Jump to content

Problems with uTorrent...


Tiptup300

Recommended Posts

Posted

Okay, this has been happening quite often now. After running utorrent (maybe only when it starts when I reboot?) and closing it, it keeps running in the background, I'm not sure if it's seeding or downloading, but it's a process in my task manager, and the weird thing is that I can't kill the process manually. Also if I try to run utorrent by just clicking the .exe, it will tell me "uTorrent is already running or is not responding." So it doesn't run again. What I can also do though is open a .torrent file via firefox and it will open another uTorrent. If I look in the task manager it shows that there are two uTorrent processes running. I've also found that the phantom uTorrent process also has control over the files that it was seeding/downloading so I can't rename/edit them.

Posted

I have the exact same problem.

And its anoying as hell.

Have to reboot the pc everytime this happens.

Here are the logs you wanted.

I did not find the dump that is mentioned.

But let me know if you need it and ill have a new look.

Hijackthis:

http://www.zshare.net/download/745958812df30cf1/

Procexp:

http://www.zshare.net/download/74595953b6294381/

Hope you can solve this problem.

Its after i upgraded to version 2 i think thi started

Laffe

Posted

I can paste them in for sure. But the post mentioned above mentioned to use those to upload. Sorry if i missunderstood.

Here are the logs starting with the hijack one.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

Scan saved at 15:57:35, on 04.04.2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Voddler\service\VNetManager.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Windows\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\Users\laffe\AppData\Local\Temp\Rar$EX03.424\procexp.exe

C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: %windir%\system32\drivers\etc\hosts

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [VoddlerNet Manager] C:\Program Files\Voddler\service\VNetManager.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=nb-NO

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETTVERKSTJENESTE')

O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Fyll Skjema - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: Lagre Skjema - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: RoboForm Verktøylinje - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: Tilpass Meny - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O9 - Extra button: Fyll ut skjemaer - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Fyll Skjema - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Lagre - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Lagre Skjema - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: RoboForm Verktøylinje - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O13 - Gopher Prefix:

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Mamut Synchronization Service (MamutSyncService) - Mamut ASA - C:\Program Files\Mamut\Synchronization\Mamut.SynchronizationService.SynchronizationWindowsService.exe

O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

O23 - Service: VoddlerNet - Voddler - C:\Program Files\Voddler\service\voddler.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 8773 bytes

Procexp log:

Process PID CPU Private Bytes Working Set Description Company Name

System Idle Process 0 16.11 0 K 12 K

Interrupts n/a 0.77 0 K 0 K Hardware Interrupts

DPCs n/a 4.60 0 K 0 K Deferred Procedure Calls

System 4 4.60 56 K 6 672 K

smss.exe 456 252 K 600 K Windows Session Manager Microsoft Corporation

csrss.exe 568 1 312 K 1 984 K Kjøretidsprosess for klientserver Microsoft Corporation

wininit.exe 700 832 K 1 428 K Oppstartsprogram for Windows Microsoft Corporation

services.exe 748 4 352 K 4 696 K Program for tjenester og kontroller Microsoft Corporation

svchost.exe 940 3 212 K 4 208 K Vertsprosess for Windows-tjenester Microsoft Corporation

wlcomm.exe 3124 0.77 23 360 K 16 256 K Windows Live Communications Platform Microsoft Corporation

WmiPrvSE.exe 3640 4 904 K 4 188 K WMI Provider Host Microsoft Corporation

explorer.exe 5808 21 100 K 12 240 K Windows Utforsker Microsoft Corporation

svchost.exe 1012 3 624 K 4 088 K Vertsprosess for Windows-tjenester Microsoft Corporation

MsMpEng.exe 1060 9.97 150 592 K 63 088 K AntiMalware Service Executable Microsoft Corporation

svchost.exe 1172 3.07 16 368 K 9 696 K Vertsprosess for Windows-tjenester Microsoft Corporation

audiodg.exe 4376 0.77 792 K 3 112 K Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1272 56 448 K 51 584 K Vertsprosess for Windows-tjenester Microsoft Corporation

WUDFHost.exe 2648 1 548 K 1 636 K Windows Driver Foundation - Vertsprosess for drivere i brukermodus Microsoft Corporation

dwm.exe 3028 3.84 66 828 K 92 344 K Desktop Window Manager Microsoft Corporation

svchost.exe 1320 1.53 27 704 K 21 020 K Vertsprosess for Windows-tjenester Microsoft Corporation

svchost.exe 1512 9 288 K 10 944 K Vertsprosess for Windows-tjenester Microsoft Corporation

svchost.exe 1604 24 824 K 19 224 K Vertsprosess for Windows-tjenester Microsoft Corporation

svchost.exe 1740 237 056 K 43 720 K Vertsprosess for Windows-tjenester Microsoft Corporation

schedul2.exe 1840 876 K 1 372 K Acronis Scheduler 2 Acronis

svchost.exe 1884 6 208 K 7 568 K Vertsprosess for Windows-tjenester Microsoft Corporation

Mamut.SynchronizationService.SynchronizationWindowsService.exe 1908 14 552 K 6 676 K SynchronizationWindowsService Mamut ASA

sqlservr.exe 1960 42 908 K 14 504 K SQL Server Windows NT Microsoft Corporation

sqlbrowser.exe 496 936 K 1 356 K SQL Browser Service EXE Microsoft Corporation

sqlwriter.exe 564 1 360 K 2 676 K SQL Server VSS Writer Microsoft Corporation

svchost.exe 956 2 752 K 2 496 K Vertsprosess for Windows-tjenester Microsoft Corporation

