utorrent help needed!!!

nadz-s · May 12, 2009

when i first open utorrent it works fine but when i come back to check on the progress of my downloads i cant open it again from the tray. when i go to task manager to end the process there are 2 utorrent files in the processes and only one of them will close when i click on end process or end process tree, this also stops me from re-opening utorrent as i get the message that it is already running. i had version 1.8.3 beta but tried to uninstall that and install v1.8.2 but i still get the same problem.

will someone please give me help and advice on how to correct this problem

moogly · May 12, 2009

Post Hijackthis and Process Explorer log when uT is running.

Don't forget to select utorrent.exe and enable DLL mode (ctrl+d) in PE.

Guide: http://forum.utorrent.com/viewtopic.php?id=29748

There is surely a process injected into uT.

nadz-s · May 12, 2009

HIJACK THIS

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:41:43, on 12/05/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18226)

Boot mode: Normal

Running processes:

C:\Program Files\uTorrent\uTorrent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe

C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\taskmgr.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {9D3A47E5-623F-C7EE-7B6C-121D79E534B1} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode

O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup

O4 - HKLM\..\Run: [CCUTRAYICON] "C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB5; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.premierleague.com/page/VirtualReplay2"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-423385528-2537745124-2120478297-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O13 - Gopher Prefix:

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe

O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Intel® DHTrace Controller (DHTRACE) - Intel® Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe

O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Intel® NMSCore (NMSCore) - Intel® Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe

O23 - Service: Intel® Quality Manager (QualityManager) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe

O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--

End of file - 13914 bytes

PROCESS EXPLORER

Process PID CPU Description Company Name

System Idle Process 0 97.69

Interrupts n/a Hardware Interrupts

DPCs n/a 0.78 Deferred Procedure Calls

System 4

smss.exe 500 Windows Session Manager Microsoft Corporation

csrss.exe 572 Client Server Runtime Process Microsoft Corporation

wininit.exe 632 Windows Start-Up Application Microsoft Corporation

services.exe 676 Services and Controller app Microsoft Corporation

svchost.exe 896 Host Process for Windows Services Microsoft Corporation

WmiPrvSE.exe 6128 WMI Provider Host Microsoft Corporation

CCU_Engine.exe 2176 Intel® Viiv™ Settings Intel® Corporation

ehmsas.exe 5500 Media Center Media Status Aggregator Service Microsoft Corporation

BTStackServer.exe 4932 Bluetooth Stack COM Server Broadcom Corporation.

unsecapp.exe 5896 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation

hpswp_clipbook.exe 4508 HP Smart Web Printing add-on for Internet Explorer Hewlett-Packard Co.

hpqbam08.exe 1764 HP CUE Alert Popup Window Objects Hewlett-Packard Co.

hpqgpc01.exe 2524 GPCore COM object Hewlett-Packard

wlcomm.exe 172 Windows Live Communications Platform Microsoft Corporation

WmiPrvSE.exe 284 WMI Provider Host Microsoft Corporation

svchost.exe 964 Host Process for Windows Services Microsoft Corporation

svchost.exe 1004 Host Process for Windows Services Microsoft Corporation

svchost.exe 1056 Host Process for Windows Services Microsoft Corporation

audiodg.exe 1252 Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1096 Host Process for Windows Services Microsoft Corporation

wlanext.exe 1712 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation

WUDFHost.exe 3736 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation

dwm.exe 1424 0.78 Desktop Window Manager Microsoft Corporation

svchost.exe 1116 Host Process for Windows Services Microsoft Corporation

taskeng.exe 2284 Task Scheduler Engine Microsoft Corporation

taskeng.exe 6116 Task Scheduler Engine Microsoft Corporation

SLsvc.exe 1296 Microsoft Software Licensing Service Microsoft Corporation

svchost.exe 1336 Host Process for Windows Services Microsoft Corporation

svchost.exe 1492 Host Process for Windows Services Microsoft Corporation

vsmon.exe 1628 TrueVector Service Check Point Software Technologies LTD

aswUpdSv.exe 1916 avast! Antivirus updating service ALWIL Software

ashServ.exe 1932 avast! antivirus service ALWIL Software

spoolsv.exe 1464 Spooler SubSystem App Microsoft Corporation

svchost.exe 208 Host Process for Windows Services Microsoft Corporation

AERTSrv.exe 2844 Andrea filters APO access service (32-bit) Andrea Electronics Corporation

AlertService.exe 2876 Intel® Alert Service Intel® Corporation

svchost.exe 2892 Host Process for Windows Services Microsoft Corporation

btwdins.exe 2916 Bluetooth Support Server Broadcom Corporation.

