problems with u Torrent

Edo1952 · August 28, 2010

I'm new to the Forum, so I'd like to start by saying Hello, nice to be here.

I have had a working 1.7 version of u Torrent for the past 6 months.

Yesterday when I received the notice to update to 2.0 I did and now

u Torrent does not work at all: the program does not open when I click on it

and in about a minute after that I get a Win message that says :

It seems like u Torrent is running (however the WinTask Manager does not show the application)but not responding Please close all uTorrent processes and try again.

I try to close the process from Task Manager, however when choose End Process

it doesn't.

...and If I close Internet ( I run Mozilla) I cannot open that program as well: the only way is to

reboot computer.

u Torrent does not start after the reboot: Mozilla/Internet does.

I have removed u Torrent several times, and downloaded the exe from your site however

I'm getting the same result ..... ( what can I do to fix this ?

Many Thanks

Edo1952

paintball9 · August 28, 2010

What OS are you running? Windows 2000?

Edo1952 · August 28, 2010

What OS are you running? Windows 2000?

Thanks ...I will read up on it some more.

Here are my specs (sorry I should have posted them with my previous message)

Windows XP Home Edition

Build 2600.xpsp_sp3_gdr.090804-1435(Service Pack3)

...just a novice when it comes to computer language and what it does,

going to read more about it.

Thanks again

DreadWingKnight · August 28, 2010

http://forum.utorrent.com/viewtopic.php?id=29748

Both logs from this guide please

Edo1952 · August 29, 2010

http://forum.utorrent.com/viewtopic.php?id=29748
Both logs from this guide please

Will do Mr Knight...Thanks

Edo1952 · August 29, 2010

http://forum.utorrent.com/viewtopic.php?id=29748
Both logs from this guide please
Will do Mr Knight...Thanks

Hello Mr Knight :

I have a zip file for You at Uploading.com

It contains the scans You asked for and one more I got from my Internet Security Provider

(its in its own Zip file)

file ref below:

<a href="http://uploading.com/files/99b443fd/Edo1952.zip/">Download Edo1952.zip for free on uploading.com</a>

I used this in the past and should work.

I run a virus/spyware scan and cleaned up all with Malwarebytes....My own Security Provider

scan engine is not showing up when I click to Run Virus Scan...it seems that some of the programs are 'ghost' programs now: if you pardon the pun...they show as 'running' in the Win XP Task Manager but not 'working' : I have no access to them.

...is it time for a sytem format ??? aaaaaarghhhh !!

Thanks Again for Your Help in this matter

Edo1952

DreadWingKnight · August 29, 2010

Please paste the logs directly into the thread.

Edo1952 · August 29, 2010

Please paste the logs directly into the thread.

Here we go. The Security File is too complex to paste here. Let Me know if You need it

as well: I will need an e-mail to send it to.

Thanks for Your Help

ProceXP

Process PID CPU Private Bytes Working Set Description Company Name

System Idle Process 0 96.92 0 K 16 K

Interrupts n/a 0 K 0 K Hardware Interrupts

DPCs n/a 0 K 0 K Deferred Procedure Calls

System 4 0 K 228 K

smss.exe 464 172 K 408 K Windows NT Session Manager Microsoft Corporation

csrss.exe 528 1,916 K 4,000 K Client Server Runtime Process Microsoft Corporation

winlogon.exe 552 6,720 K 4,180 K Windows NT Logon Application Microsoft Corporation

services.exe 596 1,916 K 4,812 K Services and Controller app Microsoft Corporation

nvsvc32.exe 768 4,496 K 6,280 K NVIDIA Driver Helper Service, Version 258.96 NVIDIA Corporation

svchost.exe 852 2,980 K 4,868 K Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 912 1,960 K 4,596 K Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 976 20,468 K 30,680 K Generic Host Process for Win32 Services Microsoft Corporation

wuauclt.exe 3656 2,200 K 4,248 K Windows Update Microsoft Corporation

svchost.exe 1016 2,308 K 3,360 K Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1144 1,484 K 3,784 K Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1268 1,072 K 2,976 K Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1472 3,364 K 5,248 K Spooler SubSystem App Microsoft Corporation

svchost.exe 200 1,180 K 3,432 K Generic Host Process for Win32 Services Microsoft Corporation

AppleMobileDeviceService.exe 232 2,420 K 3,416 K Apple Mobile Device Service Apple Inc.

mDNSResponder.exe 252 1,752 K 4,420 K Bonjour Service Apple Inc.

fsgk32st.exe 340 328 K 396 K F-Secure Anti-Virus Scanning Service F-Secure Corporation

fsgk32.exe 372 6,492 K 3,604 K Gatekeeper Handler II F-Secure Corporation

fssm32.exe 2588 76,852 K 62,364 K F-Secure Scanner Manager F-Secure Corporation

fsav32.exe 3476 2,468 K 2,212 K FSAV Handler F-Secure Corporation

FSMA32.EXE 360 820 K 924 K F-Secure Management Agent F-Secure Corporation

FSHDLL32.EXE 516 9,876 K 5,312 K F-Secure DLL Hosting Plugin F-Secure Corporation

jqs.exe 960 2,748 K 1,452 K Java Quick Starter Service Sun Microsystems, Inc.

