Constantly reoccuring crash issue - No crash dump saved

[Niczo]

I've been using uTorrent for a few weeks now, and while it works fine sometimes, mostly when I'm downloading or uploading it just randomly crashes, giving me a message something like "Unknown error, could not save crash dump". When that happens I have to start uTorrent again and again until the download is complete. I have looked through the "newbie FAQ" but can't find an anwer to my problem.

I'm running on a single-core Athlon 64, Windows XP SP2 with all updates, and Norman Virus Control (not Norman Personal Firewall though).

I could probably do some testing on my own but I'm not quite sure where to start, any advice would be greatly appreciated.

[Firon]

Post a HijackThis log and a DLL list from Process Explorer, please.

[Niczo]

I'm new to these things and I'm not sure what DLL list you are refering to, I looked through the process manager in Windows but could find no such list. I'd be grateful if you could explain to me or give me a link to where theres more info.

I just downloaded HijackThis, and it ran a scan by itself and saved a log. This is it: (hope its readable)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 01:17:29, on 2008-01-19

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Norman\Npm\bin\ELOGSVC.EXE

C:\Norman\Npm\Bin\Zanda.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program\Java\jre1.6.0_03\bin\jusched.exe

C:\Program\Razer\Copperhead\razerhid.exe

C:\Program\Windows Defender\MSASCui.exe

C:\Program\Delade filer\Logitech\LCD Manager\lcdmon.exe

C:\Program\Delade filer\Logitech\G-series Software\LGDCore.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Norman\Npm\bin\ZLH.EXE

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Logitech\Profiler\lwemon.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\WiFiConnector\NintendoWFCReg.exe

C:\Program\Last.fm\LastFMHelper.exe

C:\Program\Delade filer\Logitech\LCD Manager\Applets\LCDClock.exe

C:\Program\Delade filer\Logitech\LCD Manager\Applets\LCDPOP3.exe

C:\Program\Delade filer\Logitech\LCD Manager\Applets\LCDMedia.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Program\Razer\Copperhead\razertra.exe

C:\Program\Razer\Copperhead\razerofa.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Norman\Npm\bin\NJEEVES.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\Norman\Nvc\BIN\NIP.EXE

C:\Norman\Nvc\BIN\NVCSCHED.EXE

C:\Norman\Nvc\bin\nvcoas.exe

C:\Norman\Nvc\bin\cclaw.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

C:\Program\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tibia.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Copperhead] C:\Program\Razer\Copperhead\razerhid.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program\Delade filer\Logitech\LCD Manager\lcdmon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Delade filer\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\wianmpa.exe

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [start WingMan Profiler] "C:\Program\Logitech\Profiler\lwemon.exe" /noui

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: Last.fm Helper.lnk = C:\Program\Last.fm\LastFMHelper.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Kör Registreringsverktyg för Nintendo Wi-Fi USB Connector.lnk = C:\Program\WiFiConnector\NintendoWFCReg.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1157303267437

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManagerkontroll) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.2.1.cab

O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 7496 bytes

[Firon]

get Process Explorer from sysinternals.com, run it, File > Save, then post the contents of the saved process list in the .txt file here

I'd try uninstalling Norman.

[Gossef]

I have a similar problem, which started a couple days ago.

Every time I start utorrent it works fine for a couple of minutes and after that it gives an error message pop-up (which remains blank, can't read it) and then utorrent crashes (and so does my internet sometimes).

I've been succesfully using utorrent for months on end and I haven't changed anything else on my computer.

I am running Norman Virus Control as well, but I've been using that for years now and I never had any problems with it. If it was because of Norman, the problems should've started ages ago and not in the last few days I suppose?

P.S.

Sorry for hijacking this thread, but I thought the problem was similar.

My HiJackThis file

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 15:12:11, on 20-1-2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Norman\Npm\bin\ELOGSVC.EXE

C:\Norman\Npm\Bin\Zanda.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\windows\system\hpsysdrv.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

C:\Norman\Npm\bin\ZLH.EXE

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\DAEMON Tools\daemon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Norman\Nvc\BIN\NIP.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Norman\Npm\bin\NJEEVES.EXE

C:\Program Files\WL-142 Wireless Network Utility\WLANUTL.exe

C:\Norman\Nvc\BIN\NVCSCHED.EXE

C:\Norman\Nvc\bin\nvcoas.exe

C:\WINDOWS\System32\alg.exe

C:\Norman\Nvc\bin\cclaw.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\WINDOWS\system32\divxsm.exe

C:\Documents and Settings\Compaq_Eigenaar\Local Settings\Temporary Internet Files\Content.IE5\CUQA7KKL\HiJackThis_v2[1].exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: (no name) - {BBE22AD0-2542-49EF-8A6F-6774F2261FD1} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"

O4 - HKCU\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - Startup: PowerReg Scheduler.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: WL-142 Wireless Network Utility.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.topsoftwarefeed.com/redirect.php (file missing)

O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.topsoftwarefeed.com/redirect.php (file missing)

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: rqrsppn - rqrsppn.dll (file missing)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe

O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

--

End of file - 9573 bytes

[jewelisheaven]

Spyware Doctor is a reported problem program. I would bet even money the problems go away after you uninstall it.

[Gossef]

Spyware Doctor is part of Hitman Pro, which I've also used for ages. I did run Hitman Pro yesterday, but that was after the problems started.

So I kinda doubt that would be it...

[jewelisheaven]

As you wish, posting a list of DLLs injected into utorrent.exe from Process Explorer please?

Edit: open procexp.exe,Ctrl-L,Ctrl-D,Click utorrent.exe, Ctrl-a, copy-paste

[Gossef]

This should be the one

Process PID CPU Description Company Name

System Idle Process 0

Interrupts n/a 33.33 Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 416 Windows NT Session Manager Microsoft Corporation

csrss.exe 664 Client Server Runtime Process Microsoft Corporation

winlogon.exe 696 Toepassing Windows NT-aanmelding Microsoft Corporation

services.exe 744 33.33 Services en controllertoepassingen Microsoft Corporation

svchost.exe 932 Generic Host Process for Win32 Services Microsoft Corporation

NMIndexStoreSvr.exe 1392 Nero Home Nero AG

DivXsm.exe 1868

svchost.exe 1004 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1100 Generic Host Process for Win32 Services Microsoft Corporation

wscntfy.exe 3076 Windows Security Center Notification App Microsoft Corporation

elogsvc.exe 1140 Norman eLogger service Norman ASA

Zanda.exe 1200 Norman Zanda service Norman ASA

svchost.exe 1268 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1408 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1472 Spooler SubSystem App Microsoft Corporation

nvsvc32.exe 1608 NVIDIA Driver Helper Service, Version 162.18 NVIDIA Corporation

PnkBstrA.exe 1620

PnkBstrB.exe 1632

WRSSSDK.exe 1772 Spy Sweeper SDK Webroot Software, Inc.

Njeeves.exe 1588

Nvcsched.exe 1856 NVC Scheduler Norman ASA

Nvcoas.exe 1988 NVC OnAccess virus scanner Norman ASA

alg.exe 2680 Application Layer Gateway Service Microsoft Corporation

svchost.exe 2792 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 3968 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 756 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 212 Windows Verkenner Microsoft Corporation

jusched.exe 356 Java Platform SE binary Sun Microsystems, Inc.

hpsysdrv.exe 432 hpsysdrv Hewlett-Packard Company

kbd.exe 300 KBD EXE Hewlett-Packard Company

HPWUSC~1.EXE 476 Hewlett-Packard Product Assistant Hewlett-Packard Co.