TrueImageTryStartService.exe 1376 2 368 K 1 932 K

voddler.exe 2060 7.67 4 776 K 4 492 K VoddlerNet Service Voddler

YahooAUService.exe 2096 3 816 K 3 792 K AutoUpater Service Module Yahoo! Inc.

svchost.exe 2696 1 688 K 2 220 K Vertsprosess for Windows-tjenester Microsoft Corporation

taskhost.exe 2976 7 604 K 5 132 K Vertsprosess for Windows-oppgaver Microsoft Corporation

SearchIndexer.exe 3816 46 712 K 21 592 K Microsoft Windows Search-indeksering Microsoft Corporation

wmpnetwk.exe 4092 6 240 K 5 672 K Windows Media Player Network Sharing Service Microsoft Corporation

svchost.exe 3664 1 468 K 2 488 K Vertsprosess for Windows-tjenester Microsoft Corporation

spoolsv.exe 3620 5 888 K 4 528 K Delsystem for utskriftskø Microsoft Corporation

msiexec.exe 5984 6 860 K 14 320 K Windows® installer Microsoft Corporation

VSSVC.exe 1100 4 168 K 8 404 K Tjenesten Microsoft® Volume Shadow Copy Microsoft Corporation

svchost.exe 5340 1 140 K 3 896 K Vertsprosess for Windows-tjenester Microsoft Corporation

lsass.exe 764 4 048 K 5 280 K Local Security Authority Process Microsoft Corporation

lsm.exe 772 1 400 K 1 836 K Local Session Manager Service Microsoft Corporation

csrss.exe 712 15 708 K 6 180 K Kjøretidsprosess for klientserver Microsoft Corporation

winlogon.exe 872 1 660 K 1 764 K Påloggingsprogram for Windows Microsoft Corporation

explorer.exe 3064 10.74 46 560 K 51 348 K Windows Utforsker Microsoft Corporation

msseces.exe 3192 3 704 K 7 272 K Microsoft Security Essentials User Interface Microsoft Corporation

TrueImageMonitor.exe 3200 4 212 K 1 084 K Acronis True Image Monitor Acronis

TimounterMonitor.exe 3208 6 512 K 1 772 K Monitor for Acronis True Image Backup Archive Explorer Acronis

schedhlp.exe 3216 744 K 1 440 K Acronis Scheduler Helper Acronis

hpwuschd2.exe 3372 1 584 K 2 784 K hpwuSchd Application Hewlett-Packard

VNetManager.exe 3400 2 868 K 3 120 K VoddlerNet Manager Application

msnmsgr.exe 3424 4.60 98 616 K 67 908 K Windows Live Messenger Microsoft Corporation

robotaskbaricon.exe 3452 0.77 2 956 K 5 216 K RoboForm TaskBar Icon Siber Systems

aim.exe 3516 23 436 K 7 276 K AOL Instant Messenger AOL Inc.

YahooMessenger.exe 3532 75 188 K 27 888 K Yahoo! Messenger Yahoo! Inc.

OUTLOOK.EXE 2524 82 012 K 67 044 K Microsoft Office Outlook Microsoft Corporation

DTLite.exe 2756 11 184 K 8 548 K DAEMON Tools Lite DT Soft Ltd

firefox.exe 5724 15.34 366 688 K 266 700 K Firefox Mozilla Corporation

uTorrent.exe 3676 22 692 K 21 364 K µTorrent BitTorrent, Inc.

WinRAR.exe 5516 8 196 K 18 720 K WinRAR archiver Alexander Roshal

procexp.exe 2228 14.57 19 904 K 36 560 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

MpCmdRun.exe 2468 3 372 K 6 736 K Microsoft Malware Protection Command Line Utility Microsoft Corporation

Posted

This whats needed?

Process PID CPU Private Bytes Working Set Description Company Name

System Idle Process 0 86.21 0 K 12 K

Interrupts n/a 0 K 0 K Hardware Interrupts

DPCs n/a 0 K 0 K Deferred Procedure Calls

System 4 0.73 56 K 6 700 K

smss.exe 456 252 K 600 K Windows Session Manager Microsoft Corporation

csrss.exe 568 1 312 K 1 624 K Kjøretidsprosess for klientserver Microsoft Corporation

wininit.exe 700 832 K 1 428 K Oppstartsprogram for Windows Microsoft Corporation

services.exe 748 4 296 K 4 660 K Program for tjenester og kontroller Microsoft Corporation

svchost.exe 940 3 144 K 4 068 K Vertsprosess for Windows-tjenester Microsoft Corporation

wlcomm.exe 3124 23 456 K 16 236 K Windows Live Communications Platform Microsoft Corporation

WmiPrvSE.exe 3640 4 752 K 4 024 K WMI Provider Host Microsoft Corporation

explorer.exe 5808 21 168 K 10 940 K Windows Utforsker Microsoft Corporation

svchost.exe 1012 3 640 K 4 092 K Vertsprosess for Windows-tjenester Microsoft Corporation

