cve_designs Posted December 20, 2008 Report Share Posted December 20, 2008 Hi all,I am running a 3.2gig Dual Core Athlon X2 Laptop with Windows Vista Home premium, 4gig ddr2 ram and 250gig HD.I have 8meg broadbrand through a thomson wireless router.When I have Utorrent on in the back ground the latest version and I am watching a movie on windows media player or listening to some music, the system changes the audio to sound like something is working overtime on the computer making everything slow.The back ground services I am running are Zone Alarm, AVG anti Virus, Daemon tools and a few others. But I cant see how they affect my system.Now after a certain period of time I can minimize UTORRENT and close it from the system tray and everything returns to normal. Except UTORRENT is still running just not downloading.Ive already seen the processes tab and the only thing that is strange are two processes.VSMON.exe which is a part of zone alarm and the process running high the most is SVCHOST.exe.Ive checked both these and they do not seem to be the problem. For example.Last night I was running U torrent for about 2 hours downloading, and I went to run 4OD ( Channel 4 TV Streaming ) next thing I no when its trying to load and stream tv it jumps, and is very slow like there is something running in the background and makes the audio jump constantly.Then I disable U torrent and it stops not completely because U Torrent is still running but only 15meg of memory in the processes tab so I restart without turning it on and everything is fine. I know its something to do with U Torrent.I have searched forums hi and low and have not come up with an answer can anyone help me? Link to comment Share on other sites More sharing options...
moogly Posted December 20, 2008 Report Share Posted December 20, 2008 Vista + ZA with uT is very buggy, reported many times on the board.Anyway you can post an HJT log (copy/paste in your post).Tutorial here: http://forum.utorrent.com/viewtopic.php?id=29748But pretty sure it's ZA the culprit. Link to comment Share on other sites More sharing options...
cve_designs Posted December 20, 2008 Author Report Share Posted December 20, 2008 OK no worries.Here is the log with Utorrent still on and being buggy.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 14:40:00, on 20/12/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exeC:\windows\system32\Dwm.exeC:\windows\Explorer.EXEC:\windows\system32\taskeng.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\ActivIdentity\ActivClient\accrdsub.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\AVG\AVG8\avgtray.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exeC:\ProgramData\daemon tools\daemon.exeC:\Windows\ehome\ehtray.exeC:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXEC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\Hewlett-Packard\Shared\HpqToaster.exeC:\Program Files\Registry Mechanic\regmech.exec:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Windows Live\Mail\wlmail.exeC:\Users\chris\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\chris\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=all&pf=cmnbR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=all&pf=cmnbR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=all&pf=cmnbR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dllO3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [startCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /trayO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\ProgramData\daemon tools\daemon.exe" -autorunO4 - HKCU\..\Run: [ehTray.exe] C:\windows\ehome\ehTray.exeO4 - HKCU\..\Run: [Google Update] "C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -allO4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /HO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Global Startup: Bluetooth.lnk = ?O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO13 - Gopher Prefix: O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jre/6u10-b92-b/jinstall-6u10-windows-i586-jc.cab?e=1227645207577&h=017f1d56f6a09f933c0de15f0fc770bb/&filename=jinstall-6u10-windows-i586-jc.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO20 - AppInit_DLLs: APSHook.dll,avgrsstx.dllO23 - Service: McAfee Application Installer Cleanup (0182961227619320) (0182961227619320mcinstcleanup) - Unknown owner - C:\Users\chris\AppData\Local\Temp\018296~1.EXE (file missing)O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exeO23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXEO23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exeO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exeO23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: C-DillaCdaC11BA - Macrovision - C:\windows\system32\drivers\CDAC11BA.EXEO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exeO23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exeO23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe--End of file - 11964 bytes Link to comment Share on other sites More sharing options...
moogly Posted December 20, 2008 Report Share Posted December 20, 2008 Ok is it possible you post the Process Explorer log to, similar to Process Manager but powerful.Don't forget to select utorrent.exe & enable DLL mode (ctrl+d) in PE.We can see what is injected in uT, maybe AVG too. Link to comment Share on other sites More sharing options...
cve_designs Posted December 20, 2008 Author Report Share Posted December 20, 2008 How do I see the Process Explorer this is the first time I've heard of that. Link to comment Share on other sites More sharing options...
moogly Posted December 20, 2008 Report Share Posted December 20, 2008 Look at the thread http://forum.utorrent.com/viewtopic.php?id=29748 Link to comment Share on other sites More sharing options...
cve_designs Posted December 22, 2008 Author Report Share Posted December 22, 2008 Ok cheers sorry for the late reply been majorly busy. here is the process explorer detailsProcess PID CPU Description Company NameSystem Idle Process 0 91.01 Interrupts n/a 3.01 Hardware Interrupts DPCs n/a 0.75 Deferred Procedure Calls System 4 smss.exe 504 Windows Session Manager Microsoft Corporationcsrss.exe 556 Client Server Runtime Process Microsoft Corporationwininit.exe 624 Windows Start-Up Application Microsoft Corporation services.exe 696 0.75 Services and Controller app Microsoft Corporation svchost.exe 928 Host Process for Windows Services Microsoft Corporation asghost.exe 1980 Global Virtual Card Host Bioscrypt Inc. WmiPrvSE.exe 3316 WMI Provider Host Microsoft Corporation ehmsas.exe 4132 Media Center Media Status Aggregator Service Microsoft Corporation HpqToaster.exe 4328 HpqToaster Module BTStackServer.exe 4504 Bluetooth Stack COM Server Broadcom Corporation. DivXsm.exe 5424 0.75 divxsm DivX Inc. svchost.exe 972 Host Process for Windows Services Microsoft Corporation svchost.exe 1016 Host Process for Windows Services Microsoft Corporation svchost.exe 1060 Host Process for Windows Services Microsoft Corporation Ati2evxx.exe 1172 ATI External Event Utility EXE Module ATI Technologies Inc. Ati2evxx.exe 1600 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 1184 Host Process for Windows Services Microsoft Corporation audiodg.exe 1352 Windows Audio Device Graph Isolation Microsoft Corporation svchost.exe 1220 Host Process for Windows Services Microsoft Corporation dwm.exe 1864 Desktop Window Manager Microsoft Corporation wlanext.exe 1068 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation svchost.exe 1236 Host Process for Windows Services Microsoft Corporation taskeng.exe 2108 Task Scheduler Engine Microsoft Corporation taskeng.exe 2260 Task Scheduler Engine Microsoft Corporation svchost.exe 1396 Host Process for Windows Services Microsoft Corporation SLsvc.exe 1412 Microsoft Software Licensing Service Microsoft Corporation svchost.exe 1440 Host Process for Windows Services Microsoft Corporation hpservice.exe 1520 HpService Hewlett-Packard Corporation svchost.exe 1664 Host Process for Windows Services Microsoft Corporation vsmon.exe 1772 TrueVector Service Check Point Software Technologies LTD spoolsv.exe 2096 Spooler SubSystem App Microsoft Corporation svchost.exe 2232 Host Process for Windows Services Microsoft Corporation accoca.exe 2552 ActivIdentity Cache Server ActivIdentity acevents.exe 2652 ActivIdentity Event Service ActivIdentity AEADISRV.EXE 2580 Andrea filters APO access service (32-bit) Andrea Electronics Corporation agrsmsvc.exe 2608 Agere Soft Modem Call Progress Service Agere Systems avgwdsvc.exe 2660 AVG Watchdog Service AVG Technologies CZ, s.r.o. avgrsx.exe 3372 AVG Resident Shield Service AVG Technologies CZ, s.r.o. svchost.exe 2672 Host Process for Windows Services Microsoft Corporation CDAC11BA.EXE 2688 Macrovision RTS Service Macrovision KService.exe 2796 0.75 Delivery Manager Service Kontiki Inc. LSSrvc.exe 2924 LightScribe Service Hewlett-Packard Company svchost.exe 3032 Host Process for Windows Services Microsoft Corporation pdfsvc.exe 3084 Dispatcher PDF Complete Inc svchost.exe 3136 Host Process for Windows Services Microsoft Corporation svchost.exe 3192 Host Process for Windows Services Microsoft Corporation rpcnet.exe 3224 rpcnet Absolute Software Corp. svchost.exe 3600 Host Process for Windows Services Microsoft Corporation svchost.exe 3672 Host Process for Windows Services Microsoft Corporation hpqWmiEx.exe 3736 hpqwmiex Module Hewlett-Packard Development Company, L.P. usnsvc.exe 3624 Messenger Sharing USN Journal Reader Service Microsoft Corporation lsass.exe 712 Local Security Authority Process Microsoft Corporation lsm.exe 720 Local Session Manager Service Microsoft Corporationcsrss.exe 636 Client Server Runtime Process Microsoft Corporationwinlogon.exe 820 Windows Logon Application Microsoft Corporationexplorer.exe 1928 Windows Explorer Microsoft Corporation MSASCui.exe 3368 Windows Defender User Interface Microsoft Corporation accrdsub.exe 644 ActivIdentity card event handler ActivIdentity SynTPEnh.exe 1008 Synaptics TouchPad Enhancements Synaptics, Inc. SynTPHelper.exe 2704 Synaptics Pointing Device Helper Synaptics, Inc. HPWAMain.exe 1012 HPWAMain Module Hewlett-Packard Development Company, L.P. WiFiMsg.exe 4116 Module to process WiFi messages. Hewlett-Packard Development Company, L.P. avgtray.exe 3796 AVG Tray Monitor AVG Technologies CZ, s.r.o. smax4pnp.exe 4024 SMax4PNP Analog Devices, Inc. zlclient.exe 200 0.75 ZoneAlarm Client Check Point Software Technologies LTD LightScribeControlPanel.exe 3176 Hewlett-Packard Company daemon.exe 1844 DAEMON Tools Lite DT Soft Ltd ehtray.exe 616 Media Center Tray Applet Microsoft Corporation GoogleUpdate.exe 3820 Google Installer Google Inc. KHost.exe 4160 Delivery Manager Kontiki Inc. BTTray.exe 4364 Bluetooth Tray Application Broadcom Corporation. uTorrent.exe 5672 µTorrent BitTorrent, Inc. wmplayer.exe 4996 0.75 Windows Media Player Microsoft Corporation wlmail.exe 4516 Windows Live Mail Microsoft Corporation chrome.exe 896 Google Chrome Google Inc. chrome.exe 5892 Google Chrome Google Inc. procexp.exe 3532 0.75 Sysinternals Process Explorer Sysinternals - www.sysinternals.com notepad.exe 1784 Notepad Microsoft CorporationRegMech.exe 4572 Registry Mechanic 8.0 PC ToolsMOM.exe 4812 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 4908 Catalyst Control Centre: Host application ATI Technologies Inc.Process: uTorrent.exe Pid: 5672Name Description Company Name VersionAcGenral.DLL Windows Compatibility DLL Microsoft Corporation 6.00.6001.18165AcLayers.dll Windows Compatibility DLL Microsoft Corporation 6.00.6001.18165ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.00.6001.18000apphelp.dll Application Compatibility Client Library Microsoft Corporation 6.00.6001.18000APSHook.dll Application Protection Hook Bioscrypt Inc. 3.00.0000.0032ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000avgrsstx.dll AVG Resident Shield Starter AVG Technologies CZ, s.r.o. 8.00.0000.0134btmmhook.dll Multimedia Keys Hook DLL Broadcom Corporation. 6.00.0001.6202CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.6001.18000comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.6001.18000dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.00.6001.18000dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.00.6001.18000DnsApi.dll DNS Client API DLL Microsoft Corporation 6.00.6001.18000dwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation 6.00.6001.18000FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.00.6001.18000GDI32.dll GDI Client DLL Microsoft Corporation 6.00.6001.18159GPAPI.dll Group Policy Client API Microsoft Corporation 6.00.6001.18000hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 6.00.6001.18000iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6001.18157IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.00.6001.18000Iphlpapi.dll IP Helper API Microsoft Corporation 6.00.6001.18000kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.00.6001.18000locale.nls locale.nls LPK.DLL Language Pack Microsoft Corporation 6.00.6001.18000MPR.dll Multiple Provider Router DLL Microsoft Corporation 6.00.6001.18000MSACM32.dll Microsoft ACM Audio Filter Microsoft Corporation 6.00.6001.18000MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.00.6001.18000msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.6001.18000mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.00.6001.18000msxml3.dll MSXML 3.0 SP10 Microsoft Corporation 8.100.1048.0000msxml3r.dll XML Resources Microsoft Corporation 8.20.8730.0001napinsp.dll E-mail Naming Shim Provider Microsoft Corporation 6.00.6001.18000NETAPI32.dll Net Win32 API DLL Microsoft Corporation 6.00.6001.18157netshell.dll Network Connections Shell Microsoft Corporation 6.00.6001.18000NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.00.6001.18000npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.00.6000.16386NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.00.6001.18000ntdll.dll NT Layer DLL Microsoft Corporation 6.00.6001.18000ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.00.6001.18000OLEACC.dll Active Accessibility Core Component Microsoft Corporation 4.02.5406.0000oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.02.5406.0000OLEAUT32.dll Microsoft Corporation 6.00.6001.18000pnrpnsp.dll PNRP Name Space Provider Microsoft Corporation 6.00.6001.18000PSAPI.DLL Process Status Helper Microsoft Corporation 6.00.6000.16386R00000000000a.clb rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.00.6000.16386RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.00.6001.18051rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.00.6001.18000Secur32.dll Security Support Provider Interface Microsoft Corporation 6.00.6001.18000SETUPAPI.dll Windows Setup API Microsoft Corporation 6.00.6001.18000sfc.dll Windows File Protection Microsoft Corporation 6.00.6000.16386sfc_os.DLL Windows File Protection Microsoft Corporation 6.00.6001.18000SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.6001.18167shfolder.dll Shell Folder Service Microsoft Corporation 6.00.6000.16386ShimEng.dll Shim Engine DLL Microsoft Corporation 6.00.6000.16386SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.6001.18000SHUNIMPL.dll Windows Shell Obsolete APIs Microsoft Corporation 6.00.6000.16386slc.dll Software Licensing Client Dll Microsoft Corporation 6.00.6001.18000SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.00.6000.16386SXS.DLL Fusion 2.5 Microsoft Corporation 6.00.6001.18000upnp.dll UPnP Control Point API Microsoft Corporation 6.00.6001.18000urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.00.6001.18157USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.00.6001.18000USERENV.dll Userenv Microsoft Corporation 6.00.6001.18000USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0001.12639UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.6001.18000VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.00.6001.18000WINHTTP.dll Windows HTTP Services Microsoft Corporation 6.00.6001.18000WINMM.dll MCI API DLL Microsoft Corporation 6.00.6001.18000WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.00.6001.18000winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.00.6000.16386WINSPOOL.DRV Windows Spooler Driver Microsoft Corporation 6.00.6001.18000WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.00.6001.18000WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.00.6001.18000wshbth.dll Windows Sockets Helper DLL Microsoft Corporation 6.00.6000.16386wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.00.6001.18000wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.00.6001.18000 Link to comment Share on other sites More sharing options...
retah Posted December 22, 2008 Report Share Posted December 22, 2008 post your log to www.hijackthis.de and analyze itif u r using hijackthis...hopefully it will tell u what to fix and what to leave always works when some programs are buggybtw..the ones u should fix will be informed to u by a red cross...hope that helps u!(u've got a lot in ur log file...n some should be fixed lol) Link to comment Share on other sites More sharing options...
cve_designs Posted December 22, 2008 Author Report Share Posted December 22, 2008 Ive tried Hijack this and it hasnt fixed things its only when Utorrent is working when I have the problems. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted December 22, 2008 Report Share Posted December 22, 2008 Have you uninstalled zonealarm yet? Link to comment Share on other sites More sharing options...
cve_designs Posted December 22, 2008 Author Report Share Posted December 22, 2008 Yeah, I removed zone alarm and tried it and still had the same issues i now have a newer version of zone alarm installed. Same with AVG as well. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted December 22, 2008 Report Share Posted December 22, 2008 APSHook.dll Application Protection Hook Bioscrypt Inc. 3.00.0000.0032This could be part of the problem. Link to comment Share on other sites More sharing options...
cve_designs Posted December 22, 2008 Author Report Share Posted December 22, 2008 Interesting.I;ll do some research and see what I can find.Why do you think that could be the problem? Link to comment Share on other sites More sharing options...
moogly Posted December 22, 2008 Report Share Posted December 22, 2008 It's a fingerprint reader to protect your computer: http://www.bioscrypt.com/ Link to comment Share on other sites More sharing options...
cve_designs Posted December 22, 2008 Author Report Share Posted December 22, 2008 Aww that came with the Laptop Direct from HP looking at it.not sure if that would cause it but I will get rid or replace the file and test it. Link to comment Share on other sites More sharing options...
retah Posted December 24, 2008 Report Share Posted December 24, 2008 k...:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exeO2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dllO4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeO4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /trayO4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [Google Update] "C:\Users\chris\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /HO13 - Gopher Prefix:O20 - AppInit_DLLs: APSHook.dll,avgrsstx.dllO23 - Service: McAfee Application Installer Cleanup (0182961227619320) (0182961227619320mcinstcleanup) - Unknown owner - C:\Users\chris\AppData\Local\Temp\018296~1.EXE (file missing)O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exeO23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXEO23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exeO23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exeO23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exethose up there are the things u gotta fix ,they have to be the problem n a couple of then are in "red exclamations" on the analyze part might be the problems might also be spyware!after u fix 'em run an antivirus scan (recomend u use avg or avast!) they are prity good.Hope this helps u. Link to comment Share on other sites More sharing options...
cve_designs Posted December 24, 2008 Author Report Share Posted December 24, 2008 Just to let you all know I fixed this.I managed to track down the issue to the HP Wireless Lan Driver.Ive updated this and everything is fixed.It would make high internet peak usage take all the system resources.Thanks for all your suggestions and help Link to comment Share on other sites More sharing options...
thelittlefire Posted December 24, 2008 Report Share Posted December 24, 2008 So you only use the windows built in wireless driver? Unfortunately there's not much "cooperation" or acquiescence among 3rd party drivers. HP was yours.. others have trouble with the d-link WLAN app. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.