duytrung Posted August 9, 2014 Report Share Posted August 9, 2014 Hi all, HijackThis LOG: Logfile of Trend Micro HijackThis v2.0.5Scan saved at 6:39:06 PM, on 9/08/2014Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17207)CHROME: 36.0.1985.125FIREFOX: 31.0 (x86 en-US)Boot mode: NormalRunning processes:C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avpui.exeC:\Program Files (x86)\Internet Download Manager\IDMan.exeC:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exeC:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exeD:\Programs\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/?LinkId=69157]http://go.microsoft.com/fwlink/?LinkId=69157[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/p/?LinkId=255141]http://go.microsoft.com/fwlink/p/?LinkId=255141[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/p/?LinkId=255141]http://go.microsoft.com/fwlink/p/?LinkId=255141[/url]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dllO2 - BHO: CrossriderApp0032850 - {11111111-1111-1111-1111-110311281150} - (no file)O2 - BHO: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dllO2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dllO2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre\bin\ssv.dllO2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dllO2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\OnlineBanking\online_banking_bho.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: ReasonableToolbar.ToolbarBHO - {d8961a1e-25db-33c9-a7c9-3d3e3266b5b8} - mscoree.dll (file missing)O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre\bin\jp2ssv.dllO2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\UrlAdvisor\klwtbbho.dllO3 - Toolbar: ReasonableToolbar - {c9a6357b-25cc-4bcf-96c1-78736985d413} - mscoree.dll (file missing)O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [PowerDVD13Agent] "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startupO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onbootO4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeO4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEO8 - Extra context menu item: &Download All with FlashGet - D:\Programs\FlashGet\jc_all.htmO8 - Extra context menu item: &Download with FlashGet - D:\Programs\FlashGet\jc_link.htmO8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\ie_banner_deny.htmO8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.htmlO8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: Send to MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLLO9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlO9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\UrlAdvisor\klwtbbho.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - [url=http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab]http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab[/url]O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllO23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Kaspersky Anti-Virus Service 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exeO23 - Service: AWiCSrvc - Atheros Communications - C:\Program Files (x86)\Ubiquiti\AWiCSrvc.exeO23 - Service: Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)O23 - Service: CyberLink PowerDVD 13 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exeO23 - Service: CyberLink PowerDVD 13 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exeO23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exeO23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exeO23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exeO23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exeO23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe-- 30345-utorrent.46bb.dmp30460-utorrent.df62.dmp31405-utorrent.b758.dmp32549-utorrent.689a.dmp32549-utorrent.903f.dmp32691-utorrent.0edb.dmp32691-utorrent.634e.dmp32691-utorrent.6cb6.dmp32691-utorrent.7a60.dmp32691-utorrent.b0f8.dmp32691-utorrent.fae4.dmp32891-utorrent.005b.dmp32891-utorrent.07ab.dmp32891-utorrent.08ef.dmp32891-utorrent.1131.dmp32891-utorrent.23a6.dmp32891-utorrent.248f.dmp32891-utorrent.306a.dmp32891-utorrent.3e0b.dmp32891-utorrent.44c6.dmp32891-utorrent.4ef0.dmp32891-utorrent.4f7c.dmp32891-utorrent.5901.dmp32891-utorrent.613a.dmp32891-utorrent.6977.dmp32891-utorrent.7b3e.dmp32891-utorrent.98f4.dmp32891-utorrent.9f7d.dmp32891-utorrent.aa40.dmp32891-utorrent.b91e.dmp32891-utorrent.c00e.dmp32891-utorrent.c919.dmp32891-utorrent.e2ae.dmp32891-utorrent.e5a0.dmp32891-utorrent.e7a2.dmp32891-utorrent.fd43.dmp Currently using Utorrent 3.4.2-32891, it crashing every startup, display a dialog to choose whether to restart or quit running. I dont know if the bugs were sent. Here is the link to compress of 36 dumps of mainly version 3.4.2-32891. Please take a look for good.Sorry for flooding you with alot of dumps Links: ----------------------------------- h##p://sendfile.su/1009802 ----------------------------------- Best wishes Mike Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 9, 2014 Report Share Posted August 9, 2014 Missing the process explorer process list with the dll list from when uTorrent is actually running Link to comment Share on other sites More sharing options...
duytrung Posted August 10, 2014 Author Report Share Posted August 10, 2014 Process List: Process CPU Private Bytes Working Set PID Description Company NameSystem Idle Process 82.08 0 K 24 K 0 System 0.38 188 K 980 K 4 Interrupts 0.81 0 K 0 K n/a Hardware Interrupts and DPCs smss.exe 552 K 808 K 508 csrss.exe < 0.01 2,948 K 3,808 K 688 conhost.exe 3,212 K 2,740 K 1588 wininit.exe 1,724 K 3,008 K 740 services.exe 9,220 K 10,640 K 808 svchost.exe 0.01 7,860 K 10,068 K 996 Host Process for Windows Services Microsoft Corporation igfxsrvc.exe 4,676 K 5,484 K 3880 igfxsrvc Module Intel Corporation unsecapp.exe 4,176 K 8,012 K 900 unsecapp.exe 3,972 K 8,032 K 4412 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation WmiPrvSE.exe 7,312 K 13,972 K 4372 cavwp.exe 17,800 K 2,376 K 5720 WmiPrvSE.exe 6,384 K 10,472 K 2800 svchost.exe 7,952 K 8,868 K 604 Host Process for Windows Services Microsoft Corporation cmdagent.exe 0.07 22,524 K 15,516 K 748 COMODO Internet Security COMODO svchost.exe < 0.01 19,748 K 15,700 K 1068 Host Process for Windows Services Microsoft Corporation svchost.exe 28,036 K 19,428 K 1112 Host Process for Windows Services Microsoft Corporation audiodg.exe 0.01 25,056 K 22,476 K 1284 svchost.exe 0.27 146,624 K 145,356 K 1152 Host Process for Windows Services Microsoft Corporation wlanext.exe 10,056 K 11,492 K 1580 dwm.exe 3,776 