Jag7799 Posted January 26, 2009 Report Share Posted January 26, 2009 Hi, this is broken into sections. Any help with this would be very much appreciated!Hi.I had to reset my computer yesterday by holding the power button in.Since then, Utorrent hasn't worked.When I click to start the program, it loads into my processes in task manager, but the program itself never actually starts.Also, I can't end the process. It just stays there even when I do.I found some threads on the net that said Norton might cause this, so I removed norton completely from my system, and the next time I restarted, it worked.However, every time since then, it's gone back and done the same as above - Started in processes, but not the actual program.Any help would be much appreciated. This is driving me insane!---------------------------Another thing to consider.Every so often, the program loads, but when it goes to check the data on the torrents that have some already downloaded, it only checks one of the 10 or so torrents and the 'checking' gets to around 34% and then just stops. If I then close utorrent, it stays in processes as before.-------------More information. I rolled back to a system restore point to see if this would fix it. The program now loads every time(I think), and does the same thing where it checks the one file. If I then try to force start a file, the program goes to 'not responding'------------Here is Hijackthis: It was run when the program was running and responding and the checking on the one file got to 41% before it just stopped checking moreLogfile of HijackThis v1.99.1Scan saved at 5:40:20 PM, on 26/01/2009Platform: Unknown Windows (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16764)Running processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\RtHDVCpl.exeC:\Acer\Empowering Technology\SysMonitor.exeC:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Windows\System32\rundll32.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeC:\Windows\System32\mobsync.exeC:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exeC:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXEC:\Acer\Empowering Technology\eRecovery\ERAGENT.EXEC:\Windows\ehome\ehmsas.exeC:\Windows\system32\taskeng.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://au.rd.yahoo.com/customize/ycomp/ … .yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.au.acer.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ycomp/ … .yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO1 - Hosts: ::1 localhostO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: gksraemq - {879969F9-CDF3-4846-BE1F-89A9E43FF30F} - C:\Windows\gksraemq.dll (file missing)O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exeO4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeO4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exeO4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /autoO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Empowering Technology Launcher.lnk = ?O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dllO11 - Options group: [iNTERNATIONAL] International*O13 - Gopher Prefix:O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Fac … oader5.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLLO18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dllO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLLO18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLLO20 - AppInit_DLLs: avgrsstx.dllO20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dllO23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exeO23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exeO23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exeO23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)O23 - Service: SPM License Server (spmd) - mental images GmbH - C:\spm\spmd.exeO23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)------------------------------This is done with the program not responding.Logfile of HijackThis v1.99.1Scan saved at 5:50:45 PM, on 26/01/2009Platform: Unknown Windows (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16764)Running processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\RtHDVCpl.exeC:\Acer\Empowering Technology\SysMonitor.exeC:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Windows\System32\rundll32.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\System32\mobsync.exeC:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exeC:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXEC:\Acer\Empowering Technology\eRecovery\ERAGENT.EXEC:\Windows\ehome\ehmsas.exeC:\Windows\system32\taskeng.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\notepad.exeC:\Windows\explorer.exeC:\Program Files\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://au.rd.yahoo.com/customize/ycomp/ … .yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.au.acer.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://au.rd.yahoo.com/customize/ycomp/ … .yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO1 - Hosts: ::1 localhostO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: gksraemq - {879969F9-CDF3-4846-BE1F-89A9E43FF30F} - C:\Windows\gksraemq.dll (file missing)O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exeO4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeO4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exeO4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /autoO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Empowering Technology Launcher.lnk = ?O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dllO11 - Options group: [iNTERNATIONAL] International*O13 - Gopher Prefix:O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Fac … oader5.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLLO18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dllO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLLO18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLLO20 - AppInit_DLLs: avgrsstx.dllO20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dllO23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exeO23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exeO23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exeO23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)O23 - Service: SPM License Server (spmd) - mental images GmbH - C:\spm\spmd.exeO23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) Link to comment Share on other sites More sharing options...
moogly Posted January 26, 2009 Report Share Posted January 26, 2009 Can you complete with Process Explorer log please ?Guide: http://forum.utorrent.com/viewtopic.php?id=29748DONT forget to select utorrent.exe and enable DLL mode (ctrl+d) in PE. Link to comment Share on other sites More sharing options...