DQLWinService.exe 2940 DQLWinSe Application

svchost.exe 3036 Host Process for Windows Services Microsoft Corporation

svchost.exe 3056 Host Process for Windows Services Microsoft Corporation

NMSCore.exe 3228 Intel® NMSCore Intel® Corporation

svchost.exe 3264 Host Process for Windows Services Microsoft Corporation

svchost.exe 3276 Host Process for Windows Services Microsoft Corporation

QualityManager.exe 3288 Intel® Quality Manager Intel® Corporation

sprtsvc.exe 3320 SupportSoft Agent Service SupportSoft, Inc.

svchost.exe 3344 Host Process for Windows Services Microsoft Corporation

svchost.exe 3376 Host Process for Windows Services Microsoft Corporation

SearchIndexer.exe 3400 Microsoft Windows Search Indexer Microsoft Corporation

SearchProtocolHost.exe 5600 Microsoft Windows Search Protocol Host Microsoft Corporation

SearchFilterHost.exe 5144 Microsoft Windows Search Filter Host Microsoft Corporation

issm.exe 3480 Intel Software Service Manager Intel® Corporation

MCLServiceATL.exe 3548 Intel® Application Tracker Intel® Corporation

Remote UI Service.exe 3880 Intel® Remoting Service Intel® Corporation

mediaserver.exe 3948

svchost.exe 4652 Host Process for Windows Services Microsoft Corporation

wmpnetwk.exe 4472 Windows Media Player Network Sharing Service Microsoft Corporation

ashWebSv.exe 4548 avast! Web Scanner ALWIL Software

lsass.exe 692 Local Security Authority Process Microsoft Corporation

lsm.exe 700 Local Session Manager Service Microsoft Corporation

csrss.exe 644 Client Server Runtime Process Microsoft Corporation

uTorrent.exe 3888 µTorrent BitTorrent, Inc.

csrss.exe 4568 Client Server Runtime Process Microsoft Corporation

uTorrent.exe 5628 µTorrent BitTorrent, Inc.

csrss.exe 4896 Client Server Runtime Process Microsoft Corporation

winlogon.exe 5936 Windows Logon Application Microsoft Corporation

explorer.exe 348 Windows Explorer Microsoft Corporation

MSASCui.exe 2272 Windows Defender User Interface Microsoft Corporation

RtHDVCpl.exe 2576 HD Audio Control Panel Realtek Semiconductor

jusched.exe 1276 Java Platform SE binary Sun Microsystems, Inc.

IntelHCTAgent.exe 5976 Network monitor for Intel® Hub Connect Technology Intel Corporation

CCU_TrayIcon.exe 2988 Intel® Viiv™ Settings Intel® Corporation

GrooveMonitor.exe 2632 GrooveMonitor Utility Microsoft Corporation

rundll32.exe 3236 Windows host process (Rundll32) Microsoft Corporation

sprtcmd.exe 3920 SupportSoft, Inc.

ashDisp.exe 1208 avast! service GUI component ALWIL Software

zlclient.exe 5748 ZoneAlarm Client Check Point Software Technologies LTD

hpwuSchd2.exe 5136 hpwuSchd Application Hewlett-Packard

msnmsgr.exe 4500 Windows Live Messenger Microsoft Corporation

ehtray.exe 5528 Media Center Tray Applet Microsoft Corporation

GoogleToolbarNotifier.exe 2312 GoogleToolbarNotifier Google Inc.

wmpnscfg.exe 4524 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

BTTray.exe 5724 Bluetooth Tray Application Broadcom Corporation.

hpqtra08.exe 3840 HP Digital Imaging Monitor Hewlett-Packard Co.

hpqste08.exe 2188 HP CUE Status Root Hewlett-Packard Co.

iexplore.exe 3152 Internet Explorer Microsoft Corporation

uTorrent.exe 304 µTorrent BitTorrent, Inc.

taskmgr.exe 528 Windows Task Manager Microsoft Corporation

notepad.exe 5728 Notepad Microsoft Corporation

rundll32.exe 6012 Windows host process (Rundll32) Microsoft Corporation

procexp.exe 5888 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

jewelisheaven · May 12, 2009

Try it with Zone Alarm uninstalled. It doesn't play nice on Vista.

Process Explorer log was truncated, so if that doesn't work please try updating the logfile above/below by selecting utorrent.exe (either of them) and then saving the log again

Also I don't recognize that wpclsp.dll

nadz-s · May 12, 2009

should i post another log file after uninstalling zonealarm?

moogly · May 12, 2009

No.

