swain69 Posted October 14, 2008 Report Posted October 14, 2008 Hi there,I'm experiencing a similiar problem to http://forum.utorrent.com/viewtopic.php?id=47551, the only thing is I'm not running Vista or AV. I've installed process explorer and noticed the DPCs averaging about 75 when utorrent is running. I've also installed RATT (not sure how to read those logs). Anyway, below is my hijackthis log file and Process Explorer log file.Any help will be appreciated.Thanks.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:54:34 p.m., on 14/10/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\tcpsvcs.exeC:\Program Files\TVersity\Media Server\MediaServer.exeC:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ALCXMNTR.EXEC:\Program Files\VDOTool\TBPanel.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\IVT Corporation\BlueSoleil\BtTray.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\BullGuard Ltd\BullGuard\bullguard.exeC:\Program Files\Microsoft ActiveSync\Wcescomm.exeC:\Program Files\RocketDock\RocketDock.exeC:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exeC:\PROGRA~1\MICROS~2\rapimgr.exeC:\Program Files\TP-LINK\TL-WN321G Wireless Utility\Installer\WINXP\TWCU.exeC:\Program Files\Xnet Usage Monitor\XNetUsage.exeC:\WINDOWS\System32\svchost.exeC:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exeC:\PROGRA~1\COPERN~1\DESKTO~1.EXEC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Microsoft\RATTV3\RATT.exeC:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX00.375\procexp.exeC:\Program Files\Windows NT\Accessories\WORDPAD.EXEC:\Program Files\TVersity\Media Server\web\admin\TVersity.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Program Files\uTorrent\uTorrent.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO3 - Toolbar: Copernic Desktop Search - Home - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand300000081.dllO4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXEO4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe /AO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe" -bootO4 - HKLM\..\Run: [btTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe"O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"O4 - HKCU\..\Run: [Copernic Desktop Search - Home] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /trayO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exeO4 - Startup: Xnet Usage Monitor.lnk = C:\Program Files\Xnet Usage Monitor\XNetUsage.exeO4 - Global Startup: RATT.lnk = C:\Program Files\Microsoft\RATTV3\RATT.exeO4 - Global Startup: TL-WN321G Wireless Utility.lnk = C:\Program Files\TP-LINK\TL-WN321G Wireless Utility\Installer\WINXP\TWCU.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dllO9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dllO9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1214633458268O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214647518953O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exeO23 - Service: BullGuard LiveUpdate (BgLiveSvc) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exeO23 - Service: BGRaSvc - BullGuard - C:\Program Files\BullGuard Ltd\BullGuard\support\bgrasvc.exeO23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exeO23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe--End of file - 8083 bytes-----------------------------------------------------------------------------------------Process Explorer Log FileProcess PID CPU Description Company NameSystem Idle Process 0 Interrupts n/a 1.20 Hardware Interrupts DPCs n/a 74.70 Deferred Procedure Calls System 4 3.61 smss.exe 1328 Windows NT Session Manager Microsoft Corporation csrss.exe 1408 Client Server Runtime Process Microsoft Corporation winlogon.exe 1432 Windows NT Logon Application Microsoft Corporation services.exe 1480 1.20 Services and Controller app Microsoft Corporation svchost.exe 1660 Generic Host Process for Win32 Services Microsoft Corporation rapimgr.exe 3320 ActiveSync RAPI Manager Microsoft Corporation DESKTO~1.EXE 604 Copernic Desktop Search - Home Copernic Inc. svchost.exe 1716 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1752 Generic Host Process for Win32 Services Microsoft Corporation GoogleUpdate.exe 3488 Google Installer Google Inc. svchost.exe 1824 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1996 Generic Host Process for Win32 Services Microsoft Corporation aawservice.exe 488 Ad-Aware Service Lavasoft spoolsv.exe 800 Spooler SubSystem App Microsoft Corporation BullGuardUpdate.exe 900 BullGuard LiveUpdate Service BullGuard Ltd. svchost.exe 916 Generic Host Process for Win32 Services Microsoft Corporation BlueSoleilCS.exe 936 BlueSoleilCS Module mDNSResponder.exe 964 Bonjour Service Apple Inc. svchost.exe 992 2.41 Generic Host Process for Win32 Services Microsoft Corporation MDM.EXE 1096 Machine Debug Manager Microsoft Corporation nvsvc32.exe 1172 NVIDIA Driver Helper Service, Version 91.47 NVIDIA Corporation tcpsvcs.exe 1268 TCP/IP Services Application Microsoft Corporation MediaServer.exe 1384 BsHelpCS.exe 1788 BsHelpCS Module alg.exe 408 Application Layer Gateway Service Microsoft Corporation svchost.exe 2564 Generic Host Process for Win32 Services Microsoft Corporation lsass.exe 1492 LSA Shell (Export Version) Microsoft Corporationexplorer.exe 1240 Windows Explorer Microsoft Corporation ALCXMNTR.EXE 2092 Realtek Audio - Event Monitor Realtek Semiconductor Corp. TBPANEL.exe 2308 VDOTool : Display Control Panel Palit Microsystems, Inc. rundll32.exe 2332 Run a DLL as an App Microsoft Corporation BtTray.exe 2348 BlueSoleil Bttray jusched.exe 2372 Java Platform SE binary Sun Microsystems, Inc. ctfmon.exe 