Lambo Posted January 17, 2011 Report Posted January 17, 2011 Hi,I've searched through the forums, and haven't found any posts relating to my specific issue. After running for a few hours (usually overnight) the utorrent client freezes up and doesn't respond.I have eSet Smart Security (nod32) installed, but I've added firewall exceptions for utorrent.exe as well as scanning exceptions for *.!ut files. Below are my log files:Thanks for the helpLogfile of Trend Micro HijackThis v2.0.4Scan saved at 11:28:30 AM, on 1/17/2011Platform: Windows 7 (WinNT 6.00.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16700)Boot mode: NormalRunning processes:C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Program Files (x86)\SugarSync\SugarSyncManager.exeE:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exeC:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exeE:\Program Files (x86)\Bloomberg\API\Office Tools\Bloomberg.UIServer.exeE:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exeC:\Program Files (x86)\Google\Google Talk\googletalk.exeC:\Users\Lambo\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeE:\Program Files (x86)\MagicDisc\MagicDisc.exeC:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exeC:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeC:\Program Files (x86)\TV IR\TV IR.exeC:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exeC:\Program Files (x86)\CyberLink\Shared files\brs.exeC:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEE:\Program Files (x86)\PowerISO\PWRISOVM.EXEE:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exee:\program files (x86)\bloomberg\API\office tools\bxlartd.exeC:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeE:\Program Files (x86)\Bazaar\tbzrcache.exeE:\Program Files (x86)\uTorrent\uTorrent.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lambo\AppData\Local\Google\Chrome\Application\chrome.exeD:\Downloads\ProcessExplorer\procexp.exeD:\Downloads\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dllO2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostartO4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesO4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [blackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /backgroundO4 - HKLM\..\Run: [NBAgent] "E:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStartO4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeO4 - HKLM\..\Run: [TV IR] C:\Program Files (x86)\TV IR\TV IR.exeO4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exeO4 - HKLM\..\Run: [Nero MediaHome 4] "E:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUNO4 - HKLM\..\Run: [PWRISOVM.EXE] E:\Program Files (x86)\PowerISO\PWRISOVM.EXEO4 - HKLM\..\Run: [vmware-tray] "E:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKCU\..\Run: [Google Update] "C:\Users\Lambo\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [sugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=trueO4 - HKCU\..\Run: [synergy Server] "E:\Program Files (x86)\Synergy+\bin\synergys.exe" --no-daemon --debug WARNING --name Lambo-Desktop --address :24800O4 - HKCU\..\Run: [steam] "E:\Program Files (x86)\Steam\steam.exe" -silentO4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [PeerBlock] E:\Program Files\PeerBlock\peerblock.exeO4 - HKCU\..\Run: [Grid] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"O4 - HKCU\..\Run: [HydraVisionMDEngine] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe"O4 - HKCU\..\Run: [CLRHost] E:\Program Files (x86)\Bloomberg\API\Office Tools\bbxlcmd.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-21-1254262616-2336346487-1361124588-1008\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NeroMediaHomeUser.4')O4 - HKUS\S-1-5-21-1254262616-2336346487-1361124588-1008\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NeroMediaHomeUser.4')O4 - Startup: Dropbox.lnk = C:\Users\Lambo\AppData\Roaming\Dropbox\bin\Dropbox.exeO4 - Startup: MagicDisc.lnk = E:\Program Files (x86)\MagicDisc\MagicDisc.exeO4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEO4 - Global Startup: calibre - E-book management.lnk = E:\Program Files (x86)\Calibre2\calibre.exeO4 - Global Startup: TMMonitor.lnk = E:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exeO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: e:\program files (x86)\vmware\vmware workstation\vsocklib.dllO10 - Unknown file in Winsock LSP: e:\program files (x86)\vmware\vmware workstation\vsocklib.dllO16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cabO16 - DPF: {89A32C64-6176-4D10-BCA3-10B0079818FA} (SCDeviceMonitor Class) - https://aseticaserver1.asetica.com:3443/webconsole/RIMWebComponents.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO20 - AppInit_DLLs: acaptuser32.dllO23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeO23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exeO23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exeO23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exeO23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - E:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: TVersityMediaServer - Unknown owner - E:\Program Files (x86)\TVersity\Media Server\MediaServer.exeO23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - E:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exeO23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exeO23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exeO23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exeO23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - E:\Program Files\RealVNC\VNC4\WinVNC4.exeO23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 18543 bytesProcess PID CPU Private Bytes Working Set Description Company NameSystem Idle Process 0 79.26 0 K 24 K Interrupts n/a 1.80 0 K 0 K Hardware Interrupts DPCs n/a 0.90 0 K 0 K Deferred Procedure Calls System 4 108 K 304 K smss.exe 348 556 K 1,180 K Windows Session Manager Microsoft Corporationcsrss.exe 472 3,196 K 4,788 K Client Server Runtime Process Microsoft Corporation conhost.exe 5356 1,144 K 2,708 K Console Window Host Microsoft Corporationwininit.exe 540 1,664 K 4,164 K Windows Start-Up Application Microsoft Corporation services.exe 608 0.30 7,984 K 12,516 K Services and Controller app Microsoft Corporation svchost.exe 804 5,560 K 9,512 K Host Process for Windows Services Microsoft Corporation dllhost.exe 7912 2,848 K 7,528 K COM Surrogate Microsoft Corporation wlcomm.exe 7872 11,120 K 19,276 K Windows Live Communications Platform Microsoft Corporation WmiPrvSE.exe 3548 2,816 K 6,300 K WMI Provider Host Microsoft Corporation svchost.exe 904 6,084 K 9,544 K Host Process for Windows Services Microsoft Corporation atiesrxx.exe 968 1,716 K 3,972 K AMD External Events Service Module AMD atieclxx.exe 1292 2,704 K 6,284 K AMD External Events Client Module AMD svchost.exe 128 20,600 K 22,404 K Host Process for Windows Services Microsoft Corporation audiodg.exe 5664 15,904 K 15,684 K Windows Audio Device Graph Isolation Microsoft Corporation svchost.exe 400 167,768 K 171,404 K Host Process for Windows Services Microsoft Corporation dwm.exe 1876 82,436 K 9,892 K Desktop Window Manager Microsoft Corporation WUDFHost.exe 7648 2,352 K 6,396 K Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation svchost.exe 424 32,068 K 44,812 K Host Process for Windows Services Microsoft Corporation svchost.exe 1076 11,220 K 17,276 K Host Process for Windows Services Microsoft Corporation SbieSvc.exe 1152 1,968 K 4,156 K Sandboxie Service SANDBOXIE L.T.D svchost.exe 1276 15,052 K 16,440 K Host Process for Windows Services Microsoft Corporation spoolsv.exe 1472 8,424 K 13,048 K Spooler SubSystem App Microsoft Corporation svchost.exe 1524 10,312 K 13,124 K Host Process for Windows Services Microsoft Corporation ACService.exe 1648 1,396 K 3,684 K ArcSoft Connect Service ArcSoft Inc. AMD Reservation Manager.exe 1668 1,608 K 3,808 K RM Application Advanced Micro Devices svchost.exe 1736 3,968 K 6,776 K Host Process for Windows Services Microsoft Corporation taskhost.exe 1792 9,580 K 11,532 K Host Process for Windows Tasks Microsoft Corporation ASDR.exe 1812 940 K 2,908 K ASDR Application ekrn.exe 1916 64,764 K 72,252 K ESET Service ESET svchost.exe 1232 8,856 K 16,520 K