UTorrent sporadically freezing computer


Vista 32 bit/1.8.1 UT/ Internet Connection Firewall/Belkin Wireless G Plus 2.4 Ghz router (belkin firewall turned off)/Time Warner Cable

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:01:57 PM, on 11/9/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:




C:\Program Files\Windows Defender\MSASCui.exe


C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files\iTunes\iTunesHelper.exe


C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\DAEMON Tools\daemon.exe


C:\Program Files\uTorrent\uTorrent.exe



C:\Program Files\Palm\Hotsync.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE


c:\program files\common files\installshield\updateservice\isuspm.exe


C:\Program Files\Mozilla Firefox\firefox.exe




R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.daemonsearch.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O1 - Hosts: auto.search.msn.com

O1 - Hosts: auto.search.msn.es

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [HotSync] "C:\Program Files\Palm\Hotsync.exe" -AllUsers

O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\Run: [Google Update] "C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: HotSync Manager.lnk = ?

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Process PID CPU Description Company Name

DPCs n/a Deferred Procedure Calls

Interrupts n/a 2.27 Hardware Interrupts

System Idle Process 0 83.38

System 4 0.76

taskeng.exe 124 Task Scheduler Engine Microsoft Corporation

svchost.exe 308

explorer.exe 380 0.76 Windows Explorer Microsoft Corporation

smss.exe 452

csrss.exe 568

wininit.exe 620

csrss.exe 632

services.exe 664

lsass.exe 676

lsm.exe 688

winlogon.exe 796

svchost.exe 876

svchost.exe 944

svchost.exe 996

svchost.exe 1080

svchost.exe 1112

svchost.exe 1128

audiodg.exe 1240

SLsvc.exe 1288

svchost.exe 1316

SteamService.exe 1412

svchost.exe 1460

AppleMobileDeviceService.exe 1536

SearchFilterHost.exe 1552

vlc.exe 1568 6.06 VLC media player VideoLAN Team

spoolsv.exe 1672

svchost.exe 1696

svchost.exe 1772

firefox.exe 1896 2.27 Firefox Mozilla Corporation

dwm.exe 1996 1.52 Desktop Window Manager Microsoft Corporation

svchost.exe 2068

SearchIndexer.exe 2108 1.52

XAudio.exe 2172

SearchProtocolHost.exe 2220

MSASCui.exe 2488 Windows Defender User Interface Microsoft Corporation

RtHDVCpl.exe 2512 HD Audio Control Panel Realtek Semiconductor

issch.exe 2524 Macrovision FLEXnet Connect Scheduler Macrovision Corporation

HiJackThis.exe 2712

agent.exe 2836 Macrovision FLEXnet Connect Agent Macrovision Corporation

GrooveMonitor.exe 2980 GrooveMonitor Utility Microsoft Corporation

XBoxStat.exe 2988 XBoxStat.exe Microsoft Corporation

iTunesHelper.exe 3008 iTunesHelper Module Apple Inc.

rundll32.exe 3152 Windows host process (Rundll32) Microsoft Corporation

wmpnscfg.exe 3228 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation

wmpnetwk.exe 3268

Steam.exe 3324 Steam Valve Corporation

daemon.exe 3424 Virtual DAEMON Manager DT Soft Ltd.

ehtray.exe 3456 Media Center Tray Applet Microsoft Corporation

iPodService.exe 3468

uTorrent.exe 3476 µTorrent BitTorrent, Inc.

ehmsas.exe 3496 Media Center Media Status Aggregator Service Microsoft Corporation

GoogleUpdate.exe 3524 Google Installer Google Inc.

Hotsync.exe 3652 HotSync® Manager Application PalmSource, Inc

ONENOTEM.EXE 3712 Microsoft Office OneNote Quick Launcher Microsoft Corporation

taskeng.exe 3760

WinRAR.exe 3868

ISUSPM.exe 3884 Macrovision FLEXnet Connect Software Manager Macrovision Corporation

rundll32.exe 3976 Windows host process (Rundll32) Microsoft Corporation

procexp.exe 5316 1.52 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: uTorrent.exe Pid: 3476

Name Description Company Name Version

actxprxy.dll ActiveX Interface Marshaling Library Microsoft Corporation 6.00.6001.18000

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.00.6001.18000

apphelp.dll Application Compatibility Client Library Microsoft Corporation 6.00.6001.18000

ATL80.DLL ATL Module for Windows (Unicode) Microsoft Corporation 8.00.50727.0762

browseui.dll Shell Browser UI Library Microsoft Corporation 6.00.6001.18000

CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000

comctl32.dll.mui User Experience Controls Library Microsoft Corporation 6.10.6001.18000