2roti Posted January 26, 2009 Report Share Posted January 26, 2009 i have the samme issue here...but my utorrent only loads on the process list, not actualy open , gui interface never appear.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:09:36 PM, on 1/26/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\csrss.exeC:\Windows\system32\csrss.exeC:\Windows\system32\wininit.exeC:\Windows\system32\winlogon.exeC:\Windows\system32\services.exeC:\Windows\system32\lsass.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\system32\Ati2evxx.exeC:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\system32\svchost.exeC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exeC:\Windows\system32\Ati2evxx.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exeC:\Windows\system32\taskeng.exeC:\Windows\SMINST\scheduler.exeC:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Hp\HP Software Update\hpwuSchd2.exeC:\Windows\FixCamera.exeC:\Windows\tsnp2std.exeC:\Windows\vsnp2std.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Windows\system32\agrsmsvc.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Windows\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Windows\system32\IoctlSvc.exeC:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Hewlett-Packard\Shared\HpqToaster.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\taskeng.exeC:\Program Files\PC Connectivity Solution\ServiceLayer.exec:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Windows\system32\wuauclt.exeC:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exeC:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exeC:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exeC:\Program Files\Mozilla Thunderbird\thunderbird.exeC:\Windows\Explorer.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\Windows\system32\svchost.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\Program Files\Windows Media Player\wmplayer.exeC:\Program Files\uTorrent\uTorrent.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Windows\system32\wbem\wmiprvse.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cool-digitv.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_RO&c=74&bd=smb&pf=laptopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.roR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.roR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_RO&c=74&bd=smb&pf=laptopR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.roR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cool-tv.netR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.roR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.roR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhostO2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dllO4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /StartO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exeO4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exeO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exeO4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exeO4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exeO4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\launcher.exeO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [Google Update] "C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytrayO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -schedulerO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')O4 - Global Startup: Bluetooth.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLLO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cabO16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{3E19D03B-ECD6-4F77-A8D9-11F75E583A4F}: NameServer = 85.255.112.118;85.255.112.218O17 - HKLM\System\CCS\Services\Tcpip\..\{5C0629C8-01B0-4266-B81C-45BEA029BB11}: NameServer = 85.255.112.118;85.255.112.218O17 - HKLM\System\CCS\Services\Tcpip\..\{A087945D-E3A6-43D9-B190-C55F825A7DF8}: NameServer = 85.255.112.118;85.255.112.218O17 - HKLM\System\CCS\Services\Tcpip\..\{A7AAC8E5-778D-4847-BB5D-5F5970929122}: NameServer = 85.255.112.118;85.255.112.218O17 - HKLM\System\CCS\Services\Tcpip\..\{C68749AF-185A-4FFF-B9B7-01882B6C1466}: NameServer = 85.255.112.118;85.255.112.218O17 - HKLM\System\CS1\Services\Tcpip\..