Utorrent crashing when opened

[agentbad]

Lately, when I double click on utorrent it crashes and gives me an error. However, when I try again it opens fine and everything works. Is this a bug with the newer version or what?

[GTHK]

What error? And follow this: a) get HijackThis from trendsecure.com, run it, view the log, and post the contents here

get Process Explorer from sysinternals.com, run it, Ctrl+D (to show the lower DLL pane), select the µTorrent process from the list, Ctrl+S (and save the list somewhere you'll find easily -- like the Desktop), then post the contents of the saved process list in the .txt file here

[agentbad]

Not really sure of the error it just happens when I start it up and it doesn't really give me what dll or anything just says utorrent.exe I believe.

Logfile of HijackThis v1.99.1

Scan saved at 5:04:24 PM, on 7/25/2008

Platform: Windows XP SP3, v.3244 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe

C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\UPHClean\uphclean.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe

C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe

C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Portrait Displays\Pivot Software\floater.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\WinRAR\WinRAR.exe

C:\Documents and Settings\redhorse\Desktop\New Folder\procexp.exe

C:\Documents and Settings\redhorse\Desktop\pc stuff\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=localhost:8118;http=localhost:8118;https=localhost:8118;socks=localhost:8118

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"

O4 - HKLM\..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR

O4 - HKLM\..\Run: [shdef] C:\WINDOWS\shdef.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Process PID CPU Description Company Name

System Idle Process 0 77.27

Interrupts n/a Hardware Interrupts

DPCs n/a 1.52 Deferred Procedure Calls

System 4 1.52

smss.exe 728 Windows NT Session Manager Microsoft Corporation

csrss.exe 776 Client Server Runtime Process Microsoft Corporation

winlogon.exe 800 Windows NT Logon Application Microsoft Corporation

services.exe 848 1.52 Services and Controller app Microsoft Corporation

svchost.exe 1024 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1104 Generic Host Process for Win32 Services Microsoft Corporation

MsMpEng.exe 1200 Service Executable Microsoft Corporation

svchost.exe 1284 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1348 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1596 Spooler SubSystem App Microsoft Corporation

DkService.exe 1692 4.55 Diskeeper Service Diskeeper Corporation

DTSRVC.exe 1728

nTuneService.exe 1784 NVIDIA Access Manager NVIDIA

nvsvc32.exe 1804 NVIDIA Driver Helper Service, Version 93.71 NVIDIA Corporation

uphclean.exe 1840 User Profile Hive Cleanup Service Microsoft Corporation

alg.exe 1176 Application Layer Gateway Service Microsoft Corporation

NMIndexingService.exe 3496 Nero Home Nero AG

lsass.exe 860 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 548 1.52 Windows Explorer Microsoft Corporation

jusched.exe 1592 Java Platform SE binary Sun Microsystems, Inc.

rundll32.exe 244 Run a DLL as an App Microsoft Corporation

wpCtrl.exe 476 Pivot Software Support Application Portrait Displays, Inc.

Floater.exe 1336 Pivot Software Support DLL Portrait Displays, Inc.

firefox.exe 248 1.52 Firefox Mozilla Corporation

MSASCui.exe 1316 Windows Defender User Interface Microsoft Corporation

ctfmon.exe 1460 CTF Loader Microsoft Corporation

SetPoint.exe 1516 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc.

KHALMNPR.exe 540 Logitech KHAL Main Process Logitech, Inc.

procexp.exe 2520 7.58 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

uTorrent.exe 2884 µTorrent BitTorrent, Inc.

nero.exe 3112 3.03 Nero Burning ROM Nero AG

dthtml.exe 824 eDisplay Management Portrait Displays, Inc

HookManager.exe 580 Context Menu Utility Portrait Displays Inc.

Process: uTorrent.exe Pid: 2884

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.3244

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.3244

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.3244

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0001

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0700

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.3244

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.3244

COMRes.dll Microsoft Corporation 2001.12.4414.0700

credui.dll Credential Manager User Interface Microsoft Corporation 5.01.2600.3244

CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.3244

ctype.nls

DHCPCSVC.DLL DHCP Client Service Microsoft Corporation 5.01.2600.3244

DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3244

dot3api.dll 802.3 Autoconfiguration API Microsoft Corporation 5.01.2600.3244

dot3dlg.dll 802.3 UI Helper Microsoft Corporation 5.01.2600.3244

EapolQec.dll Microsoft EAPOL NAP Enforcement Client Microsoft Corporation 5.01.2600.3244

eappcfg.dll Eap Peer Config Microsoft Corporation 5.01.2600.3244

eappprxy.dll Microsoft EAPHost Peer Client DLL Microsoft Corporation 5.01.2600.3244