Vista + ZA = bugs with uT and other applications. ZA is really buggy. Try another fw like Comodo.

http://forum.utorrent.com/viewtopic.php?id=7862

nadz-s · May 12, 2009

the thing is ive been using vista, ZA and uT together for about a year and only now am getting these problems.

uninstalled ZA and still the same problem

jewelisheaven · May 12, 2009

Then yes please, post a fresh PE logfile with utorrent.exe selected.

nadz-s · May 12, 2009

Process PID CPU Description Company Name

System Idle Process 0 94.59

Interrupts n/a Hardware Interrupts

DPCs n/a 2.33 Deferred Procedure Calls

System 4

smss.exe 500 Windows Session Manager Microsoft Corporation

csrss.exe 572 Client Server Runtime Process Microsoft Corporation

wininit.exe 632 Windows Start-Up Application Microsoft Corporation

services.exe 676 Services and Controller app Microsoft Corporation

svchost.exe 896 Host Process for Windows Services Microsoft Corporation

WmiPrvSE.exe 6128 WMI Provider Host Microsoft Corporation

CCU_Engine.exe 2988 Intel® Viiv™ Settings Intel® Corporation

BTStackServer.exe 3644 Bluetooth Stack COM Server Broadcom Corporation.

ehmsas.exe 5536 Media Center Media Status Aggregator Service Microsoft Corporation

unsecapp.exe 6224 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation

hpqbam08.exe 6496 HP CUE Alert Popup Window Objects Hewlett-Packard Co.

hpswp_clipbook.exe 6792 HP Smart Web Printing add-on for Internet Explorer Hewlett-Packard Co.

wlcomm.exe 7228 Windows Live Communications Platform Microsoft Corporation

hpqgpc01.exe 7464 GPCore COM object Hewlett-Packard

svchost.exe 964 Host Process for Windows Services Microsoft Corporation

svchost.exe 1004 Host Process for Windows Services Microsoft Corporation

svchost.exe 1056 Host Process for Windows Services Microsoft Corporation

audiodg.exe 1252 Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1096 Host Process for Windows Services Microsoft Corporation

wlanext.exe 1712 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation

WUDFHost.exe 3736 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation

dwm.exe 4948 Desktop Window Manager Microsoft Corporation

svchost.exe 1116 Host Process for Windows Services Microsoft Corporation

taskeng.exe 2284 Task Scheduler Engine Microsoft Corporation

taskeng.exe 6580 Task Scheduler Engine Microsoft Corporation

SLsvc.exe 1296 Microsoft Software Licensing Service Microsoft Corporation

svchost.exe 1336 Host Process for Windows Services Microsoft Corporation

svchost.exe 1492 Host Process for Windows Services Microsoft Corporation

aswUpdSv.exe 1916 avast! Antivirus updating service ALWIL Software

ashServ.exe 1932 avast! antivirus service ALWIL Software

spoolsv.exe 1464 Spooler SubSystem App Microsoft Corporation

svchost.exe 208 Host Process for Windows Services Microsoft Corporation

AERTSrv.exe 2844 Andrea filters APO access service (32-bit) Andrea Electronics Corporation

AlertService.exe 2876 Intel® Alert Service Intel® Corporation

svchost.exe 2892 Host Process for Windows Services Microsoft Corporation

btwdins.exe 2916 Bluetooth Support Server Broadcom Corporation.

DQLWinService.exe 2940 DQLWinSe Application

svchost.exe 3036 Host Process for Windows Services Microsoft Corporation

svchost.exe 3056 Host Process for Windows Services Microsoft Corporation

NMSCore.exe 3228 Intel® NMSCore Intel® Corporation

svchost.exe 3264 Host Process for Windows Services Microsoft Corporation

svchost.exe 3276 Host Process for Windows Services Microsoft Corporation

QualityManager.exe 3288 Intel® Quality Manager Intel® Corporation

sprtsvc.exe 3320 SupportSoft Agent Service SupportSoft, Inc.

svchost.exe 3344 Host Process for Windows Services Microsoft Corporation

svchost.exe 3376 Host Process for Windows Services Microsoft Corporation

WerFault.exe 5504 Windows Problem Reporting Microsoft Corporation

SearchIndexer.exe 3400 Microsoft Windows Search Indexer Microsoft Corporation

SearchProtocolHost.exe 7760 Microsoft Windows Search Protocol Host Microsoft Corporation

SearchFilterHost.exe 6932 Microsoft Windows Search Filter Host Microsoft Corporation

issm.exe 3480 Intel Software Service Manager Intel® Corporation

MCLServiceATL.exe 3548 Intel® Application Tracker Intel® Corporation

Remote UI Service.exe 3880 Intel® Remoting Service Intel® Corporation

mediaserver.exe 3948

svchost.exe 4652 Host Process for Windows Services Microsoft Corporation

wmpnetwk.exe 4472 Windows Media Player Network Sharing Service Microsoft Corporation

ashWebSv.exe 4548 avast! Web Scanner ALWIL Software

lsass.exe 692 Local Security Authority Process Microsoft Corporation

lsm.exe 700 Local Session Manager Service Microsoft Corporation

csrss.exe 644 Client Server Runtime Process Microsoft Corporation

uTorrent.exe 3888 µTorrent BitTorrent, Inc.