\{3E19D03B-ECD6-4F77-A8D9-11F75E583A4F}: NameServer = 85.255.112.118;85.255.112.218O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLLO20 - Winlogon Notify: DeviceNP - C:\Windows\SYSTEM32\DeviceNP.dllO23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exeO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exeO23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exeO23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeO23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exeO23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeO23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdevx.exe--End of file - 13444 bytes++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Process PID CPU Description Company NameSystem Idle Process 0 96.82 Interrupts n/a 0.77 Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 csrss.exe 640 Client Server Runtime Process Microsoft Corporationcsrss.exe 696 1.55 Client Server Runtime Process Microsoft Corporationwininit.exe 704 Windows Start-Up Application Microsoft Corporation services.exe 780 Services and Controller app Microsoft Corporation svchost.exe 956 Host Process for Windows Services Microsoft Corporation WmiPrvSE.exe 380 WMI Provider Host Microsoft Corporation HpqToaster.exe 2440 HpqToaster Module unsecapp.exe 2804 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation svchost.exe 1016 Host Process for Windows Services Microsoft Corporation svchost.exe 1072 Host Process for Windows Services Microsoft Corporation Ati2evxx.exe 1144 ATI External Event Utility EXE Module ATI Technologies Inc. Ati2evxx.exe 1640 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 1168 Host Process for Windows Services Microsoft Corporation audiodg.exe 1336 Windows Audio Device Graph Isolation Microsoft Corporation svchost.exe 1204 Host Process for Windows Services Microsoft Corporation dwm.exe 1884 0.77 Desktop Window Manager Microsoft Corporation svchost.exe 1224 Host Process for Windows Services Microsoft Corporation taskeng.exe 1452 Task Scheduler Engine Microsoft Corporation taskeng.exe 4088 Task Scheduler Engine Microsoft Corporation wuauclt.exe 5764 Windows Update Automatic Updates Microsoft Corporation SLsvc.exe 1380 Microsoft Software Licensing Service Microsoft Corporation svchost.exe 1432 Host Process for Windows Services Microsoft Corporation svchost.exe 1960 Host Process for Windows Services Microsoft Corporation ccSvcHst.exe 352 Symantec Service Framework Symantec Corporation AppSvc32.exe 616 Symantec Application Core Service Symantec Corporation spoolsv.exe 1516 Spooler SubSystem App Microsoft Corporation svchost.exe 1608 Host Process for Windows Services Microsoft Corporation agrsmsvc.exe 3140 Agere Soft Modem Call Progress Service Agere Systems AluSchedulerSvc.exe 3176 Automatic LiveUpdate Scheduler Service Symantec Corporation svchost.exe 3228 Host Process for Windows Services Microsoft Corporation ccSvcHst.exe 3248 Symantec Service Framework Symantec Corporation LSSrvc.exe 3304 Hewlett-Packard Company IoctlSvc.exe 3492 PLFlash DeviceIoControl Service Prolific Technology Inc. svchost.exe 3516 Host Process for Windows Services Microsoft Corporation svchost.exe 3540 Host Process for Windows Services Microsoft Corporation svchost.exe 3588 Host Process for Windows Services Microsoft Corporation SearchIndexer.exe 3688 Microsoft Windows Search Indexer Microsoft Corporation SearchProtocolHost.exe 4708 Microsoft Windows Search Protocol Host Microsoft Corporation SearchFilterHost.exe 2012 Microsoft Windows Search Filter Host Microsoft Corporation hpqwmiex.exe 3776 hpqwmiex Module Hewlett-Packard Development Company, L.P. ServiceLayer.exe 2160 ServiceLayer Module Nokia. NclUSBSrv.exe 5676 NclUSBSrv Application NclRSSrv.exe 1940 NclRSSrv Application NclMSBTSrv.exe 4332 MSBTSrv Application HPHC_Service.exe 4932 HP Health Check Service Hewlett-Packard symlcsvc.exe 3648 svchost.exe 580 Host Process for Windows Services Microsoft Corporation lsass.exe 792 Local Security Authority Process Microsoft Corporation lsm.exe 804 Local Session Manager Service Microsoft Corporationwinlogon.exe 744 Windows Logon Application Microsoft Corporation explorer.exe 3840 Windows Explorer Microsoft Corporation firefox.exe 