2392 CTF Loader Microsoft Corporation BullGuard.exe 2400 BullGuard BullGuard Ltd. wcescomm.exe 2428 ActiveSync Connection Manager Microsoft Corporation RocketDock.exe 2964 DesktopSearchService.exe 3228 Copernic Desktop Search Service Copernic Inc. TWCU.exe 4044 TL-WN321G Wireless Utility TP-LINK TECHNOLOGIES CO., LTD. XNetUsage.exe 1244 Xnet Usage Meter WorldxChange Communications Limited firefox.exe 2716 2.41 Firefox Mozilla Corporation wordpad.exe 3428 WordPad MFC Application Microsoft Corporation TVersity.exe 2420 3.61 uTorrent.exe 2252 12.05 µTorrent BitTorrent, Inc.RATT.exe 3068 RATT - An Eeven Tracing For Windows Tool Microsoft Corporationprocexp.exe 2144 2.41 Sysinternals Process Explorer Sysinternals - www.sysinternals.comHijackThis.exe 2360 HijackThis Trend Micro Inc.Process: uTorrent.exe Pid: 2252Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.5512adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.5512ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.5512ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0001CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0700COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.5512comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.5512COMRes.dll Microsoft Corporation 2001.12.4414.0700credui.dll Credential Manager User Interface Microsoft Corporation 5.01.2600.5512CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.5512ctype.nls DesktopSearchSystem300000081.dll 2.00.0000.0004DnsApi.dll DNS Client API DLL Microsoft Corporation 5.01.2600.5625dot3api.dll 802.3 Autoconfiguration API Microsoft Corporation 5.01.2600.5512dot3dlg.dll 802.3 UI Helper Microsoft Corporation 5.01.2600.5512eappcfg.dll Eap Peer Config Microsoft Corporation 5.01.2600.5512eappprxy.dll Microsoft EAPHost Peer Client DLL Microsoft Corporation 5.01.2600.5512GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.5512hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.5512IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.5512Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.5512kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.5512locale.nls mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 1.00.0004.0012MFC80ENU.DLL MFC Language Specific Resources Microsoft Corporation 8.00.50727.0042MFC80U.DLL MFCDLL Shared Library - Retail Version Microsoft Corporation 8.00.50727.0042MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.5512MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.01.2600.5512MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.5512msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.5512mslbui.dll LangageBar Add In Microsoft Corporation 5.01.2600.5512MSVCP60.dll Microsoft ® C++ Runtime Library Microsoft Corporation 6.02.3104.0000MSVCP80.dll Microsoft® C++ Runtime Library Microsoft Corporation 8.00.50727.1801MSVCR80.dll Microsoft® C Runtime Library Microsoft Corporation 8.00.50727.1801msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.5512mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.5625netapi32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.5512netshell.dll Network Connections Shell Microsoft Corporation 5.01.2600.5512ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.5512ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.5512oleaut32.dll Microsoft Corporation 5.01.2600.5512OneX.DLL IEEE 802.1X supplicant library Microsoft Corporation 5.01.2600.5512PluginHook.dll SpamFilter Outlook Express Plugin BullGuard Software 8.00.0000.0002PluginHookRes.dll SpamFilter Outlook Express Resources BullGuard Ltd. 8.00.0000.0000PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.5512rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.5512RocketDock.dll RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.5512rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.5507rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.5512SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.5512Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.5512SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.5512SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.5512shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.5512SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.5512sortkey.nls sorttbls.nls SXS.DLL Fusion 2.5 Microsoft Corporation 5.01.2600.5512unicode.nls USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.5512USERENV.dll Userenv Microsoft Corporation 5.01.2600.5512uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.5512VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.5512WINSTA.dll Winstation Library Microsoft Corporation 5.01.2600.5512WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.5512WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.5512WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.5512wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.5512WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.01.2600.5512xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.01.2600.5512
DreadWingKnight Posted October 14, 2008 Report Posted October 14, 2008 DesktopSearchSystem300000081.dll 2.00.0000.0004PluginHook.dll SpamFilter Outlook Express Plugin BullGuard Software 8.00.0000.0002PluginHookRes.dll SpamFilter Outlook Express Resources BullGuard Ltd. 8.00.0000.0000Potential problems. Try disabling and/or uninstalling the associated applications.
swain69 Posted October 14, 2008 Author Report Posted October 14, 2008 Wow, that worked ! Thanks a millionMy torrent speeds have just doubled...bonus
Recommended Posts
Archived
This topic is now archived and is closed to further replies.