MsMpEng.exe 1060 150 452 K 65 588 K AntiMalware Service Executable Microsoft Corporation

svchost.exe 1172 16 116 K 9 720 K Vertsprosess for Windows-tjenester Microsoft Corporation

audiodg.exe 2104 15 128 K 13 840 K Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1272 64 272 K 58 280 K Vertsprosess for Windows-tjenester Microsoft Corporation

WUDFHost.exe 2648 1 548 K 1 628 K Windows Driver Foundation - Vertsprosess for drivere i brukermodus Microsoft Corporation

dwm.exe 3028 66 884 K 98 496 K Desktop Window Manager Microsoft Corporation

svchost.exe 1320 28 148 K 21 156 K Vertsprosess for Windows-tjenester Microsoft Corporation

svchost.exe 1512 9 472 K 11 112 K Vertsprosess for Windows-tjenester Microsoft Corporation

svchost.exe 1604 24 996 K 14 624 K Vertsprosess for Windows-tjenester Microsoft Corporation

svchost.exe 1740 237 044 K 46 612 K Vertsprosess for Windows-tjenester Microsoft Corporation

schedul2.exe 1840 876 K 1 372 K Acronis Scheduler 2 Acronis

svchost.exe 1884 6 268 K 7 904 K Vertsprosess for Windows-tjenester Microsoft Corporation

Mamut.SynchronizationService.SynchronizationWindowsService.exe 1908 14 556 K 6 332 K SynchronizationWindowsService Mamut ASA

sqlservr.exe 1960 42 700 K 15 192 K SQL Server Windows NT Microsoft Corporation

sqlbrowser.exe 496 936 K 1 356 K SQL Browser Service EXE Microsoft Corporation

sqlwriter.exe 564 1 304 K 2 608 K SQL Server VSS Writer Microsoft Corporation

svchost.exe 956 2 752 K 2 280 K Vertsprosess for Windows-tjenester Microsoft Corporation

TrueImageTryStartService.exe 1376 2 368 K 1 932 K

voddler.exe 2060 0.73 4 784 K 4 168 K VoddlerNet Service Voddler

YahooAUService.exe 2096 3 816 K 3 792 K AutoUpater Service Module Yahoo! Inc.

svchost.exe 2696 1 688 K 1 832 K Vertsprosess for Windows-tjenester Microsoft Corporation

taskhost.exe 2976 7 632 K 5 584 K Vertsprosess for Windows-oppgaver Microsoft Corporation

SearchIndexer.exe 3816 47 436 K 20 788 K Microsoft Windows Search-indeksering Microsoft Corporation

wmpnetwk.exe 4092 6 264 K 5 736 K Windows Media Player Network Sharing Service Microsoft Corporation

svchost.exe 3664 1 496 K 2 500 K Vertsprosess for Windows-tjenester Microsoft Corporation

spoolsv.exe 3620 5 888 K 4 508 K Delsystem for utskriftskø Microsoft Corporation

lsass.exe 764 4 080 K 5 160 K Local Security Authority Process Microsoft Corporation

lsm.exe 772 1 400 K 1 784 K Local Session Manager Service Microsoft Corporation

csrss.exe 712 15 752 K 6 728 K Kjøretidsprosess for klientserver Microsoft Corporation

winlogon.exe 872 1 660 K 1 764 K Påloggingsprogram for Windows Microsoft Corporation

explorer.exe 3064 44 888 K 58 172 K Windows Utforsker Microsoft Corporation

msseces.exe 3192 3 704 K 6 568 K Microsoft Security Essentials User Interface Microsoft Corporation

TrueImageMonitor.exe 3200 4 212 K 1 084 K Acronis True Image Monitor Acronis

TimounterMonitor.exe 3208 6 512 K 1 772 K Monitor for Acronis True Image Backup Archive Explorer Acronis

schedhlp.exe 3216 744 K 1 436 K Acronis Scheduler Helper Acronis

hpwuschd2.exe 3372 1 584 K 2 788 K hpwuSchd Application Hewlett-Packard

VNetManager.exe 3400 2 868 K 3 124 K VoddlerNet Manager Application

msnmsgr.exe 3424 127 580 K 82 116 K Windows Live Messenger Microsoft Corporation

robotaskbaricon.exe 3452 3 036 K 5 344 K RoboForm TaskBar Icon Siber Systems

aim.exe 3516 23 452 K 7 032 K AOL Instant Messenger AOL Inc.

YahooMessenger.exe 3532 75 200 K 26 380 K Yahoo! Messenger Yahoo! Inc.

OUTLOOK.EXE 2524 82 360 K 68 192 K Microsoft Office Outlook Microsoft Corporation

DTLite.exe 2756 11 184 K 8 600 K DAEMON Tools Lite DT Soft Ltd

firefox.exe 5724 4.38 390 640 K 333 668 K Firefox Mozilla Corporation

uTorrent.exe 3676 22 692 K 20 348 K µTorrent BitTorrent, Inc.