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.6001.18000

CRYPT32.dll Crypto API32 Microsoft Corporation 6.00.6001.18000

cscapi.dll Offline Files Win32 API Microsoft Corporation 6.00.6001.18000

dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.00.6001.18000

dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.00.6001.18000

DnsApi.dll DNS Client API DLL Microsoft Corporation 6.00.6001.18000

DUser.dll Windows DirectUser Engine Microsoft Corporation 6.00.6001.18000

duser.dll.mui Windows DirectUser Engine Microsoft Corporation 6.00.6000.16386

dwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation 6.00.6001.18000

FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.00.6001.18000

GDI32.dll GDI Client DLL Microsoft Corporation 6.00.6001.18023

GrooveNew.DLL GrooveNew Module Microsoft Corporation 12.00.6211.1000

GrooveShellExtensions.dll GrooveShellExtensions Module Microsoft Corporation 12.00.6211.1000

GrooveSystemServices.dll GrooveSystemServices Module Microsoft Corporation 12.00.6211.1000

GrooveUtil.DLL GrooveUtil Module Microsoft Corporation 12.00.6211.1000

ieframe.dll Internet Explorer Microsoft Corporation 7.00.6001.18148

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6001.18148

imageres.dll Windows Image Resource Microsoft Corporation 6.00.6000.16386

imageres.dll.mui Windows Image Resource Microsoft Corporation 6.00.6000.16386

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.00.6001.18000

Iphlpapi.dll IP Helper API Microsoft Corporation 6.00.6001.18000

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.00.6001.18000

LINKINFO.dll Windows Volume Tracking Microsoft Corporation 6.00.6000.16386



LPK.DLL Language Pack Microsoft Corporation 6.00.6001.18000

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.00.6000.16386

MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.00.6001.18000

MSImg32.dll GDIEXT Client DLL Microsoft Corporation 6.00.6000.16386

msshsq.dll Structured Query Microsoft Corporation 7.00.6001.16503

MSVCR80.dll Microsoft® C Runtime Library Microsoft Corporation 8.00.50727.1434

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.6001.18000

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.00.6001.18000

msxml3.dll MSXML 3.0 SP10 Microsoft Corporation 8.100.1043.0000

msxml3r.dll XML Resources Microsoft Corporation 8.20.8730.0001

napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.00.6001.18000

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 6.00.6001.18157

NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.00.6001.18000

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.00.6000.16386

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.00.6001.18000

ntdll.dll NT Layer DLL Microsoft Corporation 6.00.6001.18000

NTMARTA.DLL Windows NT MARTA provider Microsoft Corporation 6.00.6001.18000

ntshrui.dll Shell extensions for sharing Microsoft Corporation 6.00.6001.18000

ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.00.6001.18000

oleaut32.dll Microsoft Corporation 6.00.6001.18000

pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.00.6001.18000

PROPSYS.dll Microsoft Property System Microsoft Corporation 7.00.6001.16503

PSAPI.DLL Process Status Helper Microsoft Corporation 6.00.6000.16386


rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.00.6000.16386

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.00.6001.18051

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.00.6001.18000

SAMLIB.dll SAM Library DLL Microsoft Corporation 6.00.6001.18000

Secur32.dll Security Support Provider Interface Microsoft Corporation 6.00.6001.18000

SETUPAPI.dll Windows Setup API Microsoft Corporation 6.00.6001.18000

SHDOCVW.dll Shell Doc Object and Control Library Microsoft Corporation 6.00.6001.18000

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.6001.18062

shfolder.dll Shell Folder Service Microsoft Corporation 6.00.6000.16386

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.6001.18000

slc.dll Software Licensing Client Dll Microsoft Corporation 6.00.6001.18000

thumbcache.dll Microsoft Thumbnail Cache Microsoft Corporation 6.00.6001.18000

tiptsf.dll Tablet PC Input Panel Text Services Framework Microsoft Corporation 6.00.6001.18000

urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.00.6001.18148

USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000

user32.dll.mui Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000

USERENV.dll Userenv Microsoft Corporation 6.00.6001.18000

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000

uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.6001.18000

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.00.6001.18000

WindowsCodecs.dll Microsoft Windows Codecs Library Microsoft Corporation 6.00.6001.18000

WININET.dll Internet Extensions for Win32 Microsoft Corporation 7.00.6001.18148

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.00.6001.18000

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.00.6000.16386

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.00.6001.18000

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.00.6001.18000

wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.00.6001.18000

wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.00.6001.18000