Host Process for Windows Services Microsoft Corporation inetinfo.exe 1492 9,240 K 12,120 K Internet Information Services Microsoft Corporation LSSrvc.exe 552 1,340 K 4,056 K LightScribe Service Hewlett-Packard Company sqlservr.exe 2092 164,448 K 43,100 K SQL Server Windows NT - 64 Bit Microsoft Corporation NMMediaServerService.exe 2508 23,156 K 22,684 K Nero MediaHome Nero AG sqlwriter.exe 2372 2,344 K 5,768 K SQL Server VSS Writer - 64 Bit Microsoft Corporation svchost.exe 2848 2,088 K 5,020 K Host Process for Windows Services Microsoft Corporation MediaServer.exe 2684 35,420 K 25,804 K vmware-usbarbitrator.exe 2284 2,516 K 5,356 K VMware USB Arbitration Service VMware, Inc. vmnat.exe 3372 1,632 K 4,456 K VMware NAT Service VMware, Inc. svchost.exe 4152 7,032 K 7,920 K Host Process for Windows Services Microsoft Corporation winvnc4.exe 4192 2,044 K 4,664 K VNC Server Enterprise Edition for Win32 RealVNC Ltd. winvnc4.exe 4400 5,612 K 13,380 K VNC Server Enterprise Edition for Win32 RealVNC Ltd. WLIDSVC.EXE 4408 7,052 K 13,912 K Microsoft® Windows Live ID Service Microsoft Corp. WLIDSVCM.EXE 4696 1,520 K 3,108 K Microsoft® Windows Live ID Service Monitor Microsoft Corp. Fuel.Service.exe 4676 5,368 K 8,440 K AMD Fuel Service Advanced Micro Devices, Inc. vmware-authd.exe 5008 6,268 K 9,828 K VMware Authorization Service VMware, Inc. vmnetdhcp.exe 4304 1,324 K 3,932 K VMware VMnet DHCP service VMware, Inc. fdlauncher.exe 5296 1,552 K 3,656 K SQL Full-text Filter Daemon Launch Service Microsoft Corporation fdhost.exe 4784 4,100 K 4,900 K SQL Full Text host Microsoft Corporation SearchIndexer.exe 5480 54,152 K 57,660 K Microsoft Windows Search Indexer Microsoft Corporation SearchProtocolHost.exe 2596 3,088 K 8,420 K Microsoft Windows Search Protocol Host Microsoft Corporation SearchFilterHost.exe 7868 3,200 K 6,960 K Microsoft Windows Search Filter Host Microsoft Corporation svchost.exe 5960 1,856 K 4,384 K Host Process for Windows Services Microsoft Corporation svchost.exe 5996 2,020 K 5,220 K Host Process for Windows Services Microsoft Corporation wmpnetwk.exe 6584 12,124 K 14,480 K Windows Media Player Network Sharing Service Microsoft Corporation svchost.exe 6872 11,848 K 15,204 K Host Process for Windows Services Microsoft Corporation PresentationFontCache.exe 7372 28,008 K 16,164 K PresentationFontCache.exe Microsoft Corporation NASvc.exe 4692 2,020 K 5,804 K NeroUpdate Nero AG svchost.exe 7308 67,240 K 40,820 K Host Process for Windows Services Microsoft Corporation OSPPSVC.EXE 436 3,876 K 11,368 K Microsoft Office Software Protection Platform Service Microsoft Corporation lsass.exe 636 7,304 K 14,404 K Local Security Authority Process Microsoft Corporation lsm.exe 644 3,356 K 5,668 K Local Session Manager Service Microsoft Corporationcsrss.exe 564 55,324 K 36,420 K Client Server Runtime Process Microsoft Corporation conhost.exe 3580 2,748 K 6,256 K Console Window Host Microsoft Corporation conhost.exe 3620 2,744 K 6,140 K Console Window Host Microsoft Corporationwinlogon.exe 744 3,108 K 5,776 K Windows Logon Application Microsoft CorporationATKFastUserSwitching.exe 1800 3,428 K 6,992 K ATKFastUserSwitching explorer.exe 2100 1.20 66,832 K 65,344 K Windows Explorer Microsoft Corporation SetPoint.exe 2780 8,560 K 17,364 K Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. KHALMNPR.exe 3060 7,708 K 10,004 K Logitech KHAL Main Process Logitech, Inc. egui.exe 2792 17,772 K 37,684 K ESET GUI ESET itype.exe 2800 0.60 12,128 K 4,348 K IType.exe Microsoft Corporation ipoint.exe 2824 0.60 11,860 K 23,900 K IPoint.exe Microsoft Corporation LWEMon.exe 2836 6,076 K 10,392 K Logitech WingMan Event Monitor Logitech Inc. SbieCtrl.exe 2872 5,028 K 12,804 K Sandboxie Control SANDBOXIE L.T.D msnmsgr.exe 3016 83,004 K 38,436 K Windows Live Messenger Microsoft Corporation SugarSyncManager.exe 2484 0.90 96,472 K 73,296 K SugarSync Manager SugarSync, Inc. synergys.exe 2384 4,144 K 10,292 K Steam.exe 1252 90,444 K 75,808 K Steam Valve Corporation MSOSYNC.EXE 3168 5,652 K 11,180 K Microsoft Office Document Cache Microsoft Corporation peerblock.exe 3232 25,752 K 24,316 K PeerBlock PeerBlock, LLC HydraGrd.exe 3252 2,072 K 7,076 K HydraGrid Application Grid64.exe 3400 3,052 K 6,972 K Grid64.exe AMD HydraMD.exe 3272 2,016 K 7,468 K MultiDesk AMD HydraMD64.exe 3676 3,072 K 7,980 K HydraMD64.exe AMD TMMonitor.exe 3656 128,508 K 26,884 K TMMonitor ArcSoft, Inc. Dropbox.exe 3704 0.30 40,460 K 30,024 K Dropbox MagicDisc.exe 3784 3,420 K 8,780 K MagicISO Virtual CD/DVD Manager MagicISO, Inc. ONENOTEM.EXE 4000 1,516 K 1,064 K Microsoft OneNote Quick Launcher Microsoft Corporation chrome.exe 6284 93,440 K 115,564 K Google Chrome Google Inc. chrome.exe 6108 10,956 K 18,444 K Google Chrome Google Inc. chrome.exe 4596 14,956 K 25,456 K Google Chrome Google Inc. chrome.exe 7896 14,236 K 24,740 K Google Chrome Google Inc. chrome.exe 4908 19,308 K 30,112 K Google Chrome Google Inc. chrome.exe 7136 21,464 K 32,100 K Google Chrome Google Inc. chrome.exe 8040 32,880 K 41,204 K Google Chrome Google Inc. tbzrcache.exe 3472 0.60 17,264 K 23,048 K chrome.exe 5528 25,000 K 36,952 K Google Chrome Google Inc. chrome.exe 5284 20,524 K 29,960 K Google Chrome Google Inc. chrome.exe 4628 18,496 K 29,540 K Google Chrome Google Inc. OUTLOOK.EXE 7000 42,712 K 71,996 K Microsoft Outlook Microsoft Corporation uTorrent.exe 6708 2.70 37,968 K 45,944 K µTorrent BitTorrent, Inc. procexp.exe 5688 1,700 K 6,292 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 5632 10.51 52,828 K 74,360 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com HijackThis.exe 7800 8,016 K 17,168 K HijackThis Trend Micro Inc.Bloomberg.UIServer.exe 3488 38,996 K 22,400 K Bloomberg Excel Tools Server Bloomberg L.P.googletalk.exe 3684 20,128 K 25,432 K Google Talk Googleacrotray.exe 3744 1,624 K 5,328 K AcroTray Adobe Systems Inc.jusched.exe 3772 2,960 K 9,780 K Java Update Scheduler Sun Microsystems, Inc. jucheck.exe 4664 3,152 K 9,472 K Java Update Checker Sun Microsystems, Inc.RIMAutoUpdate.exe 3824 3,248 K 7,984 K RIM Auto Update Research In Motion LimitedACDaemon.exe 3888 3,072 K 7,180 K ArcSoft Connect Daemon ArcSoft Inc.TV IR.exe 3904 0.60 54,704 K 59,892 K PDVD10Serv.exe 3964 1,812 K 5,724 K PowerDVD RC Service CyberLink Corp.brs.exe 3972 1,412 K 4,376 K brs cyberlinkPWRISOVM.EXE 584 1,524 K 4,856 K PowerISO Virtual Drive Manager PowerISO Computing, Inc.vmware-tray.exe 632 1,864 K 5,940 K VMware Tray Process VMware, Inc.MOM.exe 2768 40,700 K 8,728 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 4988 233,436 K 30,024 K Catalyst Control Center: Host application ATI Technologies Inc.bxlartd.exe 4176 22,464 K 11,992 K Bloomberg.RtdServer Bloomberg L.P.Process: uTorrent.exe Pid: 6708Name Description Company Name Version{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000077.db actxprxy.dll ActiveX Interface Marshaling Library Microsoft Corporation 6.1.7600.16385advapi32.dll Advanced Windows 32 Base API Microsoft Corporation 6.1.7600.16385apisetschema.dll ApiSet Schema DLL Microsoft Corporation 6.1.7600.16385cfgmgr32.dll Configuration Manager DLL Microsoft Corporation 6.1.7600.16385clbcatq.dll COM+ Configuration Catalog Microsoft Corporation 2001.12.8530.16385comctl32.dll User Experience Controls Library Microsoft Corporation 6.10.7600.16661comctl32.dll.mui User Experience Controls Library Microsoft Corporation 6.10.7600.16385comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.1.7600.16385crypt32.dll Crypto API32 Microsoft Corporation 6.1.7600.16385cryptbase.dll Base cryptographic API DLL Microsoft Corporation 6.1.7600.16385cryptsp.dll Cryptographic Service Provider API Microsoft Corporation 6.1.7600.16385devobj.dll Device Information Set DLL Microsoft Corporation 6.1.7600.16385dhcpcsvc.dll DHCP Client Service Microsoft Corporation 6.1.7600.16385dhcpcsvc6.dll DHCPv6 Client Microsoft Corporation 6.1.7600.16385dnsapi.dll DNS Client API DLL Microsoft Corporation 6.1.7600.16385duser.dll Windows DirectUser Engine Microsoft Corporation 6.1.7600.16385duser.dll.mui Windows DirectUser Engine Microsoft Corporation 6.1.7600.16385dwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation 6.1.7600.16385FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.1.7600.16385FWPUCLNT.DLL