WinRAR.exe 2212 8 356 K 18 448 K WinRAR archiver Alexander Roshal

procexp.exe 5196 8.77 20 360 K 41 556 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: uTorrent.exe Pid: 3676

Name Description Company Name Version

{67D69890-D853-4011-A87E-AA64FA83CE5A}.2.ver0x0000000000000001.db

{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000003.db

{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000008.db

{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db

actxprxy.dll ActiveX Interface Marshaling Library Microsoft Corporation 6.1.7600.16385

ADFSMenu.dll Adobe Drive Menu Adobe Systems Incorporated 4.0.0.344

AdobeDriveCS4_NP.dll Adobe Drive Network Provider Adobe Systems Incorporated 4.0.0.344

ADVAPI32.dll Avansert Windows 32 Base-API Microsoft Corporation 6.1.7600.16385

apphelp.dll Klientbibliotek for programkompatibilitet Microsoft Corporation 6.1.7600.16481

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.0

AUTHZ.dll Authorization Framework Microsoft Corporation 6.1.7600.16385

AVRT.dll Multimedia Realtime Runtime Microsoft Corporation 6.1.7600.16385

browcli.dll Browser Service Client DLL Microsoft Corporation 6.1.7600.16385

CFGMGR32.dll Configuration Manager DLL Microsoft Corporation 6.1.7600.16385

CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.8530.16385

COMCTL32.dll Bibliotek for brukerkontroller Microsoft Corporation 6.10.7600.16385

comdlg32.dll DLL for felles dialogbokser Microsoft Corporation 6.1.7600.16385

comdlg32.dll.mui DLL for felles dialogbokser Microsoft Corporation 6.1.7600.16385

credssp.dll Credential Delegation Security Package Microsoft Corporation 6.1.7600.16385

CRYPT32.dll Crypto API32 Microsoft Corporation 6.1.7600.16385

CRYPTBASE.dll Base cryptographic API DLL Microsoft Corporation 6.1.7600.16385

CRYPTSP.dll Cryptographic Service Provider API Microsoft Corporation 6.1.7600.16385

CSCAPI.dll Offline Files Win32 API Microsoft Corporation 6.1.7600.16385

CSCDLL.dll Offline Files Temporary Shim Microsoft Corporation 6.1.7600.16385

cscui.dll Grensesnitt for Hurtigbufring på klientsiden Microsoft Corporation 6.1.7600.16385

cversions.2.db

cversions.2.db

cversions.2.db

cversions.2.db

d3d8thk.dll Microsoft Direct3D OS Thunk Layer Microsoft Corporation 6.1.7600.16385

d3d9.dll Direct3D 9 Runtime Microsoft Corporation 6.1.7600.16385

davclnt.dll Web DAV Client DLL Microsoft Corporation 6.1.7600.16385

DAVHLPR.dll DAV Helper DLL Microsoft Corporation 6.1.7600.16385

DEVOBJ.dll Device Information Set DLL Microsoft Corporation 6.1.7600.16385

dfscli.dll Windows NT Distributed File System Client DLL Microsoft Corporation 6.1.7600.16385

dhcpcsvc.DLL Tjenesten DHCP-klient Microsoft Corporation 6.1.7600.16385

dhcpcsvc6.DLL DHCPv6-klient Microsoft Corporation 6.1.7600.16385

DnsApi.dll DNS-klient API DLL Microsoft Corporation 6.1.7600.16385

drprov.dll Nettverksleverandør for Microsoft vertsserver for ekstern skrivebordsøkt Microsoft Corporation 6.1.7600.16385

DUI70.dll Windows DirectUI-motor Microsoft Corporation 6.1.7600.16385

DUser.dll Windows DirectUser Engine Microsoft Corporation 6.1.7600.16385

dwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation 6.1.7600.16385

EhStorShell.dll Skallutvidelses-DLL for Windows Forbedret lagring Microsoft Corporation 6.1.7600.16385

explorerframe.dll ExplorerFrame Microsoft Corporation 6.1.7600.16385

explorerframe.dll.mui ExplorerFrame Microsoft Corporation 6.1.7600.16385

FirewallAPI.dll Windows-brannmur-API Microsoft Corporation 6.1.7600.16385

FirewallAPI.dll.mui Windows-brannmur-API Microsoft Corporation 6.1.7600.16385

fwpuclnt.dll FWP/IPsec brukermodus-API Microsoft Corporation 6.1.7600.16385

GDI32.dll GDI Client DLL Microsoft Corporation 6.1.7600.16385

gdiplus.dll Microsoft GDI+ Microsoft Corporation 6.1.7600.16385

GPAPI.dll Gruppepolicyklient-API Microsoft Corporation 6.1.7600.16385

hnetcfg.dll Konfigurasjonsbehandling for hjemmenettverk Microsoft Corporation 6.1.7600.16385

hnetcfg.dll.mui Konfigurasjonsbehandling for hjemmenettverk Microsoft Corporation 6.1.7600.16385

IconCodecService.dll Converts a PNG part of the icon to a legacy bmp icon Microsoft Corporation 6.1.7600.16385

ieframe.DLL Internett-leser Microsoft Corporation 8.0.7600.16535

ieproxy.dll IE ActiveX Interface Marshaling Library Microsoft Corporation 8.0.7600.16535

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.0.7600.16385

imageres.dll Windows Image Resource Microsoft Corporation 6.1.7600.16385

imageres.dll.mui Windows Image Resource Microsoft Corporation 6.1.7600.16385

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.1.7600.16385

index.dat

index.dat

index.dat

Iphlpapi.dll IP Helper API Microsoft Corporation 6.1.7600.16385

kernel32.dll DLL-fil for Windows NT BASE API-klient Microsoft Corporation 6.1.7600.16481