K 5,868 K 3156 Desktop Window Manager Microsoft Corporation WUDFHost.exe 4,576 K 9,216 K 5676 svchost.exe < 0.01 11,040 K 13,780 K 1192 Host Process for Windows Services Microsoft Corporation svchost.exe 2.33 36,944 K 46,428 K 1224 Host Process for Windows Services Microsoft Corporation taskeng.exe 4,104 K 8,148 K 7156 taskeng.exe 4,252 K 8,264 K 1056 svchost.exe 4,576 K 5,104 K 1304 Host Process for Windows Services Microsoft Corporation spoolsv.exe 10,032 K 8,672 K 1728 Spooler SubSystem App Microsoft Corporation svchost.exe 12,424 K 12,644 K 1768 Host Process for Windows Services Microsoft Corporation svchost.exe 7,324 K 5,980 K 1932 Host Process for Windows Services Microsoft Corporation AppleMobileDeviceService.exe 0.01 8,384 K 8,572 K 1952 YSLoader.exe Apple Inc. avp.exe 0.01 170,892 K 30,052 K 1272 Kaspersky Anti-Virus Kaspersky Lab ZAO avpui.exe < 0.01 100,064 K 96,460 K 3864 Kaspersky Anti-Virus Kaspersky Lab ZAO BtwRSupportService.exe < 0.01 4,564 K 4,360 K 1864 Bluetooth Radio Management Support Broadcom Corporation. mDNSResponder.exe 4,964 K 5,848 K 1612 Bonjour Service Apple Inc. CLMSMonitorServicePDVD13.exe 2,788 K 3,596 K 1544 Media Server Monitor Service CyberLink CLMSServerPDVD13.exe < 0.01 10,740 K 9,604 K 1532 Media Server Service CyberLink EvtEng.exe 9,608 K 12,596 K 2056 Intel® PROSet/Wireless Event Log Service Intel® Corporation IpOverUsbSvc.exe 10,332 K 7,316 K 2156 Microsoft Corporation LMS.exe 0.05 4,068 K 4,920 K 2600 Local Manageability Service Intel Corporation mdm.exe 0.03 3,980 K 6,108 K 2640 Machine Debug Manager Microsoft Corporation RegSrvc.exe 4,680 K 6,732 K 2724 Intel® PROSet/Wireless Registry Service Intel® Corporation sqlwriter.exe 4,572 K 5,536 K 2756 SQL Server VSS Writer - 64 Bit Microsoft Corporation svchost.exe 4,348 K 4,868 K 2784 Host Process for Windows Services Microsoft Corporation TeamViewer_Service.exe 6,664 K 12,076 K 2844 TeamViewer 9 TeamViewer GmbH VESMgr.exe 7,552 K 7,820 K 2896 VAIO Event Service (Service Module) Sony Corporation VESMgrSub.exe 0.09 7,052 K 7,828 K 3572 vmnat.exe < 0.01 3,536 K 4,660 K 2968 svchost.exe 44,252 K 31,248 K 3004 Host Process for Windows Services Microsoft Corporation ZeroConfigService.exe 10,144 K 16,196 K 3032 Intel® PROSet/Wireless Zero Configure Service Intel® Corporation taskhost.exe 0.01 15,616 K 14,136 K 3024 Host Process for Windows Tasks Microsoft Corporation vmnetdhcp.exe 9,164 K 4,272 K 3236 vmware-usbarbitrator64.exe < 0.01 6,124 K 7,436 K 3264 VMware USB Arbitration Service VMware, Inc. vmware-authd.exe 7,016 K 6,476 K 3556 VMware Authorization Service VMware, Inc. SearchIndexer.exe < 0.01 55,668 K 55,912 K 220 Microsoft Windows Search Indexer Microsoft Corporation svchost.exe 4,316 K 8,412 K 5192 Host Process for Windows Services Microsoft Corporation iPodService.exe 0.01 4,952 K 9,588 K 5764 iPodService Module (64-bit) Apple Inc. UNS.exe < 0.01 5,888 K 11,092 K 2284 User Notification Service Intel Corporation TrustedInstaller.exe 6,372 K 11,936 K 5548 Windows Modules Installer Microsoft Corporation taskhost.exe 7,944 K 11,684 K 6556 svchost.exe 3,380 K 6,088 K 3604 Host Process for Windows Services Microsoft Corporation lsass.exe 2.14 7,340 K 10,192 K 832 Local Security Authority Process Microsoft Corporation lsm.exe 5,140 K 4,896 K 840 csrss.exe 0.29 26,688 K 21,836 K 768 winlogon.exe 3,516 K 4,604 K 936 explorer.exe 0.27 53,500 K 62,428 K 3196 Windows Explorer Microsoft Corporation iFrmewrk.exe 8,200 K 13,356 K 3688 Intel® PROSet/Wireless Framework Intel® Corporation SynTPEnh.exe < 0.01 10,996 K 8,548 K 3696 Synaptics TouchPad Enhancements Synaptics Incorporated hkcmd.exe 5,288 K 9,260 K 3788 hkcmd Module Intel Corporation igfxpers.exe 5,336 K 7,244 K 3808 persistence Module Intel Corporation CisTray.exe 0.01 6,048 K 4,720 K 4088 COMODO Internet Security COMODO cis.exe 6,252 K 3,428 K 5700 COMODO Internet Security COMODO IDMan.exe 18,724 K 26,740 K 4436 Internet Download Manager (IDM) Tonec Inc. IEMonitor.exe 0.03 3,456 K 8,092 K 6008 Internet Download Manager agent for click monitoring in IE-based browsers Tonec Inc. Viber.exe 0.29 119,492 K 132,112 K 4480 Viber EvernoteClipper.exe < 0.01 3,712 K 8,776 K 4788 Evernote Clipper Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 ONENOTEM.EXE 2,756 K 1,572 K 4812 Microsoft Office OneNote Quick Launcher Microsoft Corporation firefox.exe 0.23 398,340 K 396,312 K 1392 Firefox Mozilla Corporation plugin-container.exe 16,712 K 18,924 K 3228 Plugin Container for Firefox Mozilla Corporation FlashPlayerPlugin_14_0_0_145.exe < 0.01 6,236 K 12,324 K 6356 Adobe Flash Player 14.0 r0 Adobe Systems, Inc. FlashPlayerPlugin_14_0_0_145.exe 14,432 K 18,528 K 6400 Adobe Flash Player 14.0 r0 Adobe Systems, Inc. ProcExp.exe 4,396 K 9,136 K 6800 Sysinternals Process Explorer Sysinternals - www.sysinternals.com ProcExp64.exe 6.54 24,952 K 41,052 K 6156 Sysinternals Process Explorer Sysinternals - www.sysinternals.comISBMgr.exe 4,056 K 8,936 K 4936 Sony Corporationvmware-tray.exe 3,100 K 6,680 K 4976 VMware Tray Process VMware, Inc.PowerDVD13Agent.exe 0.08 55,852 K 64,828 K 4992 PowerDVD 13 CyberLink Corp.MmReminderService.exe 11,744 K 18,464 K 5064 MindManager Topic Alerts Mindjetjusched.exe 2,920 K 6,676 K 5096 Java Update Scheduler Oracle CorporationPWRISOVM.EXE 5,228 K 11,452 K 5108 PowerISO Virtual Drive Manager Power Software LtdiTunesHelper.exe < 0.01 8,240 K 16,068 K 4104 iTunesHelper Apple Inc.trustedadssvc.exe < 0.01 19,924 K 32,768 K 1028 PrivDog Service AdTrustMediaSynTPHelper.exe 3,400 K 5,792 K 5668 Ymsgr_tray.exe 20,432 K 9,488 K 5812 Yahoo! Messenger Tray Yahoo! Inc.uTorrent.exe 3.92 145,600 K 160,932 K 6344 µTorrent BitTorrent Inc. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted August 10, 2014 Report Share Posted August 10, 2014 Again, missing the dll list Link to comment Share on other sites More sharing options...
duytrung Posted August 11, 2014 Author Report Share Posted August 11, 2014 Is this you are after? Process: uTorrent.exe Pid: 7632Type NameALPC Port \RPC Control\OLE966FA003409E4120862D8ACD45EBDesktop \DefaultDirectory \KnownDllsDirectory \KnownDlls32Directory \KnownDlls32Directory \Sessions\1\BaseNamedObjectsEvent \KernelObjects\MaximumCommitConditionEvent \Sessions\1\BaseNamedObjects\OleDfRoot3FE5F4E73291C24Event \Sessions\1\BaseNamedObjects\OleDfRootC002195D3333FD7AEvent \Sessions\1\BaseNamedObjects\OleDfRootF78DAD64602B4DA2File C:\WindowsFile \Device\swmon_dt_010109_kl1File D:\UtorrentFile C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2File C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853File C:\Windows\SysWOW64\en-US\setupapi.dll.muiFile \FileSystem\Filters\FltMgrMsgFile \Device\KsecDDFile C:\Windows\SysWOW64\en-US\crypt32.dll.muiFile \Device\KsecDDFile C:\Users\Sakura\AppData\Roaming\Microsoft\SystemCertificates\MyFile \Device\NsiFile \Device\KsecDDFile \Device\AfdFile \Device\AfdFile C:\Users\Sakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.datFile \Device\KsecDDFile \Device\AfdFile \Device\AfdFile \Device\AfdFile \Device\AfdFile C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2File C:\Windows\Fonts\StaticCache.datFile D:\Utorrent\ie\ie.1407717185.tmpFile C:\Windows\SysWOW64\en-US\msctf.dll.muiFile C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2File C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2File \Device\AfdFile C:\Windows\SysWOW64\en-US\ieframe.dll.muiFile \Device\AfdFile D:\Utorrent\ie\ie.1407717186.tmpFile C:\Windows\SysWOW64\en-US\KernelBase.dll.muiFile D:\Utorrent\ie\ie.1407717187.tmpFile \Device\AfdFile C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2File C:\Windows\SysWOW64\en-US\shell32.dll.muiFile C:\Windows\SysWOW64\en-US\mshtml.dll.muiFile C:\Windows\SysWOW64\en-US\urlmon.dll.muiFile C:\Windows\SysWOW64\en-US\wship6.dll.muiFile C:\Windows\SysWOW64\en-US\wshtcpip.dll.muiFile C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2File C:\Windows\SysWOW64\en-US\hnetcfg.dll.muiFile C:\Windows\Fonts\calibrib.ttfFile \Device\AfdFile C:\Users\Sakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6W6GWEKR\B7764929[4].htmFile C:\Windows\SysWOW64\en-US\jscript9.dll.muiFile \Device\AfdFile \Device\AfdFile \Device\AfdFile D:\Downloads\tgrb-pt.zip.!utKey HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution OptionsKey HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution OptionsKey HKLM\SYSTEM\ControlSet001\Control\Nls\Sorting\VersionsKey HKLMKey HKLM\SYSTEM\ControlSet001\Control\SESSION MANAGERKey HKLM\SYSTEM\ControlSet001\Control\Nls\CustomLocaleKey HKCUKey HKUKey HKLM\SYSTEM\ControlSet001\services\crypt32Key HKLM\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\ConfigKey HKLM\SOFTWARE\Microsoft\SystemCertificates\CAKey HKCU\Software\Microsoft\SystemCertificates\MyKey HKCU\Software\Microsoft\SystemCertificates\CAKey HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\CAKey HKCUKey HKLM\SOFTWARE\Microsoft\SystemCertificates\DisallowedKey HKCU\Software\Microsoft\SystemCertificates\DisallowedKey HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\DisallowedKey HKCUKey HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOTKey HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\RootKey HKCU\Software\Microsoft\SystemCertificates\RootKey HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRootKey HKLM\SOFTWARE\Microsoft\SystemCertificates\TrustedPeopleKey HKLM\SOFTWARE\Microsoft\SystemCertificates\SmartCardRootKey HKCU\Software\Microsoft\SystemCertificates\TrustedPeopleKey HKCU\Software\Microsoft\SystemCertificates\SmartCardRootKey HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeopleKey HKCUKey HKLM\SOFTWARE\Microsoft\SystemCertificates\trustKey HKCU\Software\Microsoft\SystemCertificates\trustKey HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\TrustKey HKCUKey HKLM\SOFTWARE\Policies\Microsoft\SystemCertificatesKey HKCU\Software\Policies\Microsoft\SystemCertificatesKey HKLM\SYSTEM\ControlSet001\services\WinSock2\Parameters\Protocol_Catalog9Key HKLM\SYSTEM\ControlSet001\services\WinSock2\Parameters\NameSpace_Catalog5Key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet SettingsKey HKLM\SYSTEM\ControlSet001\Control\Nls\Locale\Alternate SortsKey HKLM\SYSTEM\ControlSet001\Control\Nls\LocaleKey HKLM\SYSTEM\ControlSet001\Control\Nls\Language GroupsKey HKCU\Software\ClassesKey HKCU\Software\Microsoft\Windows\CurrentVersion\ExplorerKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControlKey HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControlKey HKLM\SOFTWARE\PoliciesKey HKCU\Software\PoliciesKey HKCU\SoftwareKey HKLM\SOFTWARE\Wow6432NodeKey HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\CacheKey HKCU\Software\ClassesKey HKCR\MIME\Database\Content Type\application/vnd.wolfram.playerKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PropertyBagKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBagKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PropertyBagKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PropertyBagKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PropertyBagKey HKCR\MIME\Database\Content Type\application/vnd.wolfram.nbKey HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapKey HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\HistoryKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet ExplorerKey HKCR\MIME\Database\Content Type\application/x-silverlight-2Key HKCR\MIME\Database\Content Type\application/mathematicaKey HKCR\MIME\Database\Content Type\application/vnd.wolfram.cdf.textKey HKCR\MIME\Database\Content Type\application/vnd.wolfram.mathematicaKey HKCR\MIME\Database\Content Type\application/vnd.wolfram.cdfKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\NavigatorPluginsList\Wolfram Mathematica ControlKey HKCU\Software\Microsoft\Windows NT\CurrentVersion\Network\Location AwarenessKey HKLM\SOFTWARE\Policies\Microsoft\Internet ExplorerKey HKCR\MIME\Database\Content Type\application/x-silverlightKey HKLM\SYSTEM\ControlSet001\Control\Nls\CodePageKey HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\NavigatorPluginsListMutant \Sessions\1\BaseNamedObjects\µTorrent4823DF041B09Mutant \Sessions\1\BaseNamedObjects\!IECompat!MutexMutant \Sessions\1\BaseNamedObjects\ZonesLockedCacheCounterMutexMutant \Sessions\1\BaseNamedObjects\MSCTF.Asm.MutexDefault1Mutant \Sessions\1\BaseNamedObjects\ZonesCacheCounterMutexMutant \Sessions\1\BaseNamedObjects\!BrowserEmulation!SharedMemory!MutexMutant \Sessions\1\BaseNamedObjects\_!SHMSFTHISTORY!_Section \Sessions\1\BaseNamedObjects\mchLLEW2$1dd0Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $7769f9e0Section \Sessions\1\BaseNamedObjects\AutoUnhookMap$00001dd0$10000000Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $71ac0000Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776c1287Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $730912c6Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $73092384Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $75acf784Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $754c103dSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $754c1072Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $75132642Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $75135429Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $754ec9b5Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $756a7bccSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $756ae743Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $756acbfbSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $687d1320Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $687d1210Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $756a58b3Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $750b124eSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $756a5ea6Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $756ac332Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $756d480fSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $756ab895Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d802bfSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d8027bSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d3835cSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d37603Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d2ee09Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d36110Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d28332Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d33baaSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d312a5Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d33c61Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d28bffSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d3612eSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d29679Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d3781fSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d297d2Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d86cfcSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d376e0Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d86d5dSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d37668Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d4c112Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d4d0f5Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d4ff4aSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d4ec68Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d3291fSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d4eb96Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d888ebSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d32d64Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d33698Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d3c4b6Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d87dd7Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d69f1dSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d2efc9Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d36c30Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d290d3Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d32da4Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $76d71497Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a0550Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a0004Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a0084Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a1cb4Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a1d8cSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $7769fcb0Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a0694Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a0df4Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a1be4Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $7769ffa4Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $7769fdc8Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a00b4Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $7769fd64Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $7769fec0Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a088cSection \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a0ed8Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a08a4Section \Sessions\1\BaseNamedObjects\NamedBuffer, mAH, Process $00001dd0, API $776a03b8Section \Sessions\1\BaseNamedObjects\windows_shell_global_countersSection \BaseNamedObjects\__ComCatalogCache__Section \BaseNamedObjects\__ComCatalogCache__Section \Sessions\1\BaseNamedObjects\windows_ie_global_countersSection \Sessions\1\BaseNamedObjects\windows_ie_global_countersSection \Sessions\1\BaseNamedObjects\UrlZonesSM_SakuraSection \Sessions\1\BaseNamedObjects\windows_webcache_bloom_section_{7F4DDE9A-AF7C-4A8F-AC81-B431CE7DDED1}Section \Sessions\1\BaseNamedObjects\windows_webcache_bloom_section_{DD6108DC-6670-4A03-BE30-E392BD9CFFBD}Section \Sessions\1\BaseNamedObjects\windows_webcache_bloom_section_{F68ECEB0-D1F2-427F-95F3-321E2FED57B0}Section \Sessions\1\BaseNamedObjects\MSIMGSIZECacheMapSection \BaseNamedObjects\windows_shell_global_countersThread uTorrent.exe(7632): 8112Thread uTorrent.exe(7632): 8112Thread uTorrent.exe(7632): 7608Thread uTorrent.exe(7632): 7608Thread uTorrent.exe(7632): 7532Thread uTorrent.exe(7632): 7696Thread uTorrent.exe(7632): 5088Thread uTorrent.exe(7632): 7172Thread uTorrent.exe(7632): 1996Thread uTorrent.exe(7632): 7864Thread uTorrent.exe(7632): 7208Thread uTorrent.exe(7632): 7704Thread uTorrent.exe(7632): 7172Thread uTorrent.exe(7632): 7864Thread uTorrent.exe(7632): 2436Thread uTorrent.exe(7632): 7864Thread uTorrent.exe(7632): 1040Thread uTorrent.exe(7632): 7456Thread uTorrent.exe(7632): 7860Thread uTorrent.exe(7632): 7828Thread uTorrent.exe(7632): 4944Thread uTorrent.exe(7632): 6712Thread uTorrent.exe(7632): 7276Thread uTorrent.exe(7632): 7188Thread uTorrent.exe(7632): 7188Thread uTorrent.exe(7632): 7184Thread uTorrent.exe(7632): 7292Thread uTorrent.exe(7632): 1396Thread uTorrent.exe(7632): 6196Thread uTorrent.exe(7632): 7184Thread uTorrent.exe(7632): 2664Thread uTorrent.exe(7632): 7184Thread uTorrent.exe(7632): 7184Thread uTorrent.exe(7632): 4528Thread uTorrent.exe(7632): 7860Thread uTorrent.exe(7632): 7444Thread uTorrent.exe(7632): 6536Thread uTorrent.exe(7632): 7396Thread uTorrent.exe(7632): 7228Thread uTorrent.exe(7632): 7252Thread uTorrent.exe(7632): 8176Thread uTorrent.exe(7632): 7236Thread uTorrent.exe(7632): 7236Thread uTorrent.exe(7632): 6368Thread uTorrent.exe(7632): 7288Thread uTorrent.exe(7632): 7240Thread uTorrent.exe(7632): 2436Thread uTorrent.exe(7632): 1040Thread uTorrent.exe(7632): 1528Thread uTorrent.exe(7632): 6504Thread uTorrent.exe(7632): 6504Thread uTorrent.exe(7632): 1996Thread uTorrent.exe(7632): 7440Thread uTorrent.exe(7632): 5476Thread uTorrent.exe(7632): 5476Thread uTorrent.exe(7632): 7860Thread uTorrent.exe(7632): 4968Thread uTorrent.exe(7632): 7068Thread uTorrent.exe(7632): 7808Thread uTorrent.exe(7632): 6504Thread uTorrent.exe(7632): 7992Thread uTorrent.exe(7632): 1908Thread uTorrent.exe(7632): 6392Thread uTorrent.exe(7632): 7412Thread uTorrent.exe(7632): 1044Thread uTorrent.exe(7632): 1528Thread uTorrent.exe(7632): 3568Thread uTorrent.exe(7632): 4616Thread uTorrent.exe(7632): 4648Thread uTorrent.exe(7632): 6120Thread uTorrent.exe(7632): 3016Thread uTorrent.exe(7632): 4768Thread uTorrent.exe(7632): 4376Thread uTorrent.exe(7632): 5044Thread uTorrent.exe(7632): 676Thread uTorrent.exe(7632): 6896Thread uTorrent.exe(7632): 5216Thread uTorrent.exe(7632): 6904Thread uTorrent.exe(7632): 4392Thread uTorrent.exe(7632): 6176Thread uTorrent.exe(7632): 7896WindowStation \Sessions\1\Windows\WindowStations\WinSta0WindowStation \Sessions\1\Windows\WindowStations\WinSta0 ===================================================== Link to comment Share on other sites More sharing options...
duytrung Posted August 11, 2014 Author Report Share Posted August 11, 2014 Crash again! Process CPU Private Bytes Working Set PID Description Company NameSystem Idle Process 69.24 0 K 24 K 0 System 1.21 160 K 60 K 4 Interrupts 2.76 0 K 0 K n/a Hardware Interrupts and DPCs smss.exe 552 K 140 K 508 csrss.exe < 0.01 2,976 K 1,776 K 688 conhost.exe 3,212 K 380 K 1588 wininit.exe 1,724 K 336 K 740 services.exe 9,120 K 5,688 K 808 lsass.exe 7,484 K 5,920 K 832 Local Security Authority Process Microsoft Corporation lsm.exe 5,312 K 1,980 K 840 csrss.exe 0.36 28,680 K 15,544 K 768 conhost.exe 3,252 K 636 K 4240 Console Window Host Microsoft Corporationwinlogon.exe 3,516 K 456 K 936 explorer.exe 0.22 114,236 K 79,852 K 3196 Windows Explorer Microsoft Corporation iFrmewrk.exe 8,524 K 4,152 K 3688 Intel® PROSet/Wireless Framework Intel® Corporation SynTPEnh.exe < 0.01 11,900 K 1,976 K 3696 Synaptics TouchPad Enhancements Synaptics Incorporated hkcmd.exe 5,292 K 2,068 K 3788 hkcmd Module Intel Corporation igfxpers.exe 5,372 K 3,016 K 3808 persistence Module Intel Corporation CisTray.exe 0.02 6,220 K 2,392 K 4088 COMODO Internet Security COMODO cis.exe < 0.01 18,932 K 3,620 K 5700 COMODO Internet Security COMODO IDMan.exe 22,472 K 7,288 K 4436 Internet Download Manager (IDM) Tonec Inc. IEMonitor.exe 0.05 3,656 K 5,476 K 6008 Internet Download Manager agent for click monitoring in IE-based browsers Tonec Inc. Viber.exe 0.88 131,540 K 38,844 K 4480 Viber EvernoteClipper.exe < 0.01 3,712 K 1,408 K 4788 Evernote Clipper Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 ONENOTEM.EXE 2,756 K 844 K 4812 Microsoft Office OneNote Quick Launcher Microsoft Corporation firefox.exe 0.79 936,940 K 886,644 K 3492 Firefox Mozilla Corporation plugin-container.exe 0.67 19,792 K 9,832 K 6980 Plugin Container for Firefox Mozilla Corporation FlashPlayerPlugin_14_0_0_145.exe 0.14 6,976 K 3,548 K 6212 Adobe Flash Player 14.0 r0 Adobe Systems, Inc. FlashPlayerPlugin_14_0_0_145.exe 0.98 105,416 K 41,072 K 6972 Adobe Flash Player 14.0 r0 Adobe Systems, Inc. UniKeyNT.exe 4,432 K 1,652 K 2252 uTorrent.exe 16.84 247,752 K 208,476 K 7632 µTorrent BitTorrent Inc. notepad++.exe 0.01 20,740 K 27,292 K 6396 Notepad++ : a free (GNU) source code editor Don HO don.h@free.frISBMgr.exe 4,092 K 1,784 K 4936 Sony Corporationvmware-tray.exe 3,100 K 1,276 K 4976 VMware Tray Process VMware, Inc.MmReminderService.exe 11,744 K 1,928 K 5064 MindManager Topic Alerts Mindjetjusched.exe 5,468 K 2,268 K 5096 Java Update Scheduler Oracle CorporationPWRISOVM.EXE 6,020 K 5,356 K 5108 PowerISO Virtual Drive Manager Power Software LtdiTunesHelper.exe < 0.01 8,696 K 2,520 K 4104 iTunesHelper Apple Inc.trustedadssvc.exe < 0.01 21,664 K 6,352 K 1028 PrivDog Service AdTrustMediaSynTPHelper.exe 3,404 K 492 K 5668 Ymsgr_tray.exe 20,432 K 1,416 K 5812 Yahoo! Messenger Tray Yahoo! Inc.SyncServer.exe 10,588 K 944 K 4360 YSLoader.exe Apple Inc.Process: uTorrent.exe Pid: 7632Name Description Company Name Path{14315AE4-EF15-400B-AAB9-D4E28D3DE262}.2.ver0x0000000000000001.db C:\ProgramData\Microsoft\Windows\Caches\{14315AE4-EF15-400B-AAB9-D4E28D3DE262}.2.ver0x0000000000000001.db{6882D3BE-F8DF-499A-95BA-7500F0B8C18E}.2.ver0x0000000000000001.db C:\ProgramData\Microsoft\Windows\Caches\{6882D3BE-F8DF-499A-95BA-7500F0B8C18E}.2.ver0x0000000000000001.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000036.db C:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000036.db{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000004b.db C:\Users\Sakura\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000004b.db{CFE1D42A-0FAC-4E58-9EAB-E45DA5729694}.2.ver0x0000000000000001.db C:\ProgramData\Microsoft\Windows\Caches\{CFE1D42A-0FAC-4E58-9EAB-E45DA5729694}.2.ver0x0000000000000001.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db C:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db~FontCache-FontFace.dat C:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat~FontCache-S-1-5-21-3275550235-1436980161-3967423367-1000.dat C:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-3275550235-1436980161-3967423367-1000.dat~FontCache-System.dat C:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat1AAEA155F43265E4265D6BD858866B9359BB3729 D:\Utorrent\dlimagecache\1AAEA155F43265E4265D6BD858866B9359BB372925A67F778E50ABECBC878C8AD880BF17F4D4064A D:\Utorrent\dlimagecache\25A67F778E50ABECBC878C8AD880BF17F4D4064A3B170F5E4FDD2D04346DDC2ED6EF5BF58166A601 D:\Utorrent\dlimagecache\3B170F5E4FDD2D04346DDC2ED6EF5BF58166A6013BB6B33D4793BE9EBA1DF3FFCF7FA5432583C072 D:\Utorrent\dlimagecache\3BB6B33D4793BE9EBA1DF3FFCF7FA5432583C072501939404FFCAC8501EF558B0A7340AC86050C59 D:\Utorrent\dlimagecache\501939404FFCAC8501EF558B0A7340AC86050C5977E17EF9002282D08E43059B5BCEAE527E2E3A56 D:\Utorrent\dlimagecache\77E17EF9002282D08E43059B5BCEAE527E2E3A5677E17EF9002282D08E43059B5BCEAE527E2E3A56 D:\Utorrent\dlimagecache\77E17EF9002282D08E43059B5BCEAE527E2E3A5677E17EF9002282D08E43059B5BCEAE527E2E3A56 D:\Utorrent\dlimagecache\77E17EF9002282D08E43059B5BCEAE527E2E3A5694D34A216CFBA6B7F0CEAED50E4BBB86C6DA84EF D:\Utorrent\dlimagecache\94D34A216CFBA6B7F0CEAED50E4BBB86C6DA84EF962D4787C88899243CC570649A1034F41C52623A D:\Utorrent\dlimagecache\962D4787C88899243CC570649A1034F41C52623AA997C13C3063D3C08C02F2ED59069D29EA173C99 D:\Utorrent\dlimagecache\A997C13C3063D3C08C02F2ED59069D29EA173C99actxprxy.dll ActiveX Interface Marshaling Library Microsoft Corporation C:\Windows\SysWOW64\actxprxy.dlladvapi32.dll Advanced Windows 32 Base API Microsoft Corporation C:\Windows\SysWOW64\advapi32.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll ApiSet Stub DLL Microsoft Corporation C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dllapisetschema.dll ApiSet Schema DLL Microsoft Corporation C:\Windows\System32\apisetschema.dllapphelp.dll Application Compatibility Client Library Microsoft Corporation C:\Windows\SysWOW64\apphelp.dllatl.dll ATL Module for Windows XP (Unicode) Microsoft Corporation C:\Windows\SysWOW64\atl.dllATL90.dll ATL Module for Windows (Unicode) Microsoft Corporation C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dllAudioSes.dll Audio Session Microsoft Corporation C:\Windows\SysWOW64\AudioSes.dllB2AB655DA862F07CAB11AB47598A72C89DD94405 D:\Utorrent\dlimagecache\B2AB655DA862F07CAB11AB47598A72C89DD94405B6346BED79119E2FD3565DB2A06FE2B074535363 D:\Utorrent\dlimagecache\B6346BED79119E2FD3565DB2A06FE2B074535363bcrypt.dll Windows Cryptographic Primitives Library (Wow64) Microsoft Corporation C:\Windows\SysWOW64\bcrypt.dllbcryptprimitives.dll Windows Cryptographic Primitives Library Microsoft Corporation C:\Windows\SysWOW64\bcryptprimitives.dllC_1250.NLS C:\Windows\System32\C_1250.NLSC_1251.NLS C:\Windows\System32\C_1251.NLSC_1253.NLS C:\Windows\System32\C_1253.NLSC_1256.NLS C:\Windows\System32\C_1256.NLSC_28591.NLS C:\Windows\System32\C_28591.NLSC_950.NLS C:\Windows\System32\C_950.NLScabinet.dll Microsoft® Cabinet File API Microsoft Corporation C:\Windows\SysWOW64\cabinet.dllcalibrib.ttf C:\Windows\Fonts\calibrib.ttfcfgmgr32.dll Configuration Manager DLL Microsoft Corporation C:\Windows\SysWOW64\cfgmgr32.dllclbcatq.dll COM+ Configuration Catalog Microsoft Corporation C:\Windows\SysWOW64\clbcatq.dllcomctl32.dll User Experience Controls Library Microsoft Corporation C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dllcomctl32.dll.mui User Experience Controls Library Microsoft Corporation C:\Windows\winsxs\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_en-us_581cd2bf5825dde9\comctl32.dll.muicomdlg32.dll Common Dialogs DLL Microsoft Corporation C:\Windows\SysWOW64\comdlg32.dllcomdlg32.dll.mui Common Dialogs DLL Microsoft Corporation C:\Windows\SysWOW64\en-US\comdlg32.dll.muicounters.dat C:\Users\Sakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.datcredssp.dll Credential Delegation Security Package Microsoft Corporation C:\Windows\SysWOW64\credssp.dllcrypt32.dll Crypto API32 Microsoft Corporation C:\Windows\SysWOW64\crypt32.dllcrypt32.dll.mui Crypto API32 Microsoft Corporation C:\Windows\SysWOW64\en-US\crypt32.dll.muicryptbase.dll Base cryptographic API DLL Microsoft Corporation C:\Windows\SysWOW64\cryptbase.dllcryptsp.dll Cryptographic Service Provider API Microsoft Corporation C:\Windows\SysWOW64\cryptsp.dllcscapi.dll Offline Files Win32 API Microsoft Corporation C:\Windows\SysWOW64\cscapi.dllcversions.2.db C:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db C:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db C:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db C:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db C:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db C:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbd2d1.dll Microsoft D2D Library Microsoft Corporation C:\Windows\SysWOW64\d2d1.dlld3d10warp.dll Direct3D 10 Rasterizer Microsoft Corporation C:\Windows\SysWOW64\d3d10warp.dlld3d11.dll Direct3D 11 Runtime Microsoft Corporation C:\Windows\SysWOW64\d3d11.dlldavclnt.dll Web DAV Client DLL Microsoft Corporation C:\Windows\SysWOW64\davclnt.dlldavhlpr.dll DAV Helper DLL Microsoft Corporation C:\Windows\SysWOW64\davhlpr.dllDC612C471ED091A5E609B42B5838A17B785944FE D:\Utorrent\dlimagecache\DC612C471ED091A5E609B42B5838A17B785944FEDC612C471ED091A5E609B42B5838A17B785944FE D:\Utorrent\dlimagecache\DC612C471ED091A5E609B42B5838A17B785944FEDC612C471ED091A5E609B42B5838A17B785944FE D:\Utorrent\dlimagecache\DC612C471ED091A5E609B42B5838A17B785944FEdevobj.dll Device Information Set DLL Microsoft Corporation C:\Windows\SysWOW64\devobj.dlldhcpcsvc.dll DHCP Client Service Microsoft Corporation C:\Windows\SysWOW64\dhcpcsvc.dlldhcpcsvc6.dll DHCPv6 Client Microsoft Corporation C:\Windows\SysWOW64\dhcpcsvc6.dlldinput8.dll Microsoft DirectInput Microsoft Corporation C:\Windows\SysWOW64\dinput8.dlldnsapi.dll DNS Client API DLL Microsoft Corporation C:\Windows\SysWOW64\dnsapi.dlldrprov.dll Microsoft Remote Desktop Session Host Server Network Provider Microsoft Corporation C:\Windows\SysWOW64\drprov.dlldsound.dll DirectSound Microsoft Corporation C:\Windows\SysWOW64\dsound.dlldui70.dll Windows DirectUI Engine Microsoft Corporation C:\Windows\SysWOW64\dui70.dllduser.dll Windows DirectUser Engine Microsoft Corporation C:\Windows\SysWOW64\duser.dllduser.dll.mui Windows DirectUser Engine Microsoft Corporation C:\Windows\SysWOW64\en-US\duser.dll.muidwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation C:\Windows\SysWOW64\dwmapi.dllDWrite.dll Microsoft DirectX Typography Services Microsoft Corporation C:\Windows\SysWOW64\DWrite.dlldxgi.dll DirectX Graphics Infrastructure Microsoft Corporation C:\Windows\SysWOW64\dxgi.dlldxgidebug.dll DXGI Debug Binary Microsoft Corporation C:\Windows\SysWOW64\dxgidebug.dllEhStorShell.dll Windows Enhanced Storage Shell Extension DLL Microsoft Corporation C:\Windows\SysWOW64\EhStorShell.dllExplorerFrame.dll ExplorerFrame Microsoft Corporation C:\Windows\SysWOW64\ExplorerFrame.dllexplorerframe.dll.mui ExplorerFrame Microsoft Corporation C:\Windows\SysWOW64\en-US\explorerframe.dll.muiFaultrep.dll Windows User Mode Crash Reporting DLL Microsoft Corporation C:\Windows\SysWOW64\Faultrep.dllFirewallAPI.dll Windows Firewall API Microsoft Corporation C:\Windows\SysWOW64\FirewallAPI.dllFlash32_14_0_0_145.ocx Adobe Flash Player 14.0 r0 Adobe Systems, Inc. C:\Windows\SysWOW64\Macromed\Flash\Flash32_14_0_0_145.ocxFlash32_14_0_0_145.ocx Adobe Flash Player 14.0 r0 Adobe Systems, Inc. C:\Windows\SysWOW64\Macromed\Flash\Flash32_14_0_0_145.ocxfltLib.dll Filter Library Microsoft Corporation C:\Windows\SysWOW64\fltLib.dllFWPUCLNT.DLL FWP/IPsec User-Mode API Microsoft Corporation C:\Windows\SysWOW64\FWPUCLNT.DLLgdi32.dll GDI Client DLL Microsoft Corporation C:\Windows\SysWOW64\gdi32.dllGdiPlus.dll Microsoft GDI+ Microsoft Corporation C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dllgpapi.dll Group Policy Client API Microsoft Corporation C:\Windows\SysWOW64\gpapi.dllGROOVEEX.DLL Microsoft SharePoint Workspace Extensions Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLGrooveIntlResource.dll Microsoft SharePoint Workspace Intl Resource Module Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dllguard32.dll COMODO Internet Security COMODO C:\Windows\SysWOW64\guard32.dllhnetcfg.dll Home Networking Configuration Manager Microsoft Corporation C:\Windows\SysWOW64\hnetcfg.dllhnetcfg.dll.mui Home Networking Configuration Manager Microsoft Corporation C:\Windows\SysWOW64\en-US\hnetcfg.dll.muiIconCodecService.dll Converts a PNG part of the icon to a legacy bmp icon Microsoft Corporation C:\Windows\SysWOW64\IconCodecService.dllie.1407717185.tmp D:\Utorrent\ie\ie.1407717185.tmpie.1407717186.tmp D:\Utorrent\ie\ie.1407717186.tmpie.1407717187.tmp D:\Utorrent\ie\ie.1407717187.tmpieframe.dll Internet Browser Microsoft Corporation C:\Windows\SysWOW64\ieframe.dllieframe.dll.mui Internet Browser Microsoft Corporation C:\Windows\SysWOW64\en-US\ieframe.dll.muiieproxy.dll IE ActiveX Interface Marshaling Library Microsoft Corporation C:\Program Files (x86)\Internet Explorer\ieproxy.dlliertutil.dll Run time utility for Internet Explorer Microsoft Corporation C:\Windows\SysWOW64\iertutil.dllimagehlp.dll Windows NT Image Helper Microsoft Corporation C:\Windows\SysWOW64\imagehlp.dllimm32.dll Multi-User Windows IMM32 API Client DLL Microsoft Corporation C:\Windows\SysWOW64\imm32.dllIPHLPAPI.DLL IP Helper API Microsoft Corporation C:\Windows\SysWOW64\IPHLPAPI.DLLjscript9.dll Microsoft ® JScript Microsoft Corporation C:\Windows\SysWOW64\jscript9.dlljscript9.dll.mui Microsoft ® JScript Microsoft Corporation C:\Windows\SysWOW64\en-US\jscript9.dll.muikernel32.dll Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\kernel32.dllKernelBase.dll Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\KernelBase.dllKernelBase.dll.mui Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\en-US\KernelBase.dll.muilinkinfo.dll Windows Volume Tracking Microsoft Corporation C:\Windows\SysWOW64\linkinfo.dlllocale.nls C:\Windows\System32\locale.nlslogging.dll Logging Library Microsoft Corporation C:\Users\Sakura\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\logging.dlllpk.dll Language Pack Microsoft Corporation C:\Windows\SysWOW64\lpk.dllmdnsNSP.dll Bonjour Namespace Provider Apple Inc. C:\Program Files (x86)\Bonjour\mdnsNSP.dllmlang.dll Multi Language Support DLL Microsoft Corporation C:\Windows\SysWOW64\mlang.dllMMDevAPI.dll MMDevice API Microsoft Corporation C:\Windows\SysWOW64\MMDevAPI.dllMMDevAPI.dll.mui MMDevice API Microsoft Corporation C:\Windows\SysWOW64\en-US\MMDevAPI.dll.muimpr.dll Multiple Provider Router DLL Microsoft Corporation C:\Windows\SysWOW64\mpr.dllmpr.dll.mui Multiple Provider Router DLL Microsoft Corporation C:\Windows\SysWOW64\en-US\mpr.dll.muimsasn1.dll ASN.1 Runtime APIs Microsoft Corporation C:\Windows\SysWOW64\msasn1.dllmscms.dll Microsoft Color Matching System DLL Microsoft Corporation C:\Windows\SysWOW64\mscms.dllmsctf.dll MSCTF Server DLL Microsoft Corporation C:\Windows\SysWOW64\msctf.dllmsctf.dll.mui MSCTF Server DLL Microsoft Corporation C:\Windows\SysWOW64\en-US\msctf.dll.muimshtml.dll Microsoft ® HTML Viewer Microsoft Corporation C:\Windows\SysWOW64\mshtml.dllmshtml.dll.mui Microsoft ® HTML Viewer Microsoft Corporation C:\Windows\SysWOW64\en-US\mshtml.dll.muimsimg32.dll GDIEXT Client DLL Microsoft Corporation C:\Windows\SysWOW64\msimg32.dllMSIMGSIZ.DAT C:\Users\Sakura\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DATmsimtf.dll Active IMM Server DLL Microsoft Corporation C:\Windows\SysWOW64\msimtf.dllmsls31.dll Microsoft Line Services library file Microsoft Corporation C:\Windows\SysWOW64\msls31.dllmssprxy.dll Microsoft Search Proxy Microsoft Corporation C:\Windows\SysWOW64\mssprxy.dllmsvcp110.dll Microsoft® C Runtime Library Microsoft Corporation C:\Users\Sakura\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\msvcp110.dllmsvcp80.dll Microsoft® C++ Runtime Library Microsoft Corporation C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcp80.dllmsvcp90.dll Microsoft® C++ Runtime Library Microsoft Corporation C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dllmsvcr110.dll Microsoft® C Runtime Library Microsoft Corporation C:\Users\Sakura\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\msvcr110.dllmsvcr80.dll Microsoft® C Runtime Library Microsoft Corporation C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dllmsvcr90.dll Microsoft® C Runtime Library Microsoft Corporation C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dllmsvcrt.dll Windows NT CRT DLL Microsoft Corporation C:\Windows\SysWOW64\msvcrt.dllmswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation C:\Windows\SysWOW64\mswsock.dllmsxml3.dll MSXML 3.0 SP11 Microsoft Corporation C:\Windows\SysWOW64\msxml3.dllmsxml3r.dll XML Resources Microsoft Corporation C:\Windows\SysWOW64\msxml3r.dllmsxml6.dll MSXML 6.0 SP3 Microsoft Corporation C:\Windows\SysWOW64\msxml6.dllmsxml6r.dll XML Resources Microsoft Corporation C:\Windows\SysWOW64\msxml6r.dllncrypt.dll Windows cryptographic library Microsoft Corporation C:\Windows\SysWOW64\ncrypt.dllnetprofm.dll Network List Manager Microsoft Corporation C:\Windows\SysWOW64\netprofm.dllnetshell.dll Network Connections Shell Microsoft Corporation C:\Windows\SysWOW64\netshell.dllnetutils.dll Net Win32 API Helpers DLL Microsoft Corporation C:\Windows\SysWOW64\netutils.dllnetworkexplorer.dll Network Explorer Microsoft Corporation C:\Windows\SysWOW64\networkexplorer.dllnlaapi.dll Network Location Awareness 2 Microsoft Corporation C:\Windows\SysWOW64\nlaapi.dllnormaliz.dll Unicode Normalization DLL Microsoft Corporation C:\Windows\SysWOW64\normaliz.dllnpmproxy.dll Network List Manager Proxy Microsoft Corporation C:\Windows\SysWOW64\npmproxy.dllnsi.dll NSI User-mode interface DLL Microsoft Corporation C:\Windows\SysWOW64\nsi.dllntdll.dll NT Layer DLL Microsoft Corporation C:\Windows\System32\ntdll.dllntdll.dll NT Layer DLL Microsoft Corporation C:\Windows\SysWOW64\ntdll.dllntlanman.dll Microsoft® Lan Manager Microsoft Corporation C:\Windows\SysWOW64\ntlanman.dllntmarta.dll Windows NT MARTA provider Microsoft Corporation C:\Windows\SysWOW64\ntmarta.dllntshrui.dll Shell extensions for sharing Microsoft Corporation C:\Windows\SysWOW64\ntshrui.dllOFFICE.ODF Microsoft Office culture data dll Microsoft Corporation C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODFole32.dll Microsoft OLE for Windows Microsoft Corporation C:\Windows\SysWOW64\ole32.dlloleaut32.dll Microsoft Corporation C:\Windows\SysWOW64\oleaut32.dllpowrprof.dll Power Profile Helper DLL Microsoft Corporation C:\Windows\SysWOW64\powrprof.dllprofapi.dll User Profile Basic API Microsoft Corporation