Jump to content

Memory Leak on Falcon 3.0 Alpha (Build 25207)


Xtrag8

Recommended Posts

First post here

When I updated from 2.2.x to 3.0 Alpha I have a memory leak occurring where the utorrent process size reaches over a gig in less than a day.

My usual applications for Firewall and AV software that I use are Comodo Firewall and Avast Antivirus + Peerblock.

I have tried uninstalling both AV and FW and unloaded Peerblock,

The memory leak still occurred

I have also uninstalled utorrent and deleted: %APPDATA%\utorrent and then re-installed the app

Please see below for the Hijack This Log and Process Explorer Log

Any help would be very much appreciated =)

__________________________________________________________________________________

-----------------------------------------------------------------------------------------------------------------------------------

Hijack This Log

-----------------------------------------------------------------------------------------------------------------------------------

__________________________________________________________________________________

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:45:16 PM, on 18/04/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\TPG LeechOmeter\TPG LeechOmeter.exe

C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Users\Adam Saunders\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.overclockers.com.au/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.microsoft.com/search?nil_profile=ie&ref_code=ms&q=%s

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"

O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe

O4 - HKCU\..\Run: [TPG] C:\Program Files (x86)\TPG LeechOmeter\TPG LeechOmeter.exe

O4 - HKCU\..\Run: [NetBalancer] C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted IP range: http://127.0.0.1

O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab

O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://www.optusevolvessl.com.au/dana-cached/sc/JuniperSetupClient.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs:

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe

O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing)

--

End of file - 13568 bytes

__________________________________________________________________________________

-----------------------------------------------------------------------------------------------------------------------------------

Process Explorer Log

-----------------------------------------------------------------------------------------------------------------------------------

__________________________________________________________________________________

Process PID CPU Private Bytes Working Set Description

Interrupts n/a 0.35 0 K 0 K Hardware Interrupts and DPCs

PnkBstrA.exe 2960 < 0.01 1,988 K 5,032 K

PnkBstrB.exe 2984 0.02 3,040 K 5,092 K

System 4 0.07 176 K 1,060 K

System Idle Process 0 99.01 0 K 24 K

MOM.exe 2748 < 0.01 39,984 K 6,120 K Catalyst Control Center: Monitoring program

atieclxx.exe 1396 2,616 K 6,648 K AMD External Events Client Module

atiesrxx.exe 116 1,712 K 4,360 K AMD External Events Service Module

AppleMobileDeviceService.exe 1964 < 0.01 2,916 K 8,136 K MobileDeviceService

CCC.exe 2744 < 0.01 108,204 K 22,316 K Catalyst Control Center: Host application

uTorrent.exe 1356 0.05 321,392 K 330,052 K µTorrent

VCDDaemon.exe 2704 1,540 K 5,328 K Virtual CloneDrive Daemon

audiodg.exe 4396 14,664 K 15,536 K Windows Audio Device Graph Isolation

csrss.exe 492 < 0.01 2,180 K 4,304 K Client Server Runtime Process

csrss.exe 572 0.02 3,632 K 8,212 K Client Server Runtime Process

dllhost.exe 4792 2,852 K 7,412 K COM Surrogate

dwm.exe 1848 0.03 34,768 K 36,584 K Desktop Window Manager

explorer.exe 1872 0.01 79,224 K 102,132 K Windows Explorer

inetinfo.exe 2144 12,100 K 18,916 K Internet Information Services

lsass.exe 684 5,924 K 13,856 K Local Security Authority Process

lsm.exe 692 2,612 K 4,292 K Local Session Manager Service

MsMpEng.exe 968 0.02 167,948 K 81,412 K Antimalware Service Executable

msseces.exe 2268 6,416 K 14,716 K Microsoft Security Client User Interface

NisSrv.exe 4124 8,464 K 3,448 K Microsoft Network Inspection System

PresentationFontCache.exe 4760 26,772 K 17,804 K PresentationFontCache.exe

SearchFilterHost.exe 5636 2,680 K 6,524 K Microsoft Windows Search Filter Host

SearchIndexer.exe 4172 < 0.01 87,732 K 85,228 K Microsoft Windows Search Indexer

SearchProtocolHost.exe 4968 < 0.01 3,464 K 7,660 K Microsoft Windows Search Protocol Host

services.exe 676 6,192 K 12,296 K Services and Controller app

smss.exe 304 564 K 1,220 K Windows Session Manager

spoolsv.exe 1528 < 0.01 8,180 K 14,200 K Spooler SubSystem App

svchost.exe 804 4,868 K 9,972 K Host Process for Windows Services

svchost.exe 880 5,208 K 9,080 K Host Process for Windows Services

svchost.exe 356 0.01 22,020 K 24,548 K Host Process for Windows Services

svchost.exe 512 < 0.01 322,524 K 333,372 K Host Process for Windows Services

svchost.exe 708 < 0.01 30,188 K 43,568 K Host Process for Windows Services

svchost.exe 1140 < 0.01 11,576 K 18,300 K Host Process for Windows Services

svchost.exe 1248 0.01 15,784 K 17,396 K Host Process for Windows Services

svchost.exe 1572 < 0.01 11,112 K 14,776 K Host Process for Windows Services

svchost.exe 1928 4,692 K 9,208 K Host Process for Windows Services

svchost.exe 2096 < 0.01 9,312 K 22,972 K Host Process for Windows Services

svchost.exe 2124 < 0.01 5,464 K 10,092 K Host Process for Windows Services

svchost.exe 3068 1,964 K 5,448 K Host Process for Windows Services

svchost.exe 3104 6,800 K 10,300 K Host Process for Windows Services

svchost.exe 4296 2,376 K 5,920 K Host Process for Windows Services

svchost.exe 348 6,604 K 13,092 K Host Process for Windows Services

taskhost.exe 1744 8,884 K 11,304 K Host Process for Windows Tasks

taskhost.exe 3496 7,244 K 10,628 K Host Process for Windows Tasks

taskmgr.exe 1348 0.03 3,416 K 11,084 K Windows Task Manager

wininit.exe 580 1,816 K 4,660 K Windows Start-Up Application

winlogon.exe 616 2,976 K 6,992 K Windows Logon Application

WLIDSVC.EXE 3128 6,824 K 15,828 K Microsoft® Windows Live ID Service

WLIDSVCM.EXE 3524 1,456 K 3,312 K Microsoft® Windows Live ID Service Monitor

WmiPrvSE.exe 5444 2,816 K 6,464 K WMI Provider Host

wmpnetwk.exe 4692 < 0.01 6,564 K 7,224 K Windows Media Player Network Sharing Service

XBoxStat.exe 2220 < 0.01 2,784 K 6,660 K XBoxStat.exe

E_S40RPB.EXE 2024 1,452 K 3,384 K EPSON Status Monitor 3

E_S40STB.EXE 1960 1,616 K 3,832 K EPSON Status Monitor 3

TPG LeechOmeter.exe 2292 0.02 8,976 K 20,952 K Usage Meter for TPG Internet users

procexp.exe 5396 2,068 K 6,368 K Sysinternals Process Explorer

procexp64.exe 4104 0.29 30,612 K 49,968 K Sysinternals Process Explorer

HijackThis.exe 3116 < 0.01 16,784 K 30,996 K HijackThis

vmnat.exe 2664 < 0.01 2,384 K 5,424 K VMware NAT Service

vmnetdhcp.exe 3592 1,320 K 3,960 K VMware VMnet DHCP service

vmware-authd.exe 3256 6,620 K 11,312 K VMware Authorization Service

vmware-tray.exe 2724 1,436 K 4,764 K VMware Tray Process

vmware-usbarbitrator.exe 1388 < 0.01 2,508 K 5,460 K VMware USB Arbitration Service

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...