McciCMService.exe 1080 2,372 K 4,512 K mcci+McciCMService Motive Communications, Inc.

nHancerService.exe 1760 10,152 K 6,980 K nHancerService KSE - Korndörfer Software Engineering

HPZipm12.exe 1940 972 K 2,368 K PML Driver HP

svchost.exe 2052 2,364 K 4,164 K Generic Host Process for Win32 Services Microsoft Corporation

iPodService.exe 2380 2,888 K 4,644 K iPodService Module (32-bit) Apple Inc.

fsdfwd.exe 2552 5,800 K 1,332 K F-Secure Internet Shield daemon F-Secure Corporation

fsorsp.exe 2664 3,200 K 1,532 K F-Secure ORSP Service F-Secure Corporation

alg.exe 2740 1,740 K 4,280 K Application Layer Gateway Service Microsoft Corporation

lsass.exe 608 4,416 K 1,352 K LSA Shell (Export Version) Microsoft Corporation

explorer.exe 1416 25,292 K 6,756 K Windows Explorer Microsoft Corporation

StartFX.exe 1612 12,920 K 9,768 K Start Advanced Video FX Engine Application Creative Technology Ltd.

iTunesHelper.exe 1620 10,212 K 14,172 K iTunesHelper Apple Inc.

rundll32.exe 1648 4,200 K 5,628 K Run a DLL as an App Microsoft Corporation

ctfmon.exe 1748 1,008 K 3,808 K CTF Loader Microsoft Corporation

fscuif.exe 3196 19,464 K 6,840 K F-Secure Common User Interface Framework F-Secure Corporation

firefox.exe 3256 64,760 K 80,652 K Firefox Mozilla Corporation

WINZIP32.EXE 2112 4,924 K 816 K WinZip WinZip Computing, Inc.

procexp.exe 2572 3.08 12,968 K 17,624 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:30:19 PM, on 28/08/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16981)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe

C:\Program Files\Shaw Secure\Common\FSMA32.EXE

C:\Program Files\Shaw Secure\Anti-Virus\FSGK32.EXE

C:\Program Files\Shaw Secure\Common\FSHDLL32.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files\nHancer\nHancerService.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe

C:\Program Files\Shaw Secure\Anti-Virus\fssm32.exe

C:\Program Files\Shaw Secure\FSGUI\fscuif.exe

C:\Program Files\Shaw Secure\Anti-Virus\fsav32.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\PROGRA~1\WINZIP\winzip32.exe

C:\WINDOWS\System32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dll

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Shaw Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [FFTI] C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\kx9prwmn.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [FFTI] C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\kx9prwmn.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Download with Download Accelerator! - C:\Program Files\Download Accelerator\DownloadAccelerator.htm

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169263600093

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by112fd.bay112.hotmail.msn.com/activex/HMAtchmt.ocx

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab

O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)

O18 - Protocol: intu-qt2008 - {05E53CE9-66C8-4A9E-A99F-FDB7A8E7B596} - (no file)

O18 - Protocol: intu-qt2009 - {03947252-2355-4E9B-B446-8CCC75C43370} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Shaw Secure\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe

O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 10533 bytes

DreadWingKnight · August 29, 2010

missing the dll list for the utorrent.exe process.

Edo1952 · August 30, 2010

missing the dll list for the utorrent.exe process.

That's my problem ? I'm missing a dll list for the utorrent exe process....

I can't see how that could have happened...I only choose to run new utorrent.exe and

that's when I started having trouble with some programs ...

I will try to remove the files, and try again this time I'll temporarily shut down the firewall and

antivirus...if I get the thing working again I'll send the scans again.

...very perplexed ??

Edo1952 · August 30, 2010

missing the dll list for the utorrent.exe process.

Hello Mr Knight,

this is what I did so far...sadly without getting uTorrent to work....sob !

I run a virus scan with Malwarebytes and cleaned out the system

I re-started the computer.

I run a internet virus scan through my provider : SHAW (I live in Canada)

I have a clean system....but it could be still screwed up....but where??

I un-installed uTorrent, and restarted the computer.

I downloaded uTorrent.exe form utorrent.com.

I do not shut down Firewall

I open exe and re-start the computer.

I do scans: Procexp and Hijackthis

I click on uTorrent , nothing happens:

I click on torrent file to open: nothing happens:

30 sec later or so I get message that uTorrent is already running but not working.

I lose Internet connection.

I check scans

I restart computer

this is the Procexp scan

Process PID CPU Private Bytes Working Set Description Company Name

System Idle Process 0 96.92 0 K 16 K

Interrupts n/a 0 K 0 K Hardware Interrupts

DPCs n/a 1.54 0 K 0 K Deferred Procedure Calls

System 4 0 K 228 K

smss.exe 460 172 K 408 K Windows NT Session Manager Microsoft Corporation

csrss.exe 524 1,852 K 4,444 K Client Server Runtime Process Microsoft Corporation

winlogon.exe 548 6,692 K 4,460 K Windows NT Logon Application Microsoft Corporation

services.exe 592 1,896 K 3,716 K Services and Controller app Microsoft Corporation

nvsvc32.exe 764 4,488 K 6,264 K NVIDIA Driver Helper Service, Version 258.96 NVIDIA Corporation

svchost.exe 848 2,988 K 4,852 K Generic Host Process for Win32 Services Microsoft Corporation

wmiprvse.exe 408 1,940 K 5,200 K WMI Microsoft Corporation

svchost.exe 904 2,080 K 4,704 K Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 976 15,808 K 25,744 K Generic Host Process for Win32 Services Microsoft Corporation

wmiadap.exe 2372 4,652 K 7,380 K WMI Microsoft Corporation

svchost.exe 1012 2,308 K 3,324 K Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1136 1,496 K 3,792 K Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1284 1,156 K 3,288 K Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 1492 3,360 K 5,232 K Spooler SubSystem App Microsoft Corporation

svchost.exe 2000 1,184 K 3,432 K Generic Host Process for Win32 Services Microsoft Corporation

AppleMobileDeviceService.exe 2036 2,420 K 3,420 K Apple Mobile Device Service Apple Inc.

mDNSResponder.exe 124 1,748 K 4,416 K Bonjour Service Apple Inc.

fsgk32st.exe 308 328 K 396 K F-Secure Anti-Virus Scanning Service F-Secure Corporation

fsgk32.exe 332 6,956 K 1,988 K Gatekeeper Handler II F-Secure Corporation

fssm32.exe 2464 96,164 K 94,708 K F-Secure Scanner Manager F-Secure Corporation

fsav32.exe 3224 2,864 K 2,240 K FSAV Handler F-Secure Corporation

FSMA32.EXE 324 820 K 940 K F-Secure Management Agent F-Secure Corporation

FSHDLL32.EXE 476 9,912 K 4,388 K F-Secure DLL Hosting Plugin F-Secure Corporation

jqs.exe 420 2,760 K 1,424 K Java Quick Starter Service Sun Microsystems, Inc.

McciCMService.exe 716 2,376 K 4,512 K mcci+McciCMService Motive Communications, Inc.

nHancerService.exe 1364 10,100 K 7,756 K nHancerService KSE - Korndörfer Software Engineering

HPZipm12.exe 1332 976 K 2,372 K PML Driver HP

svchost.exe 1844 2,432 K 4,284 K Generic Host Process for Win32 Services Microsoft Corporation

iPodService.exe 2268 2,888 K 4,636 K iPodService Module (32-bit) Apple Inc.

fsdfwd.exe 2384 5,844 K 2,276 K F-Secure Internet Shield daemon F-Secure Corporation

fsorsp.exe 2764 3,224 K 864 K F-Secure ORSP Service F-Secure Corporation

alg.exe 2952 1,716 K 4,264 K Application Layer Gateway Service Microsoft Corporation

msiexec.exe 3644 8,108 K 12,944 K Windows® installer Microsoft Corporation

mscorsvw.exe 3932 1,768 K 4,512 K .NET Runtime Optimization Service Microsoft Corporation

lsass.exe 604 4,364 K 700 K LSA Shell (Export Version) Microsoft Corporation

explorer.exe 1404 31,276 K 38,484 K Windows Explorer Microsoft Corporation

StartFX.exe 1576 12,916 K 9,760 K Start Advanced Video FX Engine Application Creative Technology Ltd.

iTunesHelper.exe 1584 10,204 K 14,220 K iTunesHelper Apple Inc.

rundll32.exe 1604 4,192 K 5,600 K Run a DLL as an App Microsoft Corporation

ctfmon.exe 1684 1,012 K 3,876 K CTF Loader Microsoft Corporation

utorrent.exe 3996 6,772 K 13,648 K µTorrent BitTorrent, Inc.

uTorrent.exe 3000 4,692 K 8,756 K µTorrent BitTorrent, Inc.

procexp.exe 3912 1.54 13,652 K 18,244 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

firefox.exe 3816 104,348 K 93,184 K Firefox Mozilla Corporation

this is the Hijackthis scan

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:09:25 PM, on 29/08/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16981)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe

C:\Program Files\Shaw Secure\Common\FSMA32.EXE

C:\Program Files\Shaw Secure\Anti-Virus\FSGK32.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Shaw Secure\Common\FSHDLL32.EXE

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files\nHancer\nHancerService.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe

C:\Program Files\Shaw Secure\Anti-Virus\fssm32.exe

C:\Program Files\Shaw Secure\Anti-Virus\fsav32.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Edo\Desktop\utorrent.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\WINDOWS\System32\msiexec.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE