Jump to content

utorrent take more mem usage untill its crash


assem

Recommended Posts

hi,

im using utorrent 1.8.1 with a windows server 2003 64bit

whenever i start download utorrent start eating mem usage until its crash, (usually its crash at 1.9gb of ram usage)

no matter the speed download is, or the file size, just when start download,

when i do seeding it work very good, no problem at all, and the usage of memory is about 8-10 mb

anyone had this problem before? any solution available ?

btw,

i've tried other version of the utorrent including the 1.7.7 and 1.9 alpha and all of them have this problem,

my spec:

4 gig ram,

xeon 2.83g

windows server 2003 r2, 64 bit sp2

Link to comment
Share on other sites

i hope this can give some information about my problem.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:47:02, on 09/12/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\HJTInstall.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = res://shdoclc.dll/hardAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME (x86)\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\SysWow64\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\SysWow64\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\SysWOW64\JMRaidTool.exe boot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent1.9\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O15 - ESC Trusted Zone: http://mirror.1nsk.ru
O15 - ESC Trusted Zone: http://fs3.filehippo.com
O15 - ESC Trusted Zone: http://fs4.filehippo.com
O15 - ESC Trusted Zone: http://www.filehippo.com
O15 - ESC Trusted Zone: http://*.filehippo.com
O15 - ESC Trusted Zone: http://www.google-analytics.com
O15 - ESC Trusted Zone: http://pagead2.googlesyndication.com
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://internap.dl.sourceforge.net
O15 - ESC Trusted Zone: http://download.utorrent.com
O15 - ESC Trusted Zone: http://m.webtrends.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://runonce.msn.com (HKLM)
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1182182446101
O17 - HKLM\System\CCS\Services\Tcpip\..\{04EF15B5-2E49-4B9E-8137-B5FA575ED829}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E04BDCD-C453-4FC4-90B4-54E019716D6F}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{1073A361-7E3C-474B-AF2F-0B8857382C38}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{1BB85F30-BEA9-4CA7-BD99-E2A39D8981A6}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AABE1FB-68F5-450C-BEC1-0DE37833A46E}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C541F01-5E77-486F-9149-FE5D64F66451}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{526CB2DA-3368-47B9-97C0-D219CE6789DE}: NameServer = 213.186.33.99
O17 - HKLM\System\CCS\Services\Tcpip\..\{64B1D3C0-ED74-4C82-BA2A-E36F011D302A}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{9409D708-7D20-4E71-82E9-E49DBCF7A299}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{97695322-447E-4C65-A0B8-DC6EF243DCD4}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2A6165D-32C2-455E-8979-17E9658B690B}: NameServer = 10.48.100.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{F815D980-4D5D-4898-A704-AC6E42B255A5}: NameServer = 10.48.100.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{04EF15B5-2E49-4B9E-8137-B5FA575ED829}: NameServer = 10.48.100.2
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 7019 bytes

