and i am still having speed problems, and i just did the firmware upgrade for my routerLogfile of Trend Micro HijackThis v2.0.2Scan saved at 3:13:04 AM, on 8/23/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\dllhost.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\System32\svchost.exeC:\Program Files\MSN Messenger\msnmsgr.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\DOCUME~1\Admin\LOCALS~1\Temp\RtkBtMnt.exeC:\WINDOWS\system32\cidaemon.exeC:\Program Files\uTorrent\uTorrent.exeC:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXEC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\PFConfig\PFConfig.exeC:\WINDOWS\system32\wuauclt.exeC:\Documents and Settings\Admin\Desktop\HiJackThis.exeC:\WINDOWS\system32\NOTEPAD.EXER0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exeO4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /backgroundO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe--End of file - 3730 bytesProcess PID CPU Description Company NameSystem Idle Process 0 88.64 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 1260 Windows NT Session Manager Microsoft Corporation csrss.exe 1364 Client Server Runtime Process Microsoft Corporation winlogon.exe 1400 Windows NT Logon Application Microsoft Corporation services.exe 1448 0.76 Services and Controller app Microsoft Corporation ati2evxx.exe 1628 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 1644 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1716 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1772 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1988 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 248 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1152 Spooler SubSystem App Microsoft Corporation cisvc.exe 1184 9.09 Content Index service Microsoft Corporation cidaemon.exe 3168 Indexing Service filter daemon Microsoft Corporation ehRecvr.exe 296 Media Center Receiver Service Microsoft Corporation ehSched.exe 468 Media Center Scheduler Service Microsoft Corporation jqs.exe 1048 Java Quick Starter Service Sun Microsystems, Inc. PavPrSrv.exe 1060 Panda Process Protection Service Panda Software HPZipm12.exe 2412 PML Driver HP StarWindService.exe 3864 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software svchost.exe 208 Generic Host Process for Win32 Services Microsoft Corporation dllhost.exe 484 COM Surrogate Microsoft Corporation alg.exe 3352 Application Layer Gateway Service Microsoft Corporation svchost.exe 2924 Generic Host Process for Win32 Services Microsoft Corporation lsass.exe 1460 LSA Shell (Export Version) Microsoft Corporation ati2evxx.exe 812 ATI External Event Utility EXE Module ATI Technologies Inc.explorer.exe 668 Windows Explorer Microsoft Corporation RTHDCPL.exe 3760 Realtek HD Audio Control Panel Realtek Semiconductor Corp. RtkBtMnt.exe 2728 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. msnmsgr.exe 2184 Messenger Microsoft Corporation uTorrent.exe 2620 µTorrent BitTorrent, Inc. firefox.exe 6092 0.76 Firefox Mozilla Corporation PFConfig.exe 5160 PFConfig.exe allows you to easily configure your router's port forwarding section. www.portforward.com HiJackThis.exe 396 HijackThis Trend Micro Inc. notepad.exe 4624 Notepad Microsoft Corporation notepad.exe 2652 Notepad Microsoft Corporation procexp.exe 3228 0.76 Sysinternals Process Explorer Sysinternals - www.sysinternals.comMOM.exe 2844 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 3960 Catalyst Control Centre: Host application ATI Technologies Inc.YahooMessenger.exe 5224 Yahoo! Messenger Yahoo! Inc.Process: uTorrent.exe Pid: 2620Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.01.2600.2180ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000c_936.nls CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180COMRes.dll Microsoft Corporation 2001.12.4414.0258ctype.nls DnsApi.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3394GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3316hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180icl_cfg.dll Internet Resident Configuration Panda Software International 7.09.0033.0503idle.dll Idle Module Yahoo! Inc. 1.00.0000.0002IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119locale.nls MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.3319msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180MSVCP71.dll Microsoft® C++ Runtime Library Microsoft Corporation 7.10.3077.0000MSVCR71.dll Microsoft® C Runtime Library Microsoft Corporation 7.10.3052.0004msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3394netapi32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726oleaut32.dll Microsoft Corporation 5.01.2600.3266pavipc.dll PavIpc Dynamic Link Library Panda Software International 8.00.0000.0000pavlsp.dll Internet Resident Layered Service Provider Panda Software International 7.09.0022.0502PAVSHOOK.DLL PavSHook Dynamic Link Library Panda Software International 8.00.0001.0000PavTrc.dll Internet resident forwarding Panda Security International 7.12.0026.0509PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.2161rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.2180SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3354sortkey.nls sorttbls.nls systools.dll SYSTOOLS Panda Software 7.00.0002.0000TpUtil.dll TpUtil Dynamic Link Library Panda Software International 8.00.0001.0000unicode.nls USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099USERENV.dll Userenv Microsoft Corporation 5.01.2600.2180uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.11903UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180WSOCK32.dll Windows Socket 32-Bit DLL Microsoft Corporation 5.01.2600.2180 Link to comment Share on other sites More sharing options...
thelittlefire Posted August 23, 2008 Report Share Posted August 23, 2008 Still injected DLLsicl_cfg.dll Internet Resident Configuration Panda Software International 7.09.0033.0503idle.dll Idle Module Yahoo! Inc. 1.00.0000.0002pavipc.dll PavIpc Dynamic Link Library Panda Software International 8.00.0000.0000pavlsp.dll Internet Resident Layered Service Provider Panda Software International 7.09.0022.0502PAVSHOOK.DLL PavSHook Dynamic Link Library Panda Software International 8.00.0001.0000PavTrc.dll Internet resident forwarding Panda Security International 7.12.0026.0509systools.dll SYSTOOLS Panda Software 7.00.0002.0000TpUtil.dll TpUtil Dynamic Link Library Panda Software International 8.00.0001.0000I'm confused and rather tired... so forgive me, but is your GUI issue solved? you're talking about torrent speeds now? Have you gone through http://utorrent.com/guides.php and the general troubleshooting sticky http://forum.utorrent.com/viewtopic.php?id=15992 ? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.