Didonko Posted July 9, 2012 Report Share Posted July 9, 2012 Allrighty, I've been using uTorrent for quite some time, but two days ago it started to act weird. It started to use excessive amounts of CPU resources only on one of the cores.System specsLAPTOP Toshiba Satellite l750-1REOS: Windows 7 Home Premium 64 bit Service Pack 1OS Version: 6.1.7601 (Win7 RTM)CPU Type : Mobile QuadCore Intel Core i7-2670QM, 2800 MHz (28 x 100) with HyperThread SpecsuTorrent version: Irrelevant, all versions showed the same issueuTorrent versions tried: 3.1.2, 3.1.3, 3.2, 3.2.1 (beta), 2.2.1Antivirus program: AvastProblem description:Up until three days ago, I used to download torrents of all sizes (ranging 200MB to 40+ gigs - complete seasons in one torrent) and had no problems at all - if it was not for the network usage, utorrent was hardly noticeable (besides the occasional usage of 400+MBs of RAM).However, since two days ago I am experiencing excessive CPU usage, system hanging due to uTorrent active torrents, crashes of uTorrent. Below I'll attach screenshots of the situation (one is with different wallpaper, had to change to basic theme, fixed it afterwards) - uTorrent with active torrents, without active torrents, not run at all.I am using Avast as my antivirus software. Disabling the P2P shield, Network shield, and unchecking the "Scan files upon writing" did NOT improve the situation.Today, I had my PC shut downed. After start up it behaved normally, until ~12GB were downloaded at max speed (2.2MB/s) then it started acting up again. Monitoring HDD activity (Windows gadgets) there was nothing out of the ordinary. Windows firewall was turned on. After turning it off, it did not have any effect.What I'm observing is the CPU usage goes up progressively as the download speed goes up. Upon start of a torrent, it goes up to ~40% constant usage with peaks, going up and above 1MB/s (8Mb/s) it peaks to the 90-100% usage and refuses to go higher.Changing max global connections available at any range from 200 to 800 and even 1200; and max connections per torrent from 10 to 50 to 200 did not have the slightest effect.I am also setting the affinity of the process of utorrent to any other core but with no effect as well.Here I will list the things that have changed between 3 days ago (when I had no problems) and the period with problems:1. Changed internet connection to cable from wifi a) Since the purchase of the laptop, this is the first time the PC connects via cable2. Changed partitions to which data is written onto a) I ran out of free space on partition "D" which is used as data storage I started downloading files onto partition "C", which is the system partition (partition with OS and all programs there are on my system)3. Added a lot of torrents simultaneously a) from usually 1-3 torrents, I added 30 torrents on one day. (All of them but two are magnet links)I will post links to logs and pictures first. The actual logs and pics will be below the links1. Hijackthis log2. Process Explorer + dlls3. ScreenshotsNOTE to screenshots: In "Normal activity" Core 1 is green. In all the others is red. I changed it so it is better observed over the blue-ish RAM background color. 1. Normal activity.png 2. 100% CPU big monitoring.png 3. CPU with torrents.png 4. CPU with stopped torrents.png 5. Cache settings.png Hope all of this helps, in case you need more information, I am more than welcome to provide it.Hijackthis log Logfile of Trend Micro HijackThis v2.0.4Scan saved at 22:42:30, on 9.7.2012Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v9.00 (9.00.8112.16421)Boot mode: NormalRunning processes:C:\ProgramsInstalled\Skype\Phone\Skype.exeC:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exeC:\ProgramsInstalled\Avast\AvastUI.exeC:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exeC:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exeC:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exeC:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exeC:\ProgramsInstalled\DAEMON Tools Lite\DTShellHlp.exeC:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exeC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\ProgramsInstalled\AIDA64\aida64.exeD:\Installation files\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllF2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\ProgramsInstalled\Avast\aswWebRepIE.