Process    PID    CPU    Description    Company Name
System Idle Process 0 78.91
Interrupts n/a 0.78 Hardware Interrupts
DPCs n/a 3.91 Deferred Procedure Calls
System 4 0.39
smss.exe 300 Windows NT Session Manager Microsoft Corporation
csrss.exe 348 Client Server Runtime Process Microsoft Corporation
winlogon.exe 372 Windows NT Logon Application Microsoft Corporation
services.exe 420 Services and Controller app Microsoft Corporation
svchost.exe 584 Generic Host Process for Win32 Services Microsoft Corporation
wmiprvse.exe 1756 WMI Microsoft Corporation
wmiprvse.exe 2144 WMI Microsoft Corporation
svchost.exe 676 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 748 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 784 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 800 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 936 Spooler SubSystem App Microsoft Corporation
msdtc.exe 972 MS DTCconsole program Microsoft Corporation
svchost.exe 1084 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1124 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1384 Generic Host Process for Win32 Services Microsoft Corporation
alg.exe 1572 Application Layer Gateway Service Microsoft Corporation
svchost.exe 488 Generic Host Process for Win32 Services Microsoft Corporation
lsass.exe 432 LSA Shell Microsoft Corporation
logon.scr 1932 Logon Screen Saver Microsoft Corporation
csrss.exe 2256 Client Server Runtime Process Microsoft Corporation
winlogon.exe 812 Windows NT Logon Application Microsoft Corporation
rdpclip.exe 2600 RDP Clip Monitor Microsoft Corporation
ctfmon.exe 592 CTF Loader Microsoft Corporation
ctfmon.exe 2848 CTF Loader Microsoft Corporation
explorer.exe 2372 Windows Explorer Microsoft Corporation
uTorrent.exe 316 16.02 µTorrent BitTorrent, Inc.
procexp.exe 2808 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
procexp64.exe 920 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process    PID    CPU    Description    Company Name
System Idle Process 0 99.69
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 300 Windows NT Session Manager Microsoft Corporation
csrss.exe 348 Client Server Runtime Process Microsoft Corporation
winlogon.exe 372 Windows NT Logon Application Microsoft Corporation
services.exe 420 0.31 Services and Controller app Microsoft Corporation
svchost.exe 584 Generic Host Process for Win32 Services Microsoft Corporation
wmiprvse.exe 1756 WMI Microsoft Corporation
svchost.exe 676 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 748 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 784 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 800 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 936 Spooler SubSystem App Microsoft Corporation
msdtc.exe 972 MS DTCconsole program Microsoft Corporation
svchost.exe 1084 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1124 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1384 Generic Host Process for Win32 Services Microsoft Corporation
alg.exe 1572 Application Layer Gateway Service Microsoft Corporation
svchost.exe 488 Generic Host Process for Win32 Services Microsoft Corporation
lsass.exe 432 LSA Shell Microsoft Corporation
logon.scr 1932 Logon Screen Saver Microsoft Corporation
csrss.exe 2256 Client Server Runtime Process Microsoft Corporation
winlogon.exe 812 Windows NT Logon Application Microsoft Corporation
rdpclip.exe 2600 RDP Clip Monitor Microsoft Corporation
igfxsrvc.exe 508 igfxsrvc Module Intel Corporation
ctfmon.exe 592 CTF Loader Microsoft Corporation
ctfmon.exe 2848 CTF Loader Microsoft Corporation
explorer.exe 2372 Windows Explorer Microsoft Corporation
uTorrent.exe 2976 µTorrent BitTorrent, Inc.
firefox.exe 3004 Firefox Mozilla Corporation
procexp.exe 2808 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
procexp64.exe 3044 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: uTorrent.exe Pid: 2976

Name Description Company Name Version
ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.02.3790.3959
adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.02.3790.3959
ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.02.3790.3959
apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.02.3790.3959
ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000
CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.4720.3959
CLUSAPI.dll Cluster API Library Microsoft Corporation 5.02.3790.3959
COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.3790.3959
comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.3790.3959
COMRes.dll COM+ Resources Microsoft Corporation 2001.12.4720.3959
credui.dll Credential Manager User Interface Microsoft Corporation 5.02.3790.3959
CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.3790.3959
cryptnet.dll Crypto Network Related API Microsoft Corporation 5.131.3790.3959
ctype.nls
DnsApi.dll DNS Client API DLL Microsoft Corporation 5.02.3790.4318
dssenh.dll Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider Microsoft Corporation 5.02.3790.3959
GDI32.dll GDI Client DLL Microsoft Corporation 5.02.3790.4237
hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.02.3790.3959
iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6000.16735
imagehlp.dll Windows NT Image Helper Microsoft Corporation 5.02.3790.3959
IMM32.DLL Windows IMM32 API Client DLL Microsoft Corporation 5.02.3790.3959
index.dat
index.dat
index.dat
Iphlpapi.dll IP Helper API Microsoft Corporation 5.02.3790.3959
kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.02.3790.4062
locale.nls
LPK.DLL Language Pack Microsoft Corporation 5.02.3790.3959
MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.02.3790.3959
msapsspc.dll
MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.02.3790.3959
MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.02.3790.3959
msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.02.3790.3959
msnsspc.dll
msv1_0.DLL Microsoft Authentication Package v1.0 Microsoft Corporation 5.02.3790.3959
msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.3790.3959
MSVCRT40.dll
mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.02.3790.4318
netapi32.dll Net Win32 API DLL Microsoft Corporation 5.02.3790.4392
netshell.dll Network Connections Shell Microsoft Corporation 5.02.3790.3959
Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.00.5441.0000
ntdll.dll NT Layer DLL Microsoft Corporation 5.02.3790.3959
ntdll.dll NT Layer DLL Microsoft Corporation 5.02.3790.3959
ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.02.3790.3959
oleaut32.dll Microsoft Corporation 5.02.3790.4202
PSAPI.DLL Process Status Helper Microsoft Corporation 5.02.3790.3959
R000000000004.clb
rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.02.3790.3959
RASAPI32.dll Remote Access API Microsoft Corporation 5.02.3790.3959
rasman.dll Remote Access Connection Manager Microsoft Corporation 5.02.3790.3959
rdpsnd.dll Terminal Server MultiMedia Driver Microsoft Corporation 5.02.3790.1830
RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.02.3790.4115
rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.02.3790.3959
rtutils.dll Routing Utilities Microsoft Corporation 5.02.3790.1830
SAMLIB.dll SAM Library DLL Microsoft Corporation 5.02.3790.3959
schannel.dll TLS / SSL Security Provider Microsoft Corporation 5.02.3790.4068
Secur32.dll Security Support Provider Interface Microsoft Corporation 5.02.3790.3959
sensapi.dll SENS Connectivity API DLL Microsoft Corporation 5.02.3790.3959
SETUPAPI.dll Windows Setup API Microsoft Corporation 5.02.3790.3959
SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.3790.4184
shfolder.dll Shell Folder Service Microsoft Corporation 6.00.3790.1830
SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.3790.3959
sortkey.nls
sorttbls.nls
TAPI32.dll Microsoft® Windows(TM) Telephony API Client DLL Microsoft Corporation 5.02.3790.3959
unicode.nls
urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.00.6000.16735
USER32.dll Windows USER API Client DLL Microsoft Corporation 5.02.3790.4033
USERENV.dll Userenv Microsoft Corporation 5.02.3790.3959
USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.422.3790.3959
uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639
UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.3790.3959
VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.02.3790.1830
wininet.dll Internet Extensions for Win32 Microsoft Corporation 7.00.6000.16735
WINMM.dll MCI API DLL Microsoft Corporation 5.02.3790.3959
winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.02.3790.3959
WINSTA.dll Winstation Library Microsoft Corporation 5.02.3790.3959
wintrust.dll Microsoft Trust Verification APIs Microsoft Corporation 5.131.3790.3959
WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.02.3790.3959
wow64.dll Win32 Emulation on NT64 Microsoft Corporation 5.02.3790.3959
wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 5.02.3790.1830
wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 5.02.3790.3959
WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.02.3790.3959
WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.02.3790.1830
wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.02.3790.3959
xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.02.3790.3959

the crash dmp files:

http://www.youshare.com/Guest/a24763/DisplaySimple

Link to comment
Share on other sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:55:20 PM, on 12/12/2008

Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18241)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Thomson SpeedTouch\ST330\service\st330service.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\iolo\common\lib\ioloServiceManager.exe

C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\WINDOWS\cyb2k.exe

C:\Program Files\Folder Guard Pro\FGKey.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files\uTorrent\uTorrent.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avsmedia.com/VideoTools/buy.aspx

R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.14.0\MySpaceToolbar.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll

O3 - Toolbar: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.14.0\MySpaceToolbar.dll

O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"

O4 - HKLM\..\Run: [C2K] C:\WINDOWS\cyb2k.exe

O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP

O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228755882375

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{1098CA37-22A8-4BE8-9075-2731B3E4E293}: NameServer = 193.188.97.209 193.188.97.212

O17 - HKLM\System\CS1\Services\Tcpip\..\{1098CA37-22A8-4BE8-9075-2731B3E4E293}: NameServer = 193.188.97.209 193.188.97.212

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll

O23 - Service: Norton2009 Reset (.norton2009Reset) - Unknown owner - C:\Program Files\Norton2009Reset.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe

O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson SpeedTouch/ST330/service/st330service.exe

--

End of file - 8339 bytes

PROCESS EXPLORER:

Process PID CPU Description Company Name

System Idle Process 0 50.00

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4 2.78

smss.exe 792 Windows NT Session Manager Microsoft Corporation

csrss.exe 1036 Client Server Runtime Process Microsoft Corporation

winlogon.exe 1252 Windows NT Logon Application Microsoft Corporation

services.exe 1344 Services and Controller app Microsoft Corporation

svchost.exe 1556 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1656 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1704 Generic Host Process for Win32 Services Microsoft Corporation

st330service.exe 1736 SpeedTouch Host Service THOMSON Telecom Belgium

svchost.exe 2020 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 228 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 752 Spooler SubSystem App Microsoft Corporation

mDNSResponder.exe 1044 Bonjour Service Apple Computer, Inc.

DkService.exe 1060 Diskeeper Service Diskeeper Corporation

ioloServiceManager.exe 1144

ccSvcHst.exe 1264 Symantec Service Framework Symantec Corporation

ccSvcHst.exe 524 Symantec Service Framework Symantec Corporation

nvsvc32.exe 124 NVIDIA Driver Helper Service, Version 178.24 NVIDIA Corporation

alg.exe 256 Application Layer Gateway Service Microsoft Corporation

usnsvc.exe 2504 Messenger Sharing USN Journal Reader Service Microsoft Corporation

svchost.exe 3500 Generic Host Process for Win32 Services Microsoft Corporation

lsass.exe 1356 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 520 Windows Explorer Microsoft Corporation

PDVD8Serv.exe 2240 PowerDVD RC Service Cyberlink Corp.

Cyb2k.exe 2280 CYBERsitter Control Panel Solid Oak Software, Inc.

FGKey.exe 2292 Folder Guard Utility WinAbility® Software Corporation

GrooveMonitor.exe 2308 GrooveMonitor Utility Microsoft Corporation

ctfmon.exe 2356 CTF Loader Microsoft Corporation

msnmsgr.exe 2380 Windows Live Messenger Microsoft Corporation

firefox.exe 3316 Firefox Mozilla Corporation

procexp.exe 3304 11.11 Sysinternals Process Explorer Sysinternals - www. .

uTorrent.exe 2272 36.11 µTorrent BitTorrent, Inc.

Process: uTorrent.exe Pid: 2272

Type Name

Port

Semaphore

Semaphore

Event

Section

Port

Semaphore

Mutant

Event

Event

WmiGuid

Event

Event

Event

Port

Event

Event

Event

Event

IoCompletion

IoCompletion

IoCompletion

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Event

Port

Event

Semaphore

Semaphore

Event

Event

Event

Event

Event

Event

Mutant

Event

Mutant

Event

Mutant

IoCompletion

Event

Directory \BaseNamedObjects

Mutant \BaseNamedObjects\µTorrent4823DF041B09

Section \BaseNamedObjects\CiceroSharedMemDefaultS-1-5-21-1390067357-1085031214-725345543-1003

Mutant \BaseNamedObjects\CTF.Asm.MutexDefaultS-1-5-21-1390067357-1085031214-725345543-1003