5664 Firefox Mozilla Corporation wmplayer.exe 3392 0.77 Windows Media Player Microsoft Corporation explorer.exe 5300 Windows Explorer Microsoft Corporation procexp.exe 4140 Sysinternals Process Explorer Sysinternals - www.sysinternals.com uTorrent.exe 5068 µTorrent BitTorrent, Inc. uTorrent.exe 5820 µTorrent BitTorrent, Inc.Scheduler.exe 2240 Scheduler pthosttr.exe 2368 HP ProtectTools Security Manager Hewlett-Packard Development Company, L.P.SynTPEnh.exe 2412 Synaptics TouchPad Enhancements Synaptics, Inc.HPWAMain.exe 2444 HPWAMain Module Hewlett-Packard Development Company, L.P.WiFiMsg.exe 2608 Module to process WiFi messages. Hewlett-Packard Development Company, L.P.ccApp.exe 2628 Symantec User Session Symantec Corporationjusched.exe 2636 Java Platform SE binary Sun Microsystems, Inc.QLBCTRL.exe 2644 Quick Launch Buttons Hewlett-Packard Development Company, L.P.smax4pnp.exe 2652 SMax4PNP Analog Devices, Inc.hpwuSchd2.exe 2696 hpwuSchd Application Hewlett-PackardFixCamera.exe 2836 CameraFixer MFC Application tsnp2std.exe 2852 tsnp2std Microsoft SONIXvsnp2std.exe 2860 CameraMonitor Application SonixGrooveMonitor.exe 2876 GrooveMonitor Utility Microsoft CorporationGoogleUpdate.exe 2908 Google Installer Google Inc.PCSuite.exe 2928 Nokia Launch Application NokiaBTTray.exe 2952 Bluetooth Tray Application Broadcom Corporation.thunderbird.exe 5680 Mozilla Thunderbird Mozilla CorporationYmsgr_tray.exe 2352 Yahoo! Messenger Tray Yahoo! Inc.HijackThis.exe 2388 HijackThis Trend Micro Inc. notepad.exe 5204 Notepad Microsoft Corporation+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++14153-utorrent.f36d.dmp - 0.37MBhere u go now..thanks for help Link to comment Share on other sites More sharing options...
Jag7799 Posted January 26, 2009 Author Report Share Posted January 26, 2009 I tried doing this with process explorer, and when I went to save the text file, it locks process explorer.Any idea's? Link to comment Share on other sites More sharing options...
moogly Posted January 26, 2009 Report Share Posted January 26, 2009 @Jag7799: did you try to display the log and copy the contents without saving on your HD ?@2roti: you did'nt select utorrent.exe in Process Explorer. Link to comment Share on other sites More sharing options...
2roti Posted January 26, 2009 Report Share Posted January 26, 2009 sorry, i miss thathere it is with utorrent Process PID CPU Description Company NameSystem Idle Process 0 91.32 Interrupts n/a 0.75 Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 csrss.exe 640 Client Server Runtime Process Microsoft Corporationcsrss.exe 696 Client Server Runtime Process Microsoft Corporationwininit.exe 704 Windows Start-Up Application Microsoft Corporation services.exe 780 Services and Controller app Microsoft Corporation svchost.exe 956 Host Process for Windows Services Microsoft Corporation WmiPrvSE.exe 380 WMI Provider Host Microsoft Corporation HpqToaster.exe 2440 HpqToaster Module unsecapp.exe 2804 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation dllhost.exe 4620 3.74 COM Surrogate Microsoft Corporation svchost.exe 1016 Host Process for Windows Services Microsoft Corporation svchost.exe 1072 Host Process for Windows Services Microsoft Corporation Ati2evxx.exe 1144 ATI External Event Utility EXE Module ATI Technologies Inc. Ati2evxx.exe 1640 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 1168 Host Process for Windows Services Microsoft Corporation audiodg.exe 1336 Windows Audio Device Graph Isolation Microsoft Corporation svchost.exe 1204 Host Process for Windows Services Microsoft Corporation dwm.exe 1884 0.75 Desktop Window Manager Microsoft Corporation svchost.exe 1224 0.75 Host Process for Windows Services Microsoft Corporation taskeng.exe 1452 Task Scheduler Engine Microsoft Corporation Navw32.exe 5060 Norton AntiVirus Scanner Module Symantec Corporation taskeng.exe 4088 Task Scheduler Engine Microsoft Corporation wuauclt.exe 5764 Windows Update Automatic Updates Microsoft Corporation SLsvc.exe 1380 Microsoft Software Licensing Service Microsoft Corporation svchost.exe 1432 Host Process for Windows Services Microsoft Corporation svchost.exe 1960 Host Process for Windows Services Microsoft Corporation