Zlh.exe 488 Norman ZLH Norman ASA

Nip.exe 624 NVC Internet Protection Norman ASA

REALSC~1.EXE 504 RealNetworks Scheduler RealNetworks, Inc.

apdproxy.exe 520 Adobe Photoshop Album Starter Edition 3.0 component Adobe Systems Incorporated

qttask.exe 528 QuickTime Task Apple Computer, Inc.

daemon.exe 536 Virtual DAEMON Manager DT Soft Ltd.

soundman.exe 556 Realtek Sound Manager Realtek Semiconductor Corp.

rundll32.exe 648 Een DLL-bestand als toepassing starten Microsoft Corporation

NMBGMO~1.EXE 720 Nero Home Nero AG

ctfmon.exe 872 CTF Loader Microsoft Corporation

SUPERANTISPYWARE.EXE 1040 SUPERAntiSpyware SUPERAntiSpyware.com

SSAAD.exe 1308 SonicStage Atrac Hard Disk Monitor

msnmsgr.exe 1360 Messenger Microsoft Corporation

WLANUTL.exe 1720 IEEE 802.11g Wireless LAN Utility

iexplore.exe 2428 Internet Explorer Microsoft Corporation

WinRAR.exe 1184

procexp.exe 2992 33.33 Sysinternals Process Explorer Sysinternals

wmplayer.exe 748 Windows Media Player Microsoft Corporation

uTorrent.exe 3688

CClaw.exe 2776

Process: uTorrent.exe Pid: 3688

Name Description Company Name Version

ACTIVEDS.dll DLL-bestand voor routerlaag van Active Directory Microsoft Corporation 5.01.2600.2180

adsldpc.dll ADs LDAP Provider C DLL-bestand Microsoft Corporation 5.01.2600.2180

ADVAPI32.dll Geavanceerde Windows 32 basis-API Microsoft Corporation 5.01.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982

comdlg32.dll DLL voor gedeelde dialoogvensters Microsoft Corporation 6.00.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.0258

ctype.nls

DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.2938

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3159

hnetcfg.dll Configuratiebeheer van thuisnetwerk Microsoft Corporation 5.01.2600.2180

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180

Iphlpapi.dll IP-helper-API Microsoft Corporation 5.01.2600.2912

kernel32.dll DLL-bestand voor Windows NT BASE API-client Microsoft Corporation 5.01.2600.3119

locale.nls

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180

MSCTF.dll DLL-bestand voor MSCTF-server Microsoft Corporation 5.01.2600.2180

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service-aanbieder Microsoft Corporation 5.01.2600.2180

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976

Niphk.dll NVC Internet Protection Norman ASA 5.09.0000.0001

ntdll.dll DLL-bestand voor NT-laag Microsoft Corporation 5.01.2600.2180

NTMARTA.DLL Windows NT MARTA-provider Microsoft Corporation 5.01.2600.2180

ole32.dll Microsoft OLE voor Windows Microsoft Corporation 5.01.2600.2726

OLEAUT32.dll Microsoft Corporation 5.01.2600.3139

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180

SHELL32.dll Gemeenschappelijk DLL-bestand van Windows Shell Microsoft Corporation 6.00.2900.3241

SHLWAPI.dll Shell lichtgewicht hulpprogrammabibliotheek Microsoft Corporation 6.00.2900.3020

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll DLL-bestand voor Windows XP USER API-client Microsoft Corporation 5.01.2600.3099

uTorrent.exe

uxtheme.dll DLL-bestand Microsoft UxTheme Microsoft Corporation 6.00.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180

WS2HELP.dll Windows Socket 2.0-helper voor Windows NT Microsoft Corporation 5.01.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180

[jewelisheaven]

Turning off NIP.exe which controls Niphk.dll NVC Internet Protection Norman ASA 5.09.0000.0001 should get rid of the problems. The next time uT crashes verify it is NOT loaded into the EXE. (Note I am being rather slow, DWKnight and Firon's first words would probably be to say uninstall the firewall / security / protection suite.)