C:\Windows\SysWOW64\profapi.dllpropsys.dll Microsoft Property System Microsoft Corporation C:\Windows\SysWOW64\propsys.dllpropsys.dll.mui Microsoft Property System Microsoft Corporation C:\Windows\SysWOW64\en-US\propsys.dll.muipsapi.dll Process Status Helper Microsoft Corporation C:\Windows\SysWOW64\psapi.dllrasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation C:\Windows\SysWOW64\rasadhlp.dllriched20.dll Rich Text Edit Control, v3.1 Microsoft Corporation C:\Windows\SysWOW64\riched20.dllrpcrt4.dll Remote Procedure Call Runtime Microsoft Corporation C:\Windows\SysWOW64\rpcrt4.dllRpcRtRemote.dll Remote RPC Extension Microsoft Corporation C:\Windows\SysWOW64\RpcRtRemote.dllrsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation C:\Windows\SysWOW64\rsaenh.dllsamcli.dll Security Accounts Manager Client DLL Microsoft Corporation C:\Windows\SysWOW64\samcli.dllsamlib.dll SAM Library DLL Microsoft Corporation C:\Windows\SysWOW64\samlib.dllschannel.dll TLS / SSL Security Provider Microsoft Corporation C:\Windows\SysWOW64\schannel.dllsechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation C:\Windows\SysWOW64\sechost.dllsecur32.dll Security Support Provider Interface Microsoft Corporation C:\Windows\SysWOW64\secur32.dllsetupapi.dll Windows Setup API Microsoft Corporation C:\Windows\SysWOW64\setupapi.dllsetupapi.dll.mui Windows Setup API Microsoft Corporation C:\Windows\SysWOW64\en-US\setupapi.dll.muishdocvw.dll Shell Doc Object and Control Library Microsoft Corporation C:\Windows\SysWOW64\shdocvw.dllshell32.dll Windows Shell Common Dll Microsoft Corporation C:\Windows\SysWOW64\shell32.dllshell32.dll.mui Windows Shell Common Dll Microsoft Corporation C:\Windows\SysWOW64\en-US\shell32.dll.muiShellStreams.dll Apple Photostreams UI Shell Extension Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dllShellStreamsLocalized.dll Apple Photostreams UI Resources Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.resources\en.lproj\ShellStreamsLocalized.dllshlwapi.dll Shell Light-weight Utility Library Microsoft Corporation C:\Windows\SysWOW64\shlwapi.dllSkyDriveShell.dll Microsoft OneDrive Shell Extension Microsoft Corporation C:\Users\Sakura\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\SkyDriveShell.dllslc.dll Software Licensing Client Dll Microsoft Corporation C:\Windows\SysWOW64\slc.dllSortDefault.nls C:\Windows\Globalization\Sorting\SortDefault.nlssrvcli.dll Server Service Client DLL Microsoft Corporation C:\Windows\SysWOW64\srvcli.dllssdpapi.dll SSDP Client API DLL Microsoft Corporation C:\Windows\SysWOW64\ssdpapi.dllsspicli.dll Security Support Provider Interface Microsoft Corporation C:\Windows\SysWOW64\sspicli.dllStaticCache.dat C:\Windows\Fonts\StaticCache.datstdole2.tlb Microsoft Corporation C:\Windows\SysWOW64\stdole2.tlbStructuredQuery.dll Structured Query Microsoft Corporation C:\Windows\SysWOW64\StructuredQuery.dllsxs.dll Fusion 2.5 Microsoft Corporation C:\Windows\SysWOW64\sxs.dllTelemetry.dll Telemetry Library Microsoft Corporation C:\Users\Sakura\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328_1\Telemetry.dllthumbcache.dll Microsoft Thumbnail Cache Microsoft Corporation C:\Windows\SysWOW64\thumbcache.dlltiptsf.dll Tablet PC Input Panel Text Services Framework Microsoft Corporation C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dllupnp.dll UPnP Control Point API Microsoft Corporation C:\Windows\SysWOW64\upnp.dllurlmon.dll OLE32 Extensions for Win32 Microsoft Corporation C:\Windows\SysWOW64\urlmon.dllurlmon.dll.mui OLE32 Extensions for Win32 Microsoft Corporation C:\Windows\SysWOW64\en-US\urlmon.dll.muiuser32.dll Multi-User Windows USER API Client DLL Microsoft Corporation C:\Windows\SysWOW64\user32.dlluser32.dll.mui Multi-User Windows USER API Client DLL Microsoft Corporation C:\Windows\SysWOW64\en-US\user32.dll.muiuserenv.dll Userenv Microsoft Corporation C:\Windows\SysWOW64\userenv.dllusp10.dll Uniscribe Unicode script processor Microsoft Corporation C:\Windows\SysWOW64\usp10.dlluTorrent.exe µTorrent BitTorrent Inc. D:\Utorrent\uTorrent.exeuxtheme.dll Microsoft UxTheme Library Microsoft Corporation C:\Windows\SysWOW64\uxtheme.dllversion.dll Version Checking and File Installation Libraries Microsoft Corporation C:\Windows\SysWOW64\version.dllwebio.dll Web Transfer Protocols API Microsoft Corporation C:\Windows\SysWOW64\webio.dllWindowsCodecs.dll Microsoft Windows Codecs Library Microsoft Corporation C:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecsExt.dll Microsoft Windows Codecs Extended Library Microsoft Corporation C:\Windows\SysWOW64\WindowsCodecsExt.dllwinhttp.dll Windows HTTP Services Microsoft Corporation C:\Windows\SysWOW64\winhttp.dllwininet.dll Internet Extensions for Win32 Microsoft Corporation C:\Windows\SysWOW64\wininet.dllwinmm.dll MCI API DLL Microsoft Corporation C:\Windows\SysWOW64\winmm.dllwinnsi.dll Network Store Information RPC interface Microsoft Corporation C:\Windows\SysWOW64\winnsi.dllwinsta.dll Winstation Library Microsoft Corporation C:\Windows\SysWOW64\winsta.dllwintrust.dll Microsoft Trust Verification APIs Microsoft Corporation C:\Windows\SysWOW64\wintrust.dllwkscli.dll Workstation Service Client DLL Microsoft Corporation C:\Windows\SysWOW64\wkscli.dllWldap32.dll Win32 LDAP API DLL Microsoft Corporation C:\Windows\SysWOW64\Wldap32.dllwow64.dll Win32 Emulation on NT64 Microsoft Corporation C:\Windows\System32\wow64.dllwow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation C:\Windows\System32\wow64cpu.dllwow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation C:\Windows\System32\wow64win.dllwpdshext.dll Portable Devices Shell Extension Microsoft Corporation C:\Windows\SysWOW64\wpdshext.dllws2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation C:\Windows\SysWOW64\ws2_32.dllwship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation C:\Windows\SysWOW64\wship6.dllwship6.dll.mui Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation C:\Windows\SysWOW64\en-US\wship6.dll.muiWSHTCPIP.DLL Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation C:\Windows\SysWOW64\WSHTCPIP.DLLwshtcpip.dll.mui Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation C:\Windows\SysWOW64\en-US\wshtcpip.dll.muiwsock32.dll Windows Socket 32-Bit DLL Microsoft Corporation C:\Windows\SysWOW64\wsock32.dllxmllite.dll Microsoft XmlLite Library Microsoft Corporation C:\Windows\SysWOW64\xmllite.dllzipfldr.dll Compressed (zipped) Folders Microsoft Corporation C:\Windows\SysWOW64\zipfldr.dll Link to dumps: http://sendfile.su/1010350 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.