Massive RAM eater

geck222 · January 3, 2008

Utorrent is eating up all my ram, about 90% of my total memory (2gb). I noticed that the memory usage it doesnt increase, but rather Utorrent is perposly doing it. When i start up Utorrent, the status of my torrents say "checked 0.0%" Thats when it begins to eat up all my RAM. After that process is complete the memory goes back down to normal. Sure its a good thing but it usually takes 40 minutes before it finishes and it makes my computer super slow and super laggy during that time. :mad: Its rather annoying and I dont have the panetince to wait 40 mins doing nothing while Utorrent is doing this.

This happens only when i start up my computer. Which I tend to do a lot (save some electricity)

So what do I do to get rid of this problem?

DreadWingKnight · January 3, 2008

Give uTorrent a chance to gracefully shut down (enable bt.graceful_shutdown as well as giving it the extra chance).

jewelisheaven · January 4, 2008

DWKnight are you sure the increase during checking isn't a symptom of injected DLLs? When I have to re-check my files I don't notice any increased RAM usage, only increased disk I/O due to the hashing.

Firon · January 4, 2008

Is the utorrent.exe process eating the RAM, or is it just available RAM? If it's just available RAM dropping, that's Windows being stupid.

geck222 · January 4, 2008

Its still doing it, i gave at least 5 mins before shutting down utorrent then my computer. Now i turned on my compter again and its still doing the checked thing.

utorrent is just hogging up all my memory... (as shown in this screen shot)

DreadWingKnight · January 4, 2008

That doesn't show uTorrent using all the ram.

That shows all the ram being used while uTorrent is running.

The two aren't the same.

geck222 · January 4, 2008

Oh...

Still Utorrent Keeps doing that check and just making my computer slower then my windows 98 computer... :|

Id normally have about 600 mb of memory used when running Utorrent without this "check". Right now it jumped all the way to 1.8GB of memory used with the utorrent's "check".

ajones81 · January 4, 2008

What does the Processes tab say about the amount of RAM uTorrent is eating up when this happens?

geck222 · January 4, 2008

It says its using 9872k of memory (private working set).

DreadWingKnight · January 4, 2008

Which tells us it's more likely to be windows' disk cache being stupid.

Post the hijackthis log please, and a screenshot of the advanced tab of all IDE channel properties pages.

ajones81 · January 4, 2008

So... I'm guessing your system doesn't have only ~10 MB RAM?

Obviously its not uTorrent then. Plus doesn't seem to happen to anyone else while checking the data. Hard disk and CPU usage shoot way up, sure, but that's obvious. RAM usage? Not so much.

Sort using the RAM column and see which processes are eating up your RAM.

Edit: DWK, are you thinking of PIO vs. DMA? I mentioned CPU usage due to the possibility of PIO, but such massive RAM usage?

geck222 · January 4, 2008

Its firefox but i always run firefox and it never does something like this. So firefox isnt the source of my problem.

So how do you find this so called "hijackthis" log?

DreadWingKnight · January 4, 2008

http://forum.utorrent.com/viewtopic.php?id=29748

geck222 · January 4, 2008

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 1:55:48 PM, on 04/01/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16575)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\hp\support\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\TELUS_eCare_Lite\eCareTrayApp.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\K7 Computing\Common\K7SysTry.exe

C:\Program Files\K7 Computing\K7TSecurity\Common\K7TSecurity.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP Connections\6811507\Program\HP Connections.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Taskmgr.exe

C:\hp\kbd\kbd.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Kevin\Documents\ProcessExplorer\procexp.exe

C:\Windows\system32\mmc.exe

C:\Program Files\uTorrent\uTorrent.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=71&bd=Pavilion&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=71&bd=Pavilion&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [TELUS_eCare_Lite_McciTrayApp] C:\Program Files\TELUS_eCare_Lite\eCareTrayApp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [K7SystemTray] "C:\Program Files\K7 Computing\Common\K7SysTry.exe"

O4 - HKLM\..\Run: [K7TSStart] "C:\Program Files\K7 Computing\K7TSecurity\Common\K7TSecurity.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk.disabled

O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled

O4 - Global Startup: HP Connections.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: iPodSrv - Unknown owner - C:\Program Files\iPod\bin\iPodSrv.exe (file missing)