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllO3 - Toolbar: KMPlayer Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllO3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\ProgramsInstalled\Avast\aswWebRepIE.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dllO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStartO4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exeO4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO4 - HKLM\..\Run: [avast] "C:\ProgramsInstalled\Avast\avastUI.exe" /noguiO4 - HKLM\..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silentO4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe /STARTUPO4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\ProgramsInstalled\DAEMON Tools Lite\DTLite.exe" -autorunO4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [Skype] "C:\ProgramsInstalled\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exeO4 - Global Startup: Bluetooth Manager.lnk = ?O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exeO8 - Extra context menu item: Add to TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dllO9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: *.clonewarsadventures.comO15 - Trusted Zone: *.freerealms.comO15 - Trusted Zone: *.soe.comO15 - Trusted Zone: *.sony.comO18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllO18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)O23 - Service: avast! Antivirus - AVAST Software - C:\ProgramsInstalled\Avast\AvastSvc.exeO23 - Service: avast! Firewall - AVAST Software - C:\ProgramsInstalled\Avast\afwServ.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exeO23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXlm License Manager - Unknown owner - C:\ProgramsInstalled\Rational\common\lmgrd.exeO23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exeO23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\ProgramsInstalled\Sandra\RpcAgentSrv.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeO23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exeO23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exeO23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exeO23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exeO23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exeO23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exeO23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: Oneoaaoa Vodafone Mobile Broadband (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exeO23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 15994 bytesProcess Explorer + dllsProcess PID CPU Private Bytes Working Set Description Company NameSystem Idle Process 0 72.67 0 K 24 K System 4 6.37 112 K 324 K uTorrent.exe 5196 6.16 78,072 K 81,312 K µTorrent BitTorrent, Inc.Interrupts n/a 5.90 0 K 0 K Hardware Interrupts and DPCs sidebar.exe 5024 1.87 133,108 K 196,540 K Windows Desktop Gadgets Microsoft Corporationprocexp64.exe 2116 1.43 34,096 K 57,164 K Sysinternals Process Explorer Sysinternals - www.sysinternals.comaudiodg.exe 3856 0.95 18,208 K 19,184 K Windows Audio Device Graph Isolation Microsoft Corporationplugin-container.exe 6080 0.66 292,816 K 273,024 K Plugin Container for Waterfox Mozilla CorporationSynTPEnh.exe 4288 0.56 13,024 K 20,240 K Synaptics TouchPad Enhancements Synaptics Incorporatedfirefox.exe 5504 0.53 781,408 K 862,696 K Waterfox Mozilla CorporationSkype.exe 5048 0.46 100,276 K 116,280 K Skype Skype Technologies S.A.perfmon.exe 3480 0.39 45,344 K 57,452 K Resource and Performance Monitor Microsoft Corporationdwm.exe 4016 0.34 100,532 K 114,704 K Desktop Window Manager Microsoft CorporationAvastSvc.exe 1472 0.27 51,588 K 91,576 K avast! Service AVAST Softwaresvchost.exe 1056 