csrss.exe 4568 Client Server Runtime Process Microsoft Corporation

uTorrent.exe 5628 µTorrent BitTorrent, Inc.

csrss.exe 4896 Client Server Runtime Process Microsoft Corporation

iexplore.exe 3152 Internet Explorer Microsoft Corporation

uTorrent.exe 304 µTorrent BitTorrent, Inc.

csrss.exe 2704 Client Server Runtime Process Microsoft Corporation

winlogon.exe 5888 Windows Logon Application Microsoft Corporation

explorer.exe 1264 Windows Explorer Microsoft Corporation

MSASCui.exe 3924 Windows Defender User Interface Microsoft Corporation

RtHDVCpl.exe 292 HD Audio Control Panel Realtek Semiconductor

jusched.exe 4268 Java Platform SE binary Sun Microsystems, Inc.

IntelHCTAgent.exe 5832 Network monitor for Intel® Hub Connect Technology Intel Corporation

CCU_TrayIcon.exe 6004 Intel® Viiv™ Settings Intel® Corporation

GrooveMonitor.exe 5172 GrooveMonitor Utility Microsoft Corporation

rundll32.exe 6112 Windows host process (Rundll32) Microsoft Corporation

sprtcmd.exe 4420 SupportSoft, Inc.

ashDisp.exe 2864 avast! service GUI component ALWIL Software

hpwuSchd2.exe 5196 hpwuSchd Application Hewlett-Packard

msnmsgr.exe 1424 Windows Live Messenger Microsoft Corporation

ehtray.exe 1652 Media Center Tray Applet Microsoft Corporation

GoogleToolbarNotifier.exe 2200 GoogleToolbarNotifier Google Inc.

wmpnscfg.exe 5080 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

BTTray.exe 4236 Bluetooth Tray Application Broadcom Corporation.

hpqtra08.exe 4964 HP Digital Imaging Monitor Hewlett-Packard Co.

hpqste08.exe 6464 HP CUE Status Root Hewlett-Packard Co.

iexplore.exe 6672 Internet Explorer Microsoft Corporation

uTorrent.exe 7124 0.78 µTorrent BitTorrent, Inc.

procexp.exe 6440 1.55 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

rundll32.exe 5976 Windows host process (Rundll32) Microsoft Corporation

DreadWingKnight · May 12, 2009

still missing the dll list.

moogly · May 12, 2009

Don't forget to select utorrent.exe and enable DLL mode (ctrl+d) in PE.

nadz-s · May 12, 2009

Process PID CPU Description Company Name

System Idle Process 0 91.13

Interrupts n/a 0.77 Hardware Interrupts

DPCs n/a 3.09 Deferred Procedure Calls

System 4 1.54

smss.exe 500 Windows Session Manager Microsoft Corporation

csrss.exe 572 Client Server Runtime Process Microsoft Corporation

wininit.exe 632 Windows Start-Up Application Microsoft Corporation

services.exe 676 Services and Controller app Microsoft Corporation

svchost.exe 896 Host Process for Windows Services Microsoft Corporation

BTStackServer.exe 3644 Bluetooth Stack COM Server Broadcom Corporation.

CCU_Engine.exe 4424 Intel® Viiv™ Settings Intel® Corporation

WmiPrvSE.exe 1864 WMI Provider Host Microsoft Corporation

BTStackServer.exe 8096 Bluetooth Stack COM Server Broadcom Corporation.

ehmsas.exe 2824 Media Center Media Status Aggregator Service Microsoft Corporation

unsecapp.exe 7256 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation

hpqbam08.exe 7608 HP CUE Alert Popup Window Objects Hewlett-Packard Co.

hpswp_clipbook.exe 6412 HP Smart Web Printing add-on for Internet Explorer Hewlett-Packard Co.

hpqgpc01.exe 5416 GPCore COM object Hewlett-Packard

svchost.exe 964 Host Process for Windows Services Microsoft Corporation

svchost.exe 1004 Host Process for Windows Services Microsoft Corporation

svchost.exe 1056 Host Process for Windows Services Microsoft Corporation

audiodg.exe 1252 Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1096 Host Process for Windows Services Microsoft Corporation

wlanext.exe 1712 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation

WUDFHost.exe 3736 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation

dwm.exe 5008 Desktop Window Manager Microsoft Corporation

svchost.exe 1116 Host Process for Windows Services Microsoft Corporation

taskeng.exe 2284 Task Scheduler Engine Microsoft Corporation

taskeng.exe 2312 Task Scheduler Engine Microsoft Corporation