O23 - Service: K7Computng - EMail Proxy Server (K7EmlPxy) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\Common\K7EmlPxy.exe

O23 - Service: K7RealTime AntiVirus Services (K7RTScan) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\K7AntiVirus\K7RTScan.exe

O23 - Service: K7TotalSecurity Manager (K7TSMngr) - K7 Computing Pvt Ltd - C:\Program Files\K7 Computing\K7TSecurity\Common\K7TSMngr.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 7304 bytes

IDE Channels:

http://i135.photobucket.com/albums/q153/893167003/Untitled-1.jpg

jewelisheaven · January 4, 2008

Is Roxio set to index all the time? Or only when you tell it to.

geck222 · January 4, 2008

Im not sure, infact ive never even runned Roxio ever. Besides its my CD label maker i never use.

jewelisheaven · January 5, 2008

Hmm, well that stands out so if you could try to remove the feature for or uninstall:

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

... That's my next suggestion. The escalation would be to use the Process Explorer mentioned in that thread, turn on the lower pane (Ctrl-L), click on utorrent.exe and save (Ctrl-A) and paste the DLL list.

It will say whether there are any other DLLs in utorrent, if no external problems are causing the incompatibility it may be one is injected. :/ Sorry I don't have a specific solution.

geck222 · January 5, 2008

Process PID CPU Description Company Name

System Idle Process 0 73.90

Interrupts n/a Hardware Interrupts

DPCs n/a 0.67 Deferred Procedure Calls

System 4 1.34

smss.exe 428

csrss.exe 492

wininit.exe 540

services.exe 584

svchost.exe 784

mobsync.exe 3144 Microsoft Sync Center Microsoft Corporation

ehmsas.exe 3640 Media Center Media Status Aggregator Service Microsoft Corporation

WLLoginProxy.exe 4396 WLLoginProxy.exe Microsoft Corporation

K7TSAlrt.exe 4576 K7ISNotify1 Module K7 Computing Pvt Ltd

svchost.exe 840

svchost.exe 872

svchost.exe 924

audiodg.exe 1056

svchost.exe 960 0.67

WUDFHost.exe 2160

dwm.exe 2712 2.02 Desktop Window Manager Microsoft Corporation

svchost.exe 988

taskeng.exe 2676 Task Scheduler Engine Microsoft Corporation

wsqmcons.exe 5648 Windows SQM Consolidator Microsoft Corporation

taskeng.exe 2896

rundll32.exe 5124

lpremove.exe 5932

lpksetup.exe 5024

taskeng.exe 4228

RacAgent.exe 4412

SLsvc.exe 1080

svchost.exe 1116

svchost.exe 1240

spoolsv.exe 1380

svchost.exe 1404

K7TSMngr.exe 356

LSSrvc.exe 452

svchost.exe 484

svchost.exe 532

svchost.exe 1188

SearchIndexer.exe 1448

SearchProtocolHost.exe 2316

XAudio.exe 1888

SDWinSec.exe 2068

K7EmlPxy.exe 2452

K7RTScan.exe 2464

alg.exe 3000

wmpnetwk.exe 3540

ehsched.exe 3716

ehrecvr.exe 2340

iPodService.exe 3748

usnsvc.exe 4628

lsass.exe 596

lsm.exe 608

csrss.exe 552

winlogon.exe 728

explorer.exe 2800 Windows Explorer Microsoft Corporation

MSASCui.exe 3036 Windows Defender User Interface Microsoft Corporation

hpsysdrv.exe 3096 hpsysdrv Hewlett-Packard Company

OSD.exe 3260 OsdMaestro main program OsdMaestro

hpwuSchd2.exe 3284 Hewlett-Packard Product Assistant Hewlett-Packard Co.

eCareTrayApp.exe 3316 TELUS eCare TrayApp TELUS

jusched.exe 3344 Java Platform SE binary Sun Microsystems, Inc.