FWP/IPsec User-Mode API Microsoft Corporation 6.1.7600.16385gdi32.dll GDI Client DLL Microsoft Corporation 6.1.7600.16385HydraGH.dll Hydravision GridHook DLL AMD 4.2.14.0HydraMDH.dll HydraVision MultiDesk Hook AMD 4.1.84.0iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.0.7600.16700imm32.dll Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.1.7600.16385IPHLPAPI.DLL IP Helper API Microsoft Corporation 6.1.7600.16385kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.1.7600.16385KernelBase.dll Windows NT BASE API Client DLL Microsoft Corporation 6.1.7600.16385KernelBase.dll.mui Windows NT BASE API Client DLL Microsoft Corporation 6.1.7600.16385locale.nls lpk.dll Language Pack Microsoft Corporation 6.1.7600.16385msasn1.dll ASN.1 Runtime APIs Microsoft Corporation 6.1.7600.16415msctf.dll MSCTF Server DLL Microsoft Corporation 6.1.7600.16385msi.dll Windows Installer Microsoft Corporation 5.0.7600.16385msimg32.dll GDIEXT Client DLL Microsoft Corporation 6.1.7600.16385mssprxy.dll Microsoft Search Proxy Microsoft Corporation 7.0.7600.16385msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.7600.16385mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.1.7600.16385npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.1.7600.16385nsi.dll NSI User-mode interface DLL Microsoft Corporation 6.1.7600.16385ntdll.dll NT Layer DLL Microsoft Corporation 6.1.7600.16559ntdll.dll NT Layer DLL Microsoft Corporation 6.1.7600.16559ntmarta.dll Windows NT MARTA provider Microsoft Corporation 6.1.7600.16385ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.1.7600.16624oleaut32.dll Microsoft Corporation 6.1.7600.16567profapi.dll User Profile Basic API Microsoft Corporation 6.1.7600.16385propsys.dll Microsoft Property System Microsoft Corporation 7.0.7600.16385psapi.dll Process Status Helper Microsoft Corporation 6.1.7600.16385rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.1.7600.16385rpcrt4.dll Remote Procedure Call Runtime Microsoft Corporation 6.1.7600.16385RpcRtRemote.dll Remote RPC Extension Microsoft Corporation 6.1.7600.16385rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.1.7600.16385sechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation 6.1.7600.16385setupapi.dll Windows Setup API Microsoft Corporation 6.1.7600.16385shell32.dll Windows Shell Common Dll Microsoft Corporation 6.1.7600.16644shfolder.dll Shell Folder Service Microsoft Corporation 6.1.7600.16385shlwapi.dll Shell Light-weight Utility Library Microsoft Corporation 6.1.7600.16385SortDefault.nls sspicli.dll Security Support Provider Interface Microsoft Corporation 6.1.7600.16484StaticCache.dat urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 8.0.7600.16700user32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.1.7600.16385userenv.dll Userenv Microsoft Corporation 6.1.7600.16385usp10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.7600.16385uTorrent.exe µTorrent BitTorrent, Inc. 2.2.0.23703uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.1.7600.16385version.dll Version Checking and File Installation Libraries Microsoft Corporation 6.1.7600.16385winnsi.dll Network Store Information RPC interface Microsoft Corporation 6.1.7600.16385winspool.drv Windows Spooler Driver Microsoft Corporation 6.1.7600.16385Wldap32.dll Win32 LDAP API DLL Microsoft Corporation 6.1.7600.16385WLIDNSP.DLL Microsoft® Windows Live ID Namespace Provider Microsoft Corp. 7.250.4225.0wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.1.7600.16491wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.1.7600.16385wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.1.7600.16385ws2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.1.7600.16385wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.1.7600.16385WSHTCPIP.DLL Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.1.7600.16385
moogly Posted January 17, 2011 Report Posted January 17, 2011 HydraGH.dll Hydravision GridHook DLL AMD 4.2.14.0HydraMDH.dll HydraVision MultiDesk Hook AMD 4.1.84.0It's injected into µT. What's that and its role?NB/ can you edit your logs without the tag CODE, thx.
Lambo Posted January 17, 2011 Author Report Posted January 17, 2011 HydraGH.dll Hydravision GridHook DLL AMD 4.2.14.0HydraMDH.dll HydraVision MultiDesk Hook AMD 4.1.84.0It's injected into µT. What's that and its role?NB/ can you edit your logs without the tag CODE, thx.That's part of my ATI Video Card Catalyst driver (Radeon HD 6970) to get multiple monitor support. I have 3 monitors.I've removed the code tag, that should make it easier to read.Thanks.
moogly Posted January 19, 2011 Report Posted January 19, 2011 You're using a VM, aren't you? Do you execute µT in this VM?
Lambo Posted January 19, 2011 Author Report Posted January 19, 2011 You're using a VM, aren't you? Do you execute µT in this VM?No, uTorrent is not executed in a vm.
HPMM Posted March 18, 2011 Report Posted March 18, 2011 Hello everybody. I couldnt´t explain you why, but I found that everytime my utorrent froze the CPU usage was very high, Almost all the time 100%. Giving it a closer look, I found that it was due to Google Updater, that was using unusually high percentages of my CPU. I tried to unistall it in many different ways, but it was harder than I thought. It´s a tricky application, in my opinion... Finally, I went to Administration Tools and changed it to start only manually. Besides that, I went to the proper directory and just deleted the application "Google Update.exe". (I know it wasn´t very smart...)Well, my utorrent stopped freezing! I don´t know if it was just a coincidence and I leave my observations here for better minds to check it... Nice regards and congratulations for your good work!PS: My PC is a i5 running Windows7 with 6Gb RAM
beefy314 Posted March 18, 2011 Report Posted March 18, 2011 Hi HPMM,I'm also experiencing the same problem with my i5 on windows 7 with 4gb RAM.Could you write down the steps you did in disabling and uninstalling the google updater? ThanksHello everybody. I couldnt´t explain you why, but I found that everytime my utorrent froze the CPU usage was very high, Almost all the time 100%. Giving it a closer look, I found that it was due to Google Updater, that was using unusually high percentages of my CPU. I tried to unistall it in many different ways, but it was harder than I thought. It´s a tricky application, in my opinion... Finally, I went to Administration Tools and changed it to start only manually. Besides that, I went to the proper directory and just deleted the application "Google Update.exe". (I know it wasn´t very smart...)Well, my utorrent stopped freezing! I don´t know if it was just a coincidence and I leave my observations here for better minds to check it... Nice regards and congratulations for your good work!PS: My PC is a i5 running Windows7 with 6Gb RAM
HPMM Posted March 18, 2011 Report Posted March 18, 2011 Well, I am not an expert and I would need more time to check the results over and over again, but after disabling the Google Updater my utorrent stopped freezing for the first time since I installed it. Before that I always had problems when I tried to change from "Downloading" to "Actives", for example. Any click could freeze utorrent and my machine. Many times I had to turn it off manually.What I did was the following:1. I uninstalled Google Earth (because I thought it would stop Google Updater);2. After that, I checked again and GoogleUpdater.exe was still taking very high percentages of my CPU, like 85 or 90%;3. Then I tried to uninstall it following the instructions on Google Website, but I guess they were written for Windows XP, since I couldn't follow then on my Windows7;4. I tried to uninstall it using the "Install or Uninstall Programs" option on the Control Panel, but I just couldn't find it there among the applications listed;5. So I restarted my computer in the Secure Mode (by pressing F8 one million times after rebooting) and went to Control Panel/ Administration Tools/ Services and changed "Google Updater" to "manually" (I couldn't change it to "disabled" and I don't know why. Perhaps because it was already disabled in the Secure Mode);6. After that, just to make sure, I deleted the file GoogleUpdater.exe (or something like that) from Google file's directory.I hope it may help and I will be happy to give you any more information needed.Best regards,Hélio
tramus Posted March 31, 2011 Report Posted March 31, 2011 ^ Tried that, still doing it.Same problem, it freezes up when left open for too long I guess. It only seems to happen when I'm downloading large files (3gb or larger). Sometimes it doesn't start up right away either. I have Vista Home and no security crap installed at all. I just updated too and it still does it. It actually seems to be getting worse. First it would just freeze me up once in a while for a few seconds, now every time it happens it lasts a minute or more. It even happens for a while after I close it. My computer isn't great but it never freezes when uTorrent is closed.I'm guessing it's either a uTorrent problem or perhaps an ISP anti piracy type of thing. I just don't know for sure.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.