ccSvcHst.exe 352 Symantec Service Framework Symantec Corporation AppSvc32.exe 616 Symantec Application Core Service Symantec Corporation spoolsv.exe 1516 Spooler SubSystem App Microsoft Corporation svchost.exe 1608 Host Process for Windows Services Microsoft Corporation agrsmsvc.exe 3140 Agere Soft Modem Call Progress Service Agere Systems AluSchedulerSvc.exe 3176 Automatic LiveUpdate Scheduler Service Symantec Corporation svchost.exe 3228 Host Process for Windows Services Microsoft Corporation ccSvcHst.exe 3248 Symantec Service Framework Symantec Corporation LSSrvc.exe 3304 Hewlett-Packard Company IoctlSvc.exe 3492 PLFlash DeviceIoControl Service Prolific Technology Inc. svchost.exe 3516 Host Process for Windows Services Microsoft Corporation svchost.exe 3540 Host Process for Windows Services Microsoft Corporation svchost.exe 3588 Host Process for Windows Services Microsoft Corporation SearchIndexer.exe 3688 Microsoft Windows Search Indexer Microsoft Corporation SearchProtocolHost.exe 4696 Microsoft Windows Search Protocol Host Microsoft Corporation SearchFilterHost.exe 2464 Microsoft Windows Search Filter Host Microsoft Corporation hpqwmiex.exe 3776 hpqwmiex Module Hewlett-Packard Development Company, L.P. ServiceLayer.exe 2160 ServiceLayer Module Nokia. NclUSBSrv.exe 5676 NclUSBSrv Application NclRSSrv.exe 1940 NclRSSrv Application NclMSBTSrv.exe 4332 MSBTSrv Application HPHC_Service.exe 4932 HP Health Check Service Hewlett-Packard symlcsvc.exe 3648 svchost.exe 580 Host Process for Windows Services Microsoft Corporation lsass.exe 792 Local Security Authority Process Microsoft Corporation lsm.exe 804 Local Session Manager Service Microsoft Corporationwinlogon.exe 744 Windows Logon Application Microsoft Corporation explorer.exe 3840 Windows Explorer Microsoft Corporation firefox.exe 5664 Firefox Mozilla Corporation wmplayer.exe 3392 Windows Media Player Microsoft Corporation explorer.exe 4612 Windows Explorer Microsoft Corporation procexp.exe 5700 2.99 Sysinternals Process Explorer Sysinternals - www.sysinternals.com uTorrent.exe 5068 µTorrent BitTorrent, Inc. uTorrent.exe 5820 µTorrent BitTorrent, Inc.Scheduler.exe 2240 Scheduler pthosttr.exe 2368 HP ProtectTools Security Manager Hewlett-Packard Development Company, L.P.SynTPEnh.exe 2412 Synaptics TouchPad Enhancements Synaptics, Inc.HPWAMain.exe 2444 HPWAMain Module Hewlett-Packard Development Company, L.P.WiFiMsg.exe 2608 Module to process WiFi messages. Hewlett-Packard Development Company, L.P.ccApp.exe 2628 Symantec User Session Symantec Corporationjusched.exe 2636 Java Platform SE binary Sun Microsystems, Inc.QLBCTRL.exe 2644 Quick Launch Buttons Hewlett-Packard Development Company, L.P.smax4pnp.exe 2652 SMax4PNP Analog Devices, Inc.hpwuSchd2.exe 2696 hpwuSchd Application Hewlett-Packardtsnp2std.exe 2852 tsnp2std Microsoft SONIXvsnp2std.exe 2860 CameraMonitor Application SonixGrooveMonitor.exe 2876 GrooveMonitor Utility Microsoft CorporationGoogleUpdate.exe 2908 Google Installer Google Inc.PCSuite.exe 2928 Nokia Launch Application NokiaBTTray.exe 2952 Bluetooth Tray Application Broadcom Corporation.thunderbird.exe 5680 Mozilla Thunderbird Mozilla CorporationYmsgr_tray.exe 2352 Yahoo! Messenger Tray Yahoo! Inc.iexplore.exe 2460 Internet Explorer Microsoft CorporationProcess: uTorrent.exe Pid: 5068Name Description Company Name VersionADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.00.6001.18000advapi32.dll.mui Advanced Windows 32 Base API Microsoft Corporation 6.00.6001.18000apphelp.dll Application Compatibility Client Library Microsoft Corporation 6.00.6001.18000apphelp.dll.mui Application Compatibility Client Library Microsoft Corporation 6.00.6000.16386ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000atl.dll.mui ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000btmmhook.dll Multimedia Keys Hook DLL Broadcom Corporation. 6.00.0001.4900CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000comctl32.dll.mui User Experience Controls Library Microsoft Corporation 6.10.6001.18000comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.6001.18000comdlg32.dll.mui Common Dialogs DLL Microsoft Corporation 6.00.6000.16386DBGHELP.DLL Windows Image Helper Microsoft Corporation 6.00.6001.18000dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.00.6001.18000dhcpcsvc.dll.mui DHCP Client Service Microsoft Corporation 6.00.6000.16386dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.00.6001.18000dhcpcsvc6.dll.mui DHCPv6 Client Microsoft Corporation 6.00.6000.16386DNSAPI.dll DNS Client API DLL Microsoft Corporation 6.00.6001.18000dnsapi.dll.mui DNS Client API DLL Microsoft Corporation 6.00.6000.16386DUser.dll Windows DirectUser Engine Microsoft Corporation 6.00.6001.18000duser.dll.mui Windows DirectUser Engine Microsoft Corporation 6.00.6000.16386FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.00.6001.18000FirewallAPI.dll.mui Windows Firewall API Microsoft Corporation 6.00.6001.18000GDI32.dll GDI Client DLL Microsoft Corporation 6.00.6001.18023GPAPI.dll Group Policy Client API Microsoft Corporation 6.00.6001.18000gpapi.dll.mui Group Policy Client API Microsoft Corporation 6.00.6000.16386hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 6.00.6001.18000hnetcfg.dll.mui Home Networking Configuration Manager Microsoft Corporation 6.00.6000.16386iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6001.18148imageres.dll Windows Image Resource Microsoft Corporation 6.00.6000.16386imageres.dll.mui Windows Image Resource Microsoft Corporation 6.00.6000.16386IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.00.6001.18000iphlpapi.dll IP Helper API Microsoft Corporation 6.00.6001.18000iphlpapi.dll.mui IP Helper API Microsoft Corporation 6.00.6000.16386kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.00.6001.18000kernel32.dll.mui Windows NT BASE API Client DLL Microsoft Corporation 6.00.6001.18000locale.nls locale.nls LPK.DLL Language Pack Microsoft Corporation 6.00.6001.18000MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.00.6001.18000msctf.dll.mui MSCTF Server DLL Microsoft Corporation 6.00.6000.16386msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.6001.18000mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.00.6001.18000mswsock.dll.mui Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.00.6000.16386msxml3.dll MSXML 3.0 SP10 Microsoft Corporation 8.100.1048.0000msxml3r.dll XML Resources Microsoft Corporation 8.20.8730.0001Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.00.6000.16386NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.00.6001.18000ntdll.dll NT Layer DLL Microsoft Corporation 6.00.6001.18000ntdll.dll.mui NT Layer DLL Microsoft Corporation 6.00.6001.18000ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.00.6001.18000ole32.dll.mui Microsoft OLE for Windows Microsoft Corporation 6.00.6000.16386OLEAUT32.dll Microsoft Corporation 6.00.6001.18000PROPSYS.dll Microsoft Property System Microsoft Corporation 7.00.6001.16503propsys.dll.mui Microsoft Property System Microsoft Corporation 7.00.6001.16503psapi.dll Process Status Helper Microsoft Corporation 6.00.6000.16386R00000000000a.clb RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.00.6001.18051rpcrt4.dll.mui Remote Procedure Call Runtime Microsoft Corporation 6.00.6001.18000rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.00.6001.18000Secur32.dll Security Support Provider Interface Microsoft Corporation 6.00.6001.18000SETUPAPI.dll Windows Setup API Microsoft Corporation 6.00.6001.18000setupapi.dll.mui Windows Setup API Microsoft Corporation 6.00.6001.18000SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.6001.18062shell32.dll.mui Windows Shell Common Dll Microsoft Corporation 6.00.6001.18000shfolder.dll Shell Folder Service Microsoft Corporation 6.00.6000.16386SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.6001.18000shlwapi.dll.mui Shell Light-weight Utility Library Microsoft Corporation 6.00.6000.16386slc.dll Software Licensing Client Dll Microsoft Corporation 6.00.6001.18000SLC.dll.mui Software Licensing Client Dll Microsoft Corporation 6.00.6001.18000SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.00.6000.16386SXS.DLL Fusion 2.5 Microsoft Corporation 6.00.6001.18000sxs.dll.mui Fusion 2.5 Microsoft Corporation 6.00.6000.16386upnp.dll UPnP Control Point API Microsoft Corporation 6.00.6001.18000upnp.dll.mui UPnP Control Point API Microsoft Corporation 