K7SysTry.exe 3364 Common Host for Task Tray K7 Computing Pvt Ltd

K7TSecurity.exe 3388 K7TSecurity User Manager K7 Computing Pvt Ltd

iTunesHelper.exe 3404 iTunesHelper Module Apple Inc.

ehtray.exe 3424 Media Center Tray Applet Microsoft Corporation

TeaTimer.exe 3440 System settings protector Safer Networking Limited

msnmsgr.exe 3448 Windows Live Messenger Microsoft Corporation

wmpnscfg.exe 3456 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

sidebar.exe 3464 Windows Sidebar Microsoft Corporation

HP Connections.exe 3504 HP Connections Hewlett Packard

procexp.exe 5608 4.66 Sysinternals Process Explorer Sysinternals

uTorrent.exe 5752 1.33

ieuser.exe 4300 Internet Explorer Microsoft Corporation

iexplore.exe 4388 6.66 Internet Explorer Microsoft Corporation

kbd.exe 5984 KBD EXE Hewlett-Packard Company

Process: uTorrent.exe Pid: 5752

Type Name

Section \BaseNamedObjects\__ComCatalogCache__

Section \BaseNamedObjects\windows_shell_global_counters

Desktop \Default

File \Device\Afd

File \Device\KsecDD

File \Device\Nsi

Directory \KnownDlls

Directory \Sessions\1\BaseNamedObjects

Mutant \Sessions\1\BaseNamedObjects\µTorrent4823DF041B09

Mutant \Sessions\1\BaseNamedObjects\MSCTF.Asm.MutexDefaultS-1-5-21-4165263297-1303354852-3422784396-1000

Section \Sessions\1\BaseNamedObjects\windows_shell_global_counters

WindowStation \Sessions\1\Windows\WindowStations\WinSta0

File C:\Users\Kevin\Desktop

File

File C:\WINDOWS\System32\en-US\msctf.dll.mui

File C:\WINDOWS\System32\en-US\setupapi.dll.mui

File C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100

Key HKCU

Key HKCU\Software\Classes

Key HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer

Key HKLM

Key HKLM\SYSTEM\ControlSet001\Control\Nls\Language Groups

Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale

Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale\Alternate Sorts

Key HKLM\SYSTEM\ControlSet001\Control\Session Manager

Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5

Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9

Thread uTorrent.exe(5752): 4308

Thread uTorrent.exe(5752): 4976

Thread uTorrent.exe(5752): 5200

Thread uTorrent.exe(5752): 5756

________________________________________________________________

The empty spaces where the "file" are the files im downloading. I removed them off this list to follow forums rules.

I can tell you that each file is about 170 mb and theres about 100+ of them (total 30gb). They are Quoted till they are checked thats why you dont see 100 of them on this list, then more of them are added into this list till they are all checked. (theres 2 torrent files)

Oh i found something interesting when it was checking the my 2nd torrent. (see below)

Mass Spamming of one file.. (File \Device\Afd)

____________________________________________________________________

Process PID CPU Description Company Name

System Idle Process 0 86.20

Interrupts n/a 1.32 Hardware Interrupts

DPCs n/a 1.32 Deferred Procedure Calls

System 4 0.81

smss.exe 428

csrss.exe 492

wininit.exe 540

services.exe 584 0.06

svchost.exe 784

mobsync.exe 3144 Microsoft Sync Center Microsoft Corporation

ehmsas.exe 3640 Media Center Media Status Aggregator Service Microsoft Corporation