Mutant \BaseNamedObjects\CTF.Compart.MutexDefaultS-1-5-21-1390067357-1085031214-725345543-1003

Mutant \BaseNamedObjects\CTF.Layouts.MutexDefaultS-1-5-21-1390067357-1085031214-725345543-1003

Mutant \BaseNamedObjects\CTF.LBES.MutexDefaultS-1-5-21-1390067357-1085031214-725345543-1003

Mutant \BaseNamedObjects\CTF.TimListCache.FMPDefaultS-1-5-21-1390067357-1085031214-725345543-1003MUTEX.DefaultS-1-5-21-1390067357-1085031214-725345543-1003

Section \BaseNamedObjects\CTF.TimListCache.FMPDefaultS-1-5-21-1390067357-1085031214-725345543-1003SFM.DefaultS-1-5-21-1390067357-1085031214-725345543-1003

Mutant \BaseNamedObjects\CTF.TMD.MutexDefaultS-1-5-21-1390067357-1085031214-725345543-1003

Mutant \BaseNamedObjects\DBWinMutex

Semaphore \BaseNamedObjects\shell.{210A4BA0-3AEA-1069-A2D9-08002B30309D}

Semaphore \BaseNamedObjects\shell.{A48F1A32-A340-11D1-BC6B-00A0C90312E1}

Mutant \BaseNamedObjects\ShimCacheMutex

Section \BaseNamedObjects\ShimSharedMemory

Event \BaseNamedObjects\userenv: User Profile setup event

Desktop \Default

File \Device\Afd

File \Device\Afd

File \Device\Afd

File \Device\Afd

File \Device\Afd

File \Device\Ip

File \Device\Ip

File \Device\Ip

File \Device\KsecDD

File \Device\RawIp

File \Device\Tcp

File \Device\Tcp

File \Device\Tcp

File \Device\Tcp

File \Device\Tcp

File \Device\Tcp

File \Device\Udp

File \Device\WMIDataDevice

File \Device\WMIDataDevice

File \Device\WS2IFSL

File \Device\WS2IFSL

File \Device\WS2IFSL

File \Device\WS2IFSL

File \Device\WS2IFSL

KeyedEvent \KernelObjects\CritSecOutOfMemoryEvent

Directory \KnownDlls

Directory \Windows

WindowStation \Windows\WindowStations\WinSta0

WindowStation \Windows\WindowStations\WinSta0

File C:\Documents and Settings\Espiritu Santo

File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.3311_x-ww_d7cb0e02

File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.3311_x-ww_d7cb0e02

Key HKCU

Key HKCU\Software\Classes

Key HKLM

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\Net98

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Key HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters

Key HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces

Key HKLM\SYSTEM\ControlSet001\Services\Tcpip\Linkage

Key HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters

Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5

Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9

Key HKU

Process uTorrent.exe(2272)

Thread uTorrent.exe(2272): 1436

Thread uTorrent.exe(2272): 1436

Thread uTorrent.exe(2272): 1436

Thread uTorrent.exe(2272): 1700

Thread uTorrent.exe(2272): 1700

Thread uTorrent.exe(2272): 176

Thread uTorrent.exe(2272): 2584

Thread uTorrent.exe(2272): 3632

Thread uTorrent.exe(2272): 3632

Key HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\NetSet\MSwcf\NSN

Link to comment
Share on other sites

Process PID CPU Description Company Name

System Idle Process 0 89.23

Interrupts n/a Hardware Interrupts

DPCs n/a 1.54 Deferred Procedure Calls

System 4

smss.exe 796 Windows NT Session Manager Microsoft Corporation

csrss.exe 1064 1.54 Client Server Runtime Process Microsoft Corporation

winlogon.exe 1256 Windows NT Logon Application Microsoft Corporation

services.exe 1372 Services and Controller app Microsoft Corporation

svchost.exe 1584 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1672 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1732 Generic Host Process for Win32 Services Microsoft Corporation

st330service.exe 1760 SpeedTouch Host Service THOMSON Telecom Belgium

svchost.exe 2036 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 340 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 840 Spooler SubSystem App Microsoft Corporation

mDNSResponder.exe 1076 Bonjour Service Apple Computer, Inc.

DkService.exe 1092 Diskeeper Service Diskeeper Corporation

ioloServiceManager.exe 1176

ccSvcHst.exe 1304 Symantec Service Framework Symantec Corporation

ccSvcHst.exe 2956 Symantec Service Framework Symantec Corporation

nvsvc32.exe 1600 NVIDIA Driver Helper Service, Version 178.24 NVIDIA Corporation

alg.exe 236 Application Layer Gateway Service Microsoft Corporation

usnsvc.exe 1104 Messenger Sharing USN Journal Reader Service Microsoft Corporation

lsass.exe 1384 LSA Shell (Export Version) Microsoft Corporation

taskmgr.exe 3752 Windows TaskManager Microsoft Corporation

explorer.exe 2936 Windows Explorer Microsoft Corporation

PDVD8Serv.exe 3408 PowerDVD RC Service Cyberlink Corp.

Cyb2k.exe 3472 CYBERsitter Control Panel Solid Oak Software, Inc.

FGKey.exe 3488 Folder Guard Utility WinAbility® Software Corporation

GrooveMonitor.exe 3548 GrooveMonitor Utility Microsoft Corporation

ctfmon.exe 3704 CTF Loader Microsoft Corporation

msnmsgr.exe 3840 Windows Live Messenger Microsoft Corporation

firefox.exe 2300 Firefox Mozilla Corporation

DAP.exe 2588 Download Accelerator Plus (DAP) Speedbit Ltd.

uTorrent.exe 604 µTorrent BitTorrent, Inc.

procexp.exe 2576 7.69 Sysinternals Process Explorer Sysinternals - www. .

Process: uTorrent.exe Pid: 604

Name Description Company Name Version

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

<Pagefile Backed>

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.3311

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.3311

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.3311

ASOEHOOK.DLL AntiSpam OE Hook Symantec Corporation 4.00.0000.0123

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0001

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.3311

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.3311

ctype.nls

DnsApi.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3311

FGH32.dll Folder Guard Dynamic Link Library WinAbility® Software Corporation 7.09.0001.0417

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3311

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.3311

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.3311

Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.3311

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3311

locale.nls

lspcs.dll filter lsp Solid Oak 1.00.0000.0011

mdnsNSP.dll Bonjour Namespace Provider Apple Computer, Inc. 1.00.0003.0001

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.3311

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.3311

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.3311

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.3311

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3311

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.3311

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.3311

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.3311

oleaut32.dll Microsoft Corporation 5.01.2600.3311

psapi.dll Process Status Helper Microsoft Corporation 5.01.2600.3311

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.3311

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3311

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 5.01.2600.3297

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.3311

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.3311

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.3311

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.3311

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3311

shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.3311

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3311

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3311

USERENV.dll Userenv Microsoft Corporation 5.01.2600.3311

uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.3311

WINSTA.dll Winstation Library Microsoft Corporation 5.01.2600.3311

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.3311

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.3311

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.3311

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.3311

WTSAPI32.dll Windows Terminal Server SDK APIs Microsoft Corporation 5.01.2600.3311

Link to comment
Share on other sites

You have 3 security DLL injected in uT, surely your issue comes from that:

ASOEHOOK.DLL AntiSpam OE Hook Symantec Corporation 4.00.0000.0123

FGH32.dll Folder Guard Dynamic Link Library WinAbility® Software Corporation 7.09.0001.0417

lspcs.dll filter lsp Solid Oak 1.00.0000.0011

The 3rd one is BabyFilter, try to disable or uninstall it to see if crashes continue.

AntiSpam of Symantec has nothing to do in uT. Configure it or uninstall it.

For Folder Guard, try to configure it with uT folders (for dwl etc).

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...