6.00.6000.16386urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.00.6001.18148urlmon.dll.mui OLE32 Extensions for Win32 Microsoft Corporation 7.00.6001.18000USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000user32.dll.mui Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000USERENV.dll Userenv Microsoft Corporation 6.00.6001.18000userenv.dll.mui Userenv Microsoft Corporation 6.00.6000.16386USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0002.14153uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.6001.18000uxtheme.dll.mui Microsoft UxTheme Library Microsoft Corporation 6.00.6000.16386VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.00.6001.18000WINHTTP.dll Windows HTTP Services Microsoft Corporation 6.00.6001.18000winhttp.dll.mui Windows HTTP Services Microsoft Corporation 6.00.6000.16386WININET.dll Internet Extensions for Win32 Microsoft Corporation 7.00.6001.18148wininet.dll.mui Internet Extensions for Win32 Microsoft Corporation 7.00.6000.16386WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.00.6001.18000WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.00.6001.18000ws2_32.dll.mui Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.00.6000.16386wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.00.6001.18000wship6.dll.mui Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.00.6000.16386wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.00.6001.18000wshtcpip.dll.mui Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.00.6000.16386edit begin here i have try to unistall/install the utorrent, now a bigger issue, after installing, if i click on the shortcut, its open installation wizard.try to open from "installation" path, meaning c:\program etc etc\utorrent and here i have only the installation *.exe.in the meantime, i have install another torrent client not utorrent and its working, but i will try to fix my preffered, utorrent Link to comment Share on other sites More sharing options...
Jag7799 Posted January 28, 2009 Author Report Share Posted January 28, 2009 I'm not sure which information from process explorer to get? (Since I can't save a log)Can someone point this out? ThanksAnother development:If I delete all torrents and data and download them from start to finish, they work fine.If I however restart and they need to check how much has been downloaded, it goes on 1 torrent up to about 34% and then stops checking. At this point I can still delete them and restart the torrents, but if I try to say... 'force start' something, it freezes Link to comment Share on other sites More sharing options...
DreadWingKnight Posted January 28, 2009 Report Share Posted January 28, 2009 I'd check for disk damage at that point jag Link to comment Share on other sites More sharing options...
Jag7799 Posted January 29, 2009 Author Report Share Posted January 29, 2009 what's the best thing to use to check for disk damage?It's been a long while since I've done this sort of thingThanks very much! Link to comment Share on other sites More sharing options...
moogly Posted January 29, 2009 Report Share Posted January 29, 2009 @2roti:There is this DLL injected in uT:btmmhook.dll Multimedia Keys Hook DLL Broadcom Corporation. 6.00.0001.4900What is it ? Relative to network card or Bluetooth ?In addition did you set correctly various modules of Symantec to allow uTorrent ? Link to comment Share on other sites More sharing options...
DreadWingKnight Posted January 29, 2009 Report Share Posted January 29, 2009 properties of the drive, tools tab, check for errors there. Link to comment Share on other sites More sharing options...
2roti Posted February 12, 2009 Report Share Posted February 12, 2009 @moogly that file is for my bluetooth adaptor, it is a laptop the comp that i use and have this trouble.Symantec it is only antivirus, and never changed anything on it. For now i user torrent client only on my desktop, and it's ok.tks Link to comment Share on other sites More sharing options...
Jag7799 Posted February 12, 2009 Author Report Share Posted February 12, 2009 I found the error.It said disk overloaded 100%I had to download new drive software and it worked.Thanks for the help Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.