KERNELBASE.dll DLL-fil for Windows NT BASE API-klient Microsoft Corporation 6.1.7600.16385

KernelBase.dll.mui DLL-fil for Windows NT BASE API-klient Microsoft Corporation 6.1.7600.16385

ksuser.dll User CSA Library Microsoft Corporation 6.1.7600.16385

LINKINFO.dll Windows Volume Tracking Microsoft Corporation 6.1.7600.16385

locale.nls

LPK.dll Language Pack Microsoft Corporation 6.1.7600.16385

mf.dll DLL for mediefundament Microsoft Corporation 12.0.7600.16385

MFPlat.DLL Media Foundation Platform DLL Microsoft Corporation 12.0.7600.16385

MPR.dll DLL for Multiple Provider Router Microsoft Corporation 6.1.7600.16385

mpr.dll.mui DLL for Multiple Provider Router Microsoft Corporation 6.1.7600.16385

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.1.7600.16415

MSCTF.dll MSCTF-server-DLL Microsoft Corporation 6.1.7600.16385

msctf.dll.mui MSCTF-server-DLL Microsoft Corporation 6.1.7600.16385

msi.dll Windows Installer Microsoft Corporation 5.0.7600.16385

msls31.dll Microsoft Line Services library file Microsoft Corporation 3.10.349.0

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.7600.16385

mswsock.dll Microsoft Windows Sockets 2.0-tjenesteprogram Microsoft Corporation 6.1.7600.16385

msxml3.dll MSXML 3.0 SP11 Microsoft Corporation 8.110.7600.16385

msxml3r.dll XML Resources Microsoft Corporation 8.110.7600.16385

netshell.dll Skall for nettverkstilkoblinger Microsoft Corporation 6.1.7600.16385

netutils.dll Net Win32 API Helpers DLL Microsoft Corporation 6.1.7600.16385

NetworkExplorer.dll Nettverksutforsker Microsoft Corporation 6.1.7600.16385

nlaapi.dll Network Location Awareness 2 Microsoft Corporation 6.1.7600.16385

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.1.7600.16385

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.1.7600.16385

ntdll.dll NT nivå-dll Microsoft Corporation 6.1.7600.16385

ntlanman.dll Microsoft® Lan Manager Microsoft Corporation 6.1.7600.16385

ntmarta.dll Windows NT MARTA-leverandør Microsoft Corporation 6.1.7600.16385

ntshrui.dll Skallutvidelse for deling Microsoft Corporation 6.1.7600.16385

ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.1.7600.16385

OLEACC.dll Active Accessibility Core Component Microsoft Corporation 7.0.0.0

oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 7.0.0.0

oleaccrc.dll.mui Active Accessibility Resource DLL Microsoft Corporation 7.0.0.0

oleaut32.dll Microsoft Corporation 6.1.7600.16385

peerdist.dll Klientbibliotek for BranchCache Microsoft Corporation 6.1.7600.16385

PhotoBase.dll Photo Base Library Microsoft Corporation 6.1.7600.16385

PhotoViewer.dll Windows Fotovisning Microsoft Corporation 6.1.7600.16385

profapi.dll User Profile Basic API Microsoft Corporation 6.1.7600.16385

PROPSYS.dll Microsoft Property System Microsoft Corporation 7.0.7600.16385

propsys.dll.mui Microsoft Property System Microsoft Corporation 7.0.7600.16385

PSAPI.DLL Process Status Helper Microsoft Corporation 6.1.7600.16385

rarext.dll WinRAR shell extension Alexander Roshal 3.92.0.0

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.1.7600.16385

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.1.7600.16385

RpcRtRemote.dll Remote RPC Extension Microsoft Corporation 6.1.7600.16385

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.1.7600.16385

sbdrop.dll Sidepanel-droptarget Microsoft Corporation 6.1.7600.16385

sechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation 6.1.7600.16385

Secur32.dll Security Support Provider Interface Microsoft Corporation 6.1.7600.16385

SETUPAPI.dll Installasjons-API for Windows Microsoft Corporation 6.1.7600.16385

setupapi.dll.mui Installasjons-API for Windows Microsoft Corporation 6.1.7600.16385

SHDOCVW.dll Bibliotek for grensesnittsobjekter og -kontroller Microsoft Corporation 6.1.7600.16385

SHELL32.dll Felles DLL-fil for Windows-skall Microsoft Corporation 6.1.7600.16385

shell32.dll.mui Felles DLL-fil for Windows-skall Microsoft Corporation 6.1.7600.16385

shellext.dll Microsoft Security Essentials Shell Extension Microsoft Corporation 1.0.1961.0

shellext.dll.mui Microsoft Security Essentials Shell Extension Microsoft Corporation 1.0.1961.0

shfolder.dll Shell Folder Service Microsoft Corporation 6.1.7600.16385

SHLWAPI.dll Lavnivåbibliotek for grensesnitt Microsoft Corporation 6.1.7600.16385

slc.dll Klient-DLL for programvarelisensiering Microsoft Corporation 6.1.7600.16385

SortDefault.nls

srvcli.dll Server Service Client DLL Microsoft Corporation 6.1.7600.16385

SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.1.7600.16385

SspiCli.dll Security Support Provider Interface Microsoft Corporation 6.1.7600.16385

StaticCache.dat

StructuredQuery.dll Structured Query Microsoft Corporation 7.0.7600.16385

SXS.DLL Fusion 2.5 Microsoft Corporation 6.1.7600.16385

SYNCENG.dll Windows Briefcase Engine Microsoft Corporation 6.1.7600.16385

syncui.dll Windows Koffert Microsoft Corporation 6.1.7600.16385

thumbcache.dll Microsoft Hurtigbuffer for miniatyrbilder Microsoft Corporation 6.1.7600.16385

thumbcache_1024.db

thumbcache_256.db

thumbcache_32.db

thumbcache_96.db

thumbcache_96.db

thumbcache_idx.db

thumbcache_idx.db

thumbcache_sr.db

timounter.dll timounter Dynamic Link Library Acronis 4.0.0.469

tiptsf.dll Tekstrammeverk for Tablet PC Inndatapanel Microsoft Corporation 6.1.7600.16385

tishell.dll Acronis True Image Shell Extensions Acronis 11.0.0.8027

twext.dll Egenskapsside for tidligere versjoner Microsoft Corporation 6.1.7600.16385

twext.dll.mui Egenskapsside for tidligere versjoner Microsoft Corporation 6.1.7600.16385

upnp.dll API for UPnP-kontrollpunkt Microsoft Corporation 6.1.7600.16385

urlmon.dll OLE32-utvidelse for Win32 Microsoft Corporation 8.0.7600.16535

urlmon.dll.mui OLE32-utvidelse for Win32 Microsoft Corporation 8.0.7600.16385

USER32.dll Windows USER API klient-DLL for flere brukere Microsoft Corporation 6.1.7600.16385

user32.dll.mui Windows USER API klient-DLL for flere brukere Microsoft Corporation 6.1.7600.16385

USERENV.dll Userenv Microsoft Corporation 6.1.7600.16385

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.7600.16385

uTorrent.exe µTorrent BitTorrent, Inc. 2.0.0.18488

uxtheme.dll Microsoft UxTema-bibliotek Microsoft Corporation 6.1.7600.16385

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.1.7600.16385

webio.dll Weboverføringsprotokoller API Microsoft Corporation 6.1.7600.16385

WindowsCodecs.dll Microsoft Windows Codecs Library Microsoft Corporation 6.1.7600.16385

WINHTTP.dll Windows HTTP-tjenester Microsoft Corporation 6.1.7600.16385

WININET.dll Internett-tillegg for Win32 Microsoft Corporation 8.0.7600.16535

WINMM.dll MCI API DLL Microsoft Corporation 6.1.7600.16385

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.1.7600.16385

WINSTA.dll Winstation Library Microsoft Corporation 6.1.7600.16385

WINTRUST.dll Microsoft Trust Verification APIs Microsoft Corporation 6.1.7600.16385

wkscli.dll Workstation Service Client DLL Microsoft Corporation 6.1.7600.16385

WLDAP32.dll DLL-fil for Win32 LDAP-API Microsoft Corporation 6.1.7600.16385

wmpnssui.dll WMPNSS-skallutvidelser for Windows Media Player Microsoft Corporation 6.1.7600.16385

WS2_32.dll Windows Socket 2.0 32-biters DLL Microsoft Corporation 6.1.7600.16385

wship6.dll Winsock2-hjelpe-DLL (TL/IPv6) Microsoft Corporation 6.1.7600.16385

wshtcpip.dll Winsock2-hjelpe-DLL (TL/IPv4) Microsoft Corporation 6.1.7600.16385

WTSAPI32.dll Windows Remote Desktop Session Host Server SDK APIs Microsoft Corporation 6.1.7600.16385

xmllite.dll Microsoft XmlLite Library Microsoft Corporation 1.3.1000.0

Posted

Same to me.

Win7x64/utorrent 2.0 build 18907. After close utorrent it keeps running in the background. When i try to kill it from task manager i got "Access denied" message. Only reboot help.

When bt.graceful_shutdown is set to true utorrent process freeze every close of app, with false not so often (one-two times per day). utorrent 1.8.5 - works absolutely normal.

My logs:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

Scan saved at 18:24:44, on 05.04.2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Miranda\miranda32.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe

C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)

O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Semagic - C:\Program Files (x86)\Semagic\link.htm

O8 - Extra context menu item: Копировать в Semagic - C:\Program Files (x86)\Semagic\copy.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - Trusted Zone: http://software.kuaiche.com

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{94905FC1-D363-4347-9FDB-BD316E520BFC}: NameServer = 192.168.1.1

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 6746 bytes

Process PID CPU Private Bytes Working Set Description Company Name

System Idle Process 0 96.72 0 K 24 K

Interrupts n/a 0 K 0 K Hardware Interrupts

DPCs n/a 0 K 0 K Deferred Procedure Calls

System 4 108 K 304 K

smss.exe 288 420 K 988 K Диспетчер сеанса Windows Microsoft Corporation

csrss.exe 392 2 120 K 4 108 K Процесс исполнения клиент-сервер Microsoft Corporation

wininit.exe 452 1 456 K 4 032 K Автозагрузка приложений Windows Microsoft Corporation

services.exe 512 5 028 K 9 392 K Приложение служб и контроллеров Microsoft Corporation

svchost.exe 640 4 412 K 9 684 K Хост-процесс для служб Windows Microsoft Corporation

hpqbam08.exe 912 1 584 K 5 440 K HP CUE Alert Popup Window Objects Hewlett-Packard Co.

hpqgpc01.exe 2656 3 860 K 9 624 K GPCore COM object Hewlett-Packard

VBoxSVC.exe 3052 5 204 K 13 588 K VirtualBox Interface Sun Microsystems, Inc.

VirtualBox.exe 3104 0.77 45 004 K 52 296 K VirtualBox GUI Sun Microsystems, Inc.

nvvsvc.exe 740 1 576 K 4 428 K NVIDIA Driver Helper Service, Version 197.13 NVIDIA Corporation

nvvsvc.exe 372 3 116 K 8 012 K NVIDIA Driver Helper Service, Version 197.13 NVIDIA Corporation

svchost.exe 780 4 504 K 8 380 K Хост-процесс для служб Windows Microsoft Corporation

svchost.exe 844 17 724 K 19 884 K Хост-процесс для служб Windows Microsoft Corporation

audiodg.exe 4616 14 308 K 15 016 K Изоляция графов аудиоустройств Windows Microsoft Corporation

svchost.exe 920 147 196 K 136 936 K Хост-процесс для служб Windows Microsoft Corporation

WUDFHost.exe 1960 2 036 K 5 328 K Windows Driver Foundation (WDF) - хост-процесс инфраструктуры драйверов пользовательского режима Microsoft Corporation

dwm.exe 2208 27 008 K 27 856 K Диспетчер окон рабочего стола Microsoft Corporation

svchost.exe 968 24 392 K 39 592 K Хост-процесс для служб Windows Microsoft Corporation

CTAudSvc.exe 312 1 276 K 4 088 K Creative Audio Service Creative Technology Ltd

svchost.exe 480 9 640 K 16 484 K Хост-процесс для служб Windows Microsoft Corporation

svchost.exe 1136 11 412 K 14 144 K Хост-процесс для служб Windows Microsoft Corporation

spoolsv.exe 1240 6 644 K 10 964 K Диспетчер очереди печати Microsoft Corporation

svchost.exe 1280 8 020 K 7 172 K Хост-процесс для служб Windows Microsoft Corporation

AVerRemote.exe 1348 4 772 K 10 332 K AVerRemote MFC Application AVerMedia

ekrn.exe 1396 53 660 K 61 036 K ESET Service ESET

svchost.exe 1460 4 188 K 9 636 K Хост-процесс для служб Windows Microsoft Corporation

mdm.exe 1480 1 936 K 4 912 K Machine Debug Manager Microsoft Corporation

svchost.exe 1516 1 144 K 3 328 K Хост-процесс для служб Windows Microsoft Corporation

svchost.exe 1604 1 164 K 3 404 K Хост-процесс для служб Windows Microsoft Corporation

svchost.exe 1628 1 788 K 5 200 K Хост-процесс для служб Windows Microsoft Corporation

svchost.exe 1092 1 836 K 5 040 K Хост-процесс для служб Windows Microsoft Corporation

taskhost.exe 2124 8 400 K 9 992 K Хост-процесс для задач Windows Microsoft Corporation

svchost.exe 504 4 992 K 8 568 K Хост-процесс для служб Windows Microsoft Corporation

lsass.exe 520 4 284 K 10 612 K Local Security Authority Process Microsoft Corporation

lsm.exe 528 2 392 K 4 072 K Служба диспетчера локальных сеансов Microsoft Corporation

csrss.exe 476 0.77 2 340 K 6 252 K Процесс исполнения клиент-сервер Microsoft Corporation

winlogon.exe 692 3 220 K 7 200 K Программа входа в систему Windows Microsoft Corporation

explorer.exe 2224 59 376 K 82 904 K Проводник Microsoft Corporation

hpqtra08.exe 2404 4 940 K 12 600 K HP Digital Imaging Monitor Hewlett-Packard Co.

hpqste08.exe 2400 3 880 K 10 636 K HP CUE Status Root Hewlett-Packard Co.

firefox.exe 248 149 072 K 176 068 K Firefox Mozilla Corporation

miranda32.exe 3116 35 516 K 14 048 K Miranda IM

taskmgr.exe 3268 0.77 4 504 K 11 860 K Диспетчер задач Windows Microsoft Corporation

HiJackThis.exe 4736 8 396 K 17 888 K HijackThis Trend Micro Inc.

uTorrent.exe 4372 11 644 K 18 420 K µTorrent BitTorrent, Inc.

notepad.exe 4732 1 644 K 6 656 K Блокнот Microsoft Corporation

procexp.exe 4612 1 752 K 6 140 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

procexp64.exe 4480 1.55 18 732 K 36 048 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

rundll32.exe 2520 8 208 K 7 700 K Хост-процесс Windows (Rundll32) Microsoft Corporation

uTorrent.exe 4908 12 416 K 18 460 K µTorrent BitTorrent, Inc.