WLLoginProxy.exe 4396 WLLoginProxy.exe Microsoft Corporation

K7TSAlrt.exe 4576 K7ISNotify1 Module K7 Computing Pvt Ltd

svchost.exe 840

svchost.exe 872

svchost.exe 924

audiodg.exe 1056

svchost.exe 960 0.69

WUDFHost.exe 2160

dwm.exe 2712 0.88 Desktop Window Manager Microsoft Corporation

svchost.exe 988

taskeng.exe 2676 Task Scheduler Engine Microsoft Corporation

taskeng.exe 2896

rundll32.exe 5124

lpremove.exe 5932

lpksetup.exe 5024

taskeng.exe 4228

RacAgent.exe 4412

SLsvc.exe 1080

svchost.exe 1116

svchost.exe 1240

spoolsv.exe 1380

svchost.exe 1404

K7TSMngr.exe 356

LSSrvc.exe 452

svchost.exe 484

svchost.exe 532

svchost.exe 1188

SearchIndexer.exe 1448

SearchProtocolHost.exe 5856

XAudio.exe 1888

SDWinSec.exe 2068

K7EmlPxy.exe 2452

K7RTScan.exe 2464

alg.exe 3000

wmpnetwk.exe 3540

ehsched.exe 3716

ehrecvr.exe 2340

iPodService.exe 3748

usnsvc.exe 4628

lsass.exe 596

lsm.exe 608

csrss.exe 552 0.19

winlogon.exe 728

explorer.exe 2800 0.44 Windows Explorer Microsoft Corporation

MSASCui.exe 3036 Windows Defender User Interface Microsoft Corporation

hpsysdrv.exe 3096 hpsysdrv Hewlett-Packard Company

OSD.exe 3260 OsdMaestro main program OsdMaestro

hpwuSchd2.exe 3284 Hewlett-Packard Product Assistant Hewlett-Packard Co.

eCareTrayApp.exe 3316 TELUS eCare TrayApp TELUS

jusched.exe 3344 Java Platform SE binary Sun Microsystems, Inc.

K7SysTry.exe 3364 Common Host for Task Tray K7 Computing Pvt Ltd

K7TSecurity.exe 3388 K7TSecurity User Manager K7 Computing Pvt Ltd

iTunesHelper.exe 3404 iTunesHelper Module Apple Inc.

ehtray.exe 3424 Media Center Tray Applet Microsoft Corporation

TeaTimer.exe 3440 0.25 System settings protector Safer Networking Limited

msnmsgr.exe 3448 Windows Live Messenger Microsoft Corporation

wmpnscfg.exe 3456 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

sidebar.exe 3464 Windows Sidebar Microsoft Corporation

HP Connections.exe 3504 0.06 HP Connections Hewlett Packard

procexp.exe 5608 1.94 Sysinternals Process Explorer Sysinternals

uTorrent.exe 5752 5.95

ieuser.exe 4300 Internet Explorer Microsoft Corporation

iexplore.exe 4388 Internet Explorer Microsoft Corporation

kbd.exe 5984 KBD EXE Hewlett-Packard Company

Process: uTorrent.exe Pid: 5752

Type Name

Section \BaseNamedObjects\__ComCatalogCache__

Section \BaseNamedObjects\windows_shell_global_counters

Desktop \Default

File \Device\Afd

File \Device\KsecDD

File \Device\Nsi

Directory \KnownDlls

Directory \Sessions\1\BaseNamedObjects

Mutant \Sessions\1\BaseNamedObjects\µTorrent4823DF041B09

Mutant \Sessions\1\BaseNamedObjects\MSCTF.Asm.MutexDefaultS-1-5-21-4165263297-1303354852-3422784396-1000

Section \Sessions\1\BaseNamedObjects\windows_shell_global_counters

WindowStation \Sessions\1\Windows\WindowStations\WinSta0

File C:\Users\Kevin\Desktop

File

File C:\WINDOWS\System32\en-US\kernel32.dll.mui

File C:\WINDOWS\System32\en-US\msctf.dll.mui

File C:\WINDOWS\System32\en-US\setupapi.dll.mui

File C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100

Key HKCU

Key HKCU\Software\Classes

Key HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer

Key HKLM

Key HKLM\SYSTEM\ControlSet001\Control\Nls\Language Groups

Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale

Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale\Alternate Sorts

Key HKLM\SYSTEM\ControlSet001\Control\Session Manager

Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5

Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9

Thread uTorrent.exe(5752): 4308

Thread uTorrent.exe(5752): 4976

Thread uTorrent.exe(5752): 5200

Thread uTorrent.exe(5752): 5756

jewelisheaven · January 6, 2008

Hmm, could you edit one of the logs from above with the output when you open procexp.exe and switch to DLL mode (Ctrl-D) and click on utorrent.exe?

Those logs actually show the alternate mode of "handles" opened... which spikes CPU usage when you're making alot of TCP/IP connections you will see alot of /Device/tcp connection handles (sorry about that )

As far as processes which may have put DLLs into uT's process which you'll see for yourself when you switch to DLL mode:

SearchIndexer.exe 1448

SearchProtocolHost.exe 2316

I really don't know if that's builtin to Vista or not, but seeing anything relating to search, AND / OR DLLs outside of \system32 or NOT by Microsoft Corp. can be a bad sign.

Firon · January 6, 2008

As far as checking when you start ut, make sure all the torrents finish checking, then enable bt.graceful_shutdown and make sure ut closes properly.

Massive RAM eater

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived