paali Posted August 25, 2008 Report Share Posted August 25, 2008 Hi. I've been using uTorrent for a while, but in the last couple of months it's started freezing almost immediately. There is no response whatsoever, and I have to close the application. But what's more irritating is that the process won't go away. I've tried process killer to end the process, but with no success. So if I try to run the program again it won't run, instead gives me a message that "uTorrent is already running". So I just end up restarting. I'm running version 1.8 now, but I had the same problem with 1.77 as well. Also I'm using XP Home. If you need more information just ask!I'd be very happy if someone could help me with this problem! Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 25, 2008 Report Share Posted August 25, 2008 Post a hijackthis log please. Link to comment Share on other sites More sharing options...
Switeck Posted August 25, 2008 Report Share Posted August 25, 2008 Process Explorer can probably kill uTorrent...and tell you what's making it "stick" too!...But it sounds like hostile malware on your computer. Link to comment Share on other sites More sharing options...
paali Posted August 27, 2008 Author Report Share Posted August 27, 2008 Process Explorer could not kill the process. I think what's making it stick is a bad driver for my wireless networking card. But since uTorrent is the only program that gets messed up I don't get it to fit. I'm very sure I have no malware. I've scanned my computer with Ad-Aware, Spybot and Windows Defender and nothing.Here is the log, including a list of dll's belonging to the process. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 18:19:40, on 27.08.2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\Norman\Npm\bin\ELOGSVC.EXEC:\Norman\Ngs\bin\NPROSEC.EXEC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Programfiler\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Norman\Npm\Bin\Zanda.exeC:\Norman\npm\bin\nvoy.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Norman\npf\bin\npfsvc32.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\3Com_DMI\3CDMINIC.EXEC:\Programfiler\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exeC:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exeC:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exeC:\Programfiler\Ashampoo\Ashampoo Magical Defrag\bin\defragActivityMonitor.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\MsPMSPSv.exeC:\Programfiler\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exeC:\Norman\Npm\bin\NVCSCHED.EXEC:\Norman\Npm\bin\NJEEVES.EXEC:\Norman\nse\bin\NSESVC.EXEC:\WINDOWS\System32\alg.exeC:\Programfiler\Creative\SBAudigy2\Surround Mixer\CTSysVol.exeC:\PROGRA~1\Labtec\LABTEC~1\Keyboard.exeC:\Programfiler\A4Tech\Mouse\Amoumain.exeC:\Norman\Npm\Bin\ZLH.EXEC:\Programfiler\Java\jre1.6.0_05\bin\jusched.exeC:\Programfiler\NETGEAR\WG311TSU\Utility\Gear311T.exeC:\WINDOWS\system32\ctfmon.exeC:\Programfiler\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exeC:\Programfiler\Launchy\Launchy.exeC:\Norman\Nvc\bin\nvcoas.exeC:\Norman\Nvc\Bin\Nip.exeC:\Norman\Nvc\Bin\cclaw.exeC:\Programfiler\Internet Explorer\iexplore.exeC:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exeC:\Programfiler\Internet Explorer\iexplore.exeC:\Programfiler\uTorrent\uTorrent.exeC:\Norman\npf\bin\npfuser.exeC:\Programfiler\Internet Explorer\iexplore.exeC:\Programfiler\Trend Micro\HijackThis\HijackThis.exeC:\WINDOWS\system32\wbem\wmiprvse.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://studentportal.uib.no/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = KoblingerO2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Programfiler\IEPro\iepro.dllO2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programfiler\TechSmith\SnagIt 7\SnagItBHO.dllO2 - BHO: SearchGT - {684B7DF7-51DE-4852-ACF8-7BA3934D9BD1} - C:\Programfiler\SearchGT\SearchGTShell.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programfiler\Free Download Manager\iefdm2.dllO3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programfiler\TechSmith\SnagIt 7\SnagItIEAddin.dllO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [CTSysVol] C:\Programfiler\Creative\SBAudigy2\Surround Mixer\CTSysVol.exeO4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLLO4 - HKLM\..\Run: [sBDrvDet] C:\Programfiler\Creative\SB Drive Det\SBDrvDet.exe /rO4 - HKLM\..\Run: [KeyBoard] C:\PROGRA~1\Labtec\LABTEC~1\Keyboard.exeO4 - HKLM\..\Run: [WheelMouse] C:\Programfiler\A4Tech\Mouse\Amoumain.exeO4 - HKLM\..\Run: [Norman ZANDA] "C:\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASHO4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [OM_Monitor] C:\Programfiler\OLYMPUS\OLYMPUS Master\FirstStart.exeO4 - HKLM\..\Run: [AS00_Gear311T] C:\Programfiler\NETGEAR\WG311TSU\Utility\Gear311T.exe -hideO4 - HKCU\..\Run: [OM_Monitor] C:\Programfiler\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStartO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')O4 - Global Startup: Ashampoo Magical Defrag.lnk = C:\Programfiler\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exeO4 - Global Startup: AutorunsDisabledO4 - Global Startup: Launchy.lnk = C:\Programfiler\Launchy\Launchy.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programfiler\Free Download Manager\dlall.htmO8 - Extra context menu item: Download video with Free Download Manager - file://C:\Programfiler\Free Download Manager\dlfvideo.htmO8 - Extra context menu item: Download with Free Download Manager - file://C:\Programfiler\Free Download Manager\dllink.htmO8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - AutorunsDisabled - (no file)O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programfiler\IEPro\iepro.dllO9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programfiler\IEPro\iepro.dllO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programfiler\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programfiler\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dllO15 - Trusted Zone: http://www.cdon.comO15 - Trusted Zone: *.cdon.noO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188304756265O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188304741656O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLLO23 - Service: 3Com DMI Agent (3ComDMIService) - 3Com Corporation - C:\WINDOWS\system32\3Com_DMI\3CDMINIC.EXEO23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exeO23 - Service: AshampooDefragService - - C:\Programfiler\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exeO23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXEO23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Programfiler\Hotspot Shield\bin\openvpnas.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXEO23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exeO23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Norman\npf\bin\npfsvc32.exeO23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Norman\Ngs\bin\NPROSEC.EXEO23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXEO23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exeO23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Npm\bin\NVCSCHED.EXEO23 - Service: Norman's Very Own supplY of resources (NVOY) - Norman ASA - C:\Norman\npm\bin\nvoy.exeO23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Programfiler\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe--End of file - 10412 bytesDLLs loaded by process C:\Programfiler\uTorrent\uTorrent.exe:[full path to filename] [file version] [company name]C:\WINDOWS\system32\ntdll.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\kernel32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\RPCRT4.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\Secur32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll 6.0.2900.5512 Microsoft CorporationC:\WINDOWS\system32\msvcrt.dll 7.0.2600.5512 Microsoft CorporationC:\WINDOWS\system32\GDI32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\USER32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\SHLWAPI.dll 6.0.2900.5512 Microsoft CorporationC:\WINDOWS\system32\comdlg32.dll 6.0.2900.5512 Microsoft CorporationC:\WINDOWS\system32\SHELL32.dll 6.0.2900.5512 Microsoft CorporationC:\WINDOWS\system32\WS2_32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\WS2HELP.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\LPK.DLL 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\USP10.dll 1.420.2600.5512 Microsoft CorporationC:\Norman\nvc\bin\Niphk.dll 7.10.0.1 Norman ASAC:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\ole32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\NTMARTA.DLL 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\SAMLIB.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\WLDAP32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\shfolder.dll 6.0.2900.5512 Microsoft CorporationC:\WINDOWS\system32\MSCTF.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\UxTheme.dll 6.0.2900.5512 Microsoft CorporationC:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.700 Microsoft CorporationC:\WINDOWS\system32\COMRes.dll 2001.12.4414.700 Microsoft CorporationC:\WINDOWS\system32\VERSION.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\hnetcfg.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\mswsock.dll 5.1.2600.5625 Microsoft CorporationC:\WINDOWS\System32\wshtcpip.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\Iphlpapi.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\MPRAPI.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\ACTIVEDS.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\adsldpc.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\NETAPI32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\ATL.DLL 3.5.2284.1 Microsoft CorporationC:\WINDOWS\system32\rtutils.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\xpsp2res.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\netshell.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\credui.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\dot3api.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\dot3dlg.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\OneX.DLL 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\WTSAPI32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\WINSTA.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\CRYPT32.dll 5.131.2600.5512 Microsoft CorporationC:\WINDOWS\system32\MSASN1.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\eappcfg.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\System32\MSVCP60.dll 6.2.3104.0 Microsoft CorporationC:\WINDOWS\System32\eappprxy.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\DNSAPI.dll 5.1.2600.5625 Microsoft CorporationC:\WINDOWS\system32\rasadhlp.dll 5.1.2600.5512 Microsoft CorporationC:\Norman\npm\bin\nrplib.dll 7.0.9.0 Norman ASAC:\WINDOWS\system32\WSOCK32.dll 5.1.2600.5512 Microsoft CorporationC:\WINDOWS\system32\Amhooker.dll 7.72.0.0 A4Tech Co.,Ltd. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 27, 2008 Report Share Posted August 27, 2008 Norman antivirus injecting itself into uT isn't good either, but updating your network card drivers IS important too. Link to comment Share on other sites More sharing options...
paali Posted August 27, 2008 Author Report Share Posted August 27, 2008 I've tried updating my network card driver, but that just made my whole system unstable. But you mean it's Norman that's causing the problem? Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 27, 2008 Report Share Posted August 27, 2008 I would not be surprised. You can test by at least temporarily uninstalling. Link to comment Share on other sites More sharing options...
Firon Posted August 28, 2008 Report Share Posted August 28, 2008 And if it makes no difference (make sure to reboot after uninstalling), you can just install it again. Link to comment Share on other sites More sharing options...
Kayi Khan Posted September 4, 2008 Report Share Posted September 4, 2008 I have started experiencing the same problem with freezing uTorrent - I suspected SpyBot and Adaware being the reason so I tried uninstalling these.It looked a bit more stable in the beginning but then it froze again. Link to comment Share on other sites More sharing options...
Mondriaan Posted September 5, 2008 Report Share Posted September 5, 2008 I've just installed a test version of norman on my pc it crashes utorrent, i removed norman and installed another security suite, now the problem is over Link to comment Share on other sites More sharing options...
paali Posted September 11, 2008 Author Report Share Posted September 11, 2008 I eventually uninstalled Norman and it worked with no problem. It's worth to notice that this bug is with Norman Security Suite, not their norman antivirus and firewall. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.