Process: uTorrent.exe Pid: 4372

Name Description Company Name Version

ADVAPI32.dll Расширенная библиотека API Windows 32 Microsoft Corporation 6.1.7600.16385

C_1252.NLS

COMCTL32.dll Библиотека элементов управления взаимодействия с пользователем Microsoft Corporation 6.10.7600.16385

comctl32.dll.mui Библиотека элементов управления взаимодействия с пользователем Microsoft Corporation 6.10.7600.16385

comdlg32.dll Библиотека общих диалоговых окон Microsoft Corporation 6.1.7600.16385

CRYPT32.dll API32 криптографии Microsoft Corporation 6.1.7600.16385

CRYPTBASE.dll Base cryptographic API DLL Microsoft Corporation 6.1.7600.16385

CRYPTSP.dll Cryptographic Service Provider API Microsoft Corporation 6.1.7600.16385

dhcpcsvc.DLL Служба DHCP-клиента Microsoft Corporation 6.1.7600.16385

dhcpcsvc6.DLL Клиент DHCPv6 Microsoft Corporation 6.1.7600.16385

DnsApi.dll Динамическая библиотека API DNS-клиента Microsoft Corporation 6.1.7600.16385

DUser.dll Windows DirectUser Engine Microsoft Corporation 6.1.7600.16385

duser.dll.mui Windows DirectUser Engine Microsoft Corporation 6.1.7600.16385

dwmapi.dll Интерфейс API диспетчера окон рабочего стола (Майкрософт) Microsoft Corporation 6.1.7600.16385

fwpuclnt.dll API пользовательского режима FWP/IPsec Microsoft Corporation 6.1.7600.16385

GDI32.dll GDI Client DLL Microsoft Corporation 6.1.7600.16385

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.0.7600.16385

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.1.7600.16385

index.dat

index.dat

index.dat

Iphlpapi.dll IP Helper API Microsoft Corporation 6.1.7600.16385

kernel32.dll Библиотека клиента Windows NT BASE API Microsoft Corporation 6.1.7600.16385

KERNELBASE.dll Библиотека клиента Windows NT BASE API Microsoft Corporation 6.1.7600.16385

KernelBase.dll.mui Библиотека клиента Windows NT BASE API Microsoft Corporation 6.1.7600.16385

locale.nls

LPK.dll Language Pack Microsoft Corporation 6.1.7600.16385

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.1.7600.16415

MSCTF.dll Серверная библиотека MSCTF Microsoft Corporation 6.1.7600.16385

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.7600.16385

mswsock.dll Расширение поставщика службы API Microsoft Windows Sockets 2.0 Microsoft Corporation 6.1.7600.16385

napinsp.dll Поставщик оболочки совместимости для имен электронной почты Microsoft Corporation 6.1.7600.16385

NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.1.7600.16385

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.1.7600.16385

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.1.7600.16385

ntdll.dll Системная библиотека NT Microsoft Corporation 6.1.7600.16385

ntdll.dll Системная библиотека NT Microsoft Corporation 6.1.7600.16385

ntmarta.dll Поставщик Windows NT MARTA Microsoft Corporation 6.1.7600.16385

ole32.dll Microsoft OLE для Windows Microsoft Corporation 6.1.7600.16385

oleaut32.dll Microsoft Corporation 6.1.7600.16385

pnrpnsp.dll Поставщик пространства имен PNRP Microsoft Corporation 6.1.7600.16385

profapi.dll User Profile Basic API Microsoft Corporation 6.1.7600.16385

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.1.7600.16385

RASAPI32.dll Remote Access API Microsoft Corporation 6.1.7600.16385

rasman.dll Remote Access Connection Manager Microsoft Corporation 6.1.7600.16385

RPCRT4.dll Библиотека удаленного вызова процедур Microsoft Corporation 6.1.7600.16385

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.1.7600.16385

rtutils.dll Routing Utilities Microsoft Corporation 6.1.7600.16385

sechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation 6.1.7600.16385

sensapi.dll SENS Connectivity API DLL Microsoft Corporation 6.1.7600.16385

SHELL32.dll Общая библиотека оболочки Windows Microsoft Corporation 6.1.7600.16385

shfolder.dll Shell Folder Service Microsoft Corporation 6.1.7600.16385

SHLWAPI.dll Библиотека небольших программ оболочки Microsoft Corporation 6.1.7600.16385

SortDefault.nls

SspiCli.dll Security Support Provider Interface Microsoft Corporation 6.1.7600.16385

StaticCache.dat

urlmon.dll Расширения OLE32 для Win32 Microsoft Corporation 8.0.7600.16535

USER32.dll Многопользовательская библиотека клиента USER API Windows Microsoft Corporation 6.1.7600.16385

USERENV.dll Userenv Microsoft Corporation 6.1.7600.16385

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.7600.16385

uTorrent.exe µTorrent BitTorrent, Inc. 2.0.0.18907

uxtheme.dll Библиотека тем UxTheme (Microsoft) Microsoft Corporation 6.1.7600.16385

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.1.7600.16385

wininet.dll Расширения Интернета для Win32 Microsoft Corporation 8.0.7600.16535

winmm.dll MCI API DLL Microsoft Corporation 6.1.7600.16385

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.1.7600.16385

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.1.7600.16385

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.1.7600.16385

wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.1.7600.16491

wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.1.7600.16385

wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.1.7600.16385

WS2_32.dll 32-разрядная библиотека Windows Socket 2.0 Microsoft Corporation 6.1.7600.16385

wship6.dll Библиотека DLL помощника Winsock2 (TL/IPv6) Microsoft Corporation 6.1.7600.16385

wshtcpip.dll Библиотека DLL помощника службы Winsock2 (TL/IPv4) Microsoft Corporation 6.1.7600.16385

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...