ESENT.dll Server Database Storage Engine Microsoft Corporation 5.01.2600.3244

GameHook.dll Logitech Gaming Hook (UNICODE) Logitech, Inc. 4.24.0099.0000

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3244

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.3244

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.3244

Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.3244

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3244

lgscroll.dll Logitech Scroll Enabler (UNICODE) Logitech, Inc. 4.24.0099.0000

locale.nls

LPK.DLL Language Pack Microsoft Corporation 5.01.2600.3244

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.3244

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.01.2600.3244

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.3244

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.3244

mslbui.dll LangageBar Add In Microsoft Corporation 5.01.2600.3244

MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.02.3104.0000

MSVCP80.dll Microsoft® C++ Runtime Library Microsoft Corporation 8.00.50727.1433

MSVCR80.dll Microsoft® C Runtime Library Microsoft Corporation 8.00.50727.1433

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.3244

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3244

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.3244

netman.dll Network Connections Manager Microsoft Corporation 5.01.2600.3244

netshell.dll Network Connections Shell Microsoft Corporation 5.01.2600.3244

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.3244

NTMARTA.DLL Windows NT MARTA provider Microsoft Corporation 5.01.2600.3244

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.3244

oleaut32.dll Microsoft Corporation 5.01.2600.3244

OneX.DLL IEEE 802.1X supplicant library Microsoft Corporation 5.01.2600.3244

QUtil.dll Quarantine Utilities Microsoft Corporation 5.01.2600.3244

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.3244

RASAPI32.dll Remote Access API Microsoft Corporation 5.01.2600.3244

rasman.dll Remote Access Connection Manager Microsoft Corporation 5.01.2600.3244

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3244

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.3244

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.3244

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.3244

serwvdrv.dll Unimodem Serial Wave driver Microsoft Corporation 5.01.2600.0000

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.3244

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3244

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3244

sortkey.nls

sorttbls.nls

TAPI32.dll Microsoft® Windows Telephony API Client DLL Microsoft Corporation 5.01.2600.3244

umdmxfrm.dll Unimodem Tranform Module Microsoft Corporation 5.01.2600.0000

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3244

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.3244

uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0000.11564

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.3244

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.3244

WININET.dll Internet Extensions for Win32 Microsoft Corporation 6.00.2900.3244

WINMM.dll MCI API DLL Microsoft Corporation 5.01.2600.3244

winphook.dll Pivot Software Support DLL Portrait Displays, Inc. 8.21.0000.0000

WINSTA.dll Winstation Library Microsoft Corporation 5.01.2600.3244

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.3244

WMI.dll WMI DC and DP functionality Microsoft Corporation 5.01.2600.3244

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.3244

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.3244

wship6.dll IPv6 Helper DLL Microsoft Corporation 5.01.2600.3244

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.3244

WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.01.2600.3244

WZCSAPI.DLL Wireless Zero Configuration service API Microsoft Corporation 5.01.2600.3244

WZCSvc.DLL Wireless Zero Configuration Service Microsoft Corporation 5.01.2600.3244

xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.01.2600.3244

[GTHK]

Portrait Displays Pivot Software? A part of it seems to be loaded/hooked in µTorrent. I've heard Logitech is ok, so that only leaves the Pivot Software as foreign. I can rotate my screen, without hooks, using software by my cards manufacturer. Can you try disabling it, and making sure the hook in µT is gone? You'll see it missing from the PE log, the winphook.dll Pivot Software Support DLL Portrait Displays, Inc. 8.21.0000.0000

If it stops crashing, then it was Pivot messing things up. If you need to be able to rotate your screen, try finding appropriate software from your graphics card manager.

[agentbad]

I got rid of the software which came with my acer lcd I think and still getting the same error.

[GTHK]

Make a new PE log and check it to be sure. That's the only idea I had, hopefully one of the more experienced members can help.

[Switeck]

I saw this in the HijackThis! log:

O4 - HKLM\..\Run: [shdef] C:\WINDOWS\shdef.exe

http://www.bleepingcomputer.com/startups/shdef.exe-18295.html

It's malware.

[agentbad]

Wow, can't believe I didn't notice that. Thanks a lot for spotting that everything seems to working a lot better.

[vxd]

Hi, got a serious problem with the newest version of utorrent, see screenshot:

cannot even close utorrent.exe in my task manager, the only thing i can do is to restart my PC, delete utorrent from my PC, and installed again than it's work for a couple of hour than the same thing again:(

i use Windows Vista SP1, hope it can be fixxen soon:)

Greets,

VxD

[Firon]

Do you use Zone Alarm?

[vxd]

No i don't even use a fire wall, i got it again, the 3e time, work all more than 3 years with this program, en this weekend i thit the step from xp to vista but now i got the same problem, it's say it's active but can not deactivate it in my manager:( , so now iam going to try a other client version 1.7.6 hope this one work!!

[Firon]

Post a HijackThis log.

[vxd]

Ok here we go...

PS: aim now using version 1.7.6 and this one works greet:)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:46:19, on 30-7-2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\kxmixer.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\WindowsMobile\WmdHost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Gebruiker\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpagina.nl

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpagina.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Unattended

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [kX Mixer] C:\Windows\system32\kxmixer.exe --startup

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)

O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)

O13 - Gopher Prefix:

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

--

End of file - 6035 bytes

[agentbad]

I am using the beta and it works great but I am on win xp pro sp3.

[thelittlefire]

I'd stop SuperAntiApyware... check to see if its winlogon entry is in utorrent.exe using Process Explorer, or follow the speed problems sticky and create the procexp.exe logfile for uTorrent.exe and paste it below/above in the thread.

Also you should use 1.7.7 from http://utorrent.com/download.php it fixes security holes in 1.7.6

@ agentbad: K? so i'd remove and remake any rules you made previously for uTorrent to be sure your software doesn't think you're STILL running the old version (sometimes firewalls/security software uses checks to be sure your EXEs don't get changed without alerting you beforehand)... though I don't recall seeing many reports of that with Windows Defender. Does that do AV + security?

[agentbad]

Windows defender is strictly anti-spyware so it shouldn't mess with utorrent unless it's infected. The only firewall I run is on my router running DD-WRT which I don't think is an issue. Everything started working normally again once I got rid of the shdef.exe and dll file that causes it. I used a freeware program called Unlocker that let me delete without having to restart or go into safe mode.