0.26 33,760 K 49,088 K Host Process for Windows Services Microsoft CorporationCore Temp.exe 632 0.17 5,724 K 2,104 K CPU temperature and system information utility WmiPrvSE.exe 6380 0.17 7,684 K 11,944 K WMI Provider Host Microsoft CorporationPandoraService.exe 2480 0.15 17,476 K 14,112 K Pandora.TV service file Pandora.TVaida64.exe 7408 0.14 35,356 K 44,904 K AIDA64 Extreme Edition FinalWire Ltd.csrss.exe 680 0.13 4,936 K 9,820 K Client Server Runtime Process Microsoft Corporationexplorer.exe 4036 0.11 89,160 K 114,916 K Windows Explorer Microsoft Corporationsvchost.exe 920 0.08 160,712 K 165,008 K Host Process for Windows Services Microsoft Corporationtaskmgr.exe 7632 0.06 5,976 K 15,476 K Windows Task Manager Microsoft CorporationLMS.exe 6996 0.03 3,328 K 5,728 K Local Manageability Service Intel CorporationWmiPrvSE.exe 3364 0.02 22,124 K 27,832 K WMI Provider Host Microsoft CorporationWmiPrvSE.exe 3396 0.02 12,264 K 18,272 K WMI Provider Host Microsoft Corporationsvchost.exe 352 0.01 7,168 K 11,224 K Host Process for Windows Services Microsoft CorporationAppleMobileDeviceService.exe 2212 0.01 3,632 K 9,864 K MobileDeviceService Apple Inc.AvastUI.exe 2192 0.01 21,428 K 7,828 K avast! Antivirus AVAST Softwaresvchost.exe 1196 0.01 14,440 K 22,580 K Host Process for Windows Services Microsoft Corporationsvchost.exe 904 0.01 6,400 K 12,080 K Host Process for Windows Services Microsoft Corporationsvchost.exe 512 0.01 28,004 K 31,448 K Host Process for Windows Services Microsoft CorporationNDSTray.exe 5168 < 0.01 9,928 K 1,708 K ConfigFree Task Tray Menu TOSHIBA CORPORATIONlsass.exe 748 < 0.01 7,464 K 14,936 K Local Security Authority Process Microsoft Corporationsvchost.exe 5316 < 0.01 11,696 K 80,256 K Host Process for Windows Services Microsoft CorporationafwServ.exe 1688 < 0.01 15,852 K 20,508 K avast! firewall service AVAST SoftwareTOPI.exe 4492 < 0.01 53,572 K 48,480 K TOSHIBA Online Product Information TOSHIBAmcsacore.exe 2452 < 0.01 21,648 K 5,512 K SiteAdvisor McAfee, Inc.TosBtMng.exe 1168 < 0.01 9,336 K 14,412 K Bluetooth Manager TOSHIBA CORPORATION.taskhost.exe 3344 < 0.01 9,892 K 12,800 K Host Process for Windows Tasks Microsoft CorporationTemproTray.exe 4164 < 0.01 43,924 K 41,624 K Toshiba TEMPRO Toshiba Europe GmbHVmbService.exe 3260 < 0.01 20,192 K 22,768 K VmbService VodafoneWLIDSVC.EXE 2396 < 0.01 9,148 K 18,640 K Microsoft® Windows Live ID Service Microsoft Corp.TMachInfo.exe 6504 < 0.01 37,308 K 37,428 K TSS TMachInfo Service TOSHIBA CorporationTosReelTimeMonitor.exe 4192 < 0.01 28,992 K 31,560 K Monitor of TOSHIBA ReelTime TOSHIBA Corporationcsrss.exe 564 < 0.01 2,972 K 5,416 K Client Server Runtime Process Microsoft Corporationsvchost.exe 1296 < 0.01 30,240 K 35,628 K Host Process for Windows Services Microsoft Corporationsvchost.exe 5872 < 0.01 14,492 K 18,268 K Host Process for Windows Services Microsoft CorporationSearchIndexer.exe 5108 < 0.01 47,888 K 38,700 K Microsoft Windows Search Indexer Microsoft CorporationDTShellHlp.exe 6068 < 0.01 6,100 K 20,792 K DAEMON Tools Shell Extensions Helper DT Soft Ltdmspaint.exe 7560 < 0.01 57,224 K 78,340 K Paint Microsoft Corporationwmpnetwk.exe 3276 < 0.01 13,500 K 12,412 K Windows Media Player Network Sharing Service Microsoft Corporationnvvsvc.exe 1464 < 0.01 6,972 K 14,380 K NVIDIA Driver Helper Service, Version 301.42 NVIDIA CorporationTemproSvc.exe 2660 < 0.01 33,812 K 26,548 K Toshiba TEMPRO Toshiba Europe GmbHnotepad.exe 4872 < 0.01 4,192 K 10,036 K Notepad Microsoft CorporationTosBtSrv.exe 1408 < 0.01 4,124 K 7,936 K TOSHIBA Bluetooth Service TOSHIBA CORPORATIONsvchost.exe 7112 < 0.01 66,960 K 29,720 K Host Process for Windows Services Microsoft CorporationTODDSrv.exe 2888 < 0.01 3,292 K 6,152 K TDCSrv Application TOSHIBA CorporationTosCoSrv.exe 2168 < 0.01 5,232 K 7,976 K TOSHIBA Power Saver TOSHIBA CorporationWLIDSVCM.EXE 3128 3,040 K 5,220 K Microsoft® Windows Live ID Service Monitor Microsoft Corp.wlanext.exe 1524 2,888 K 6,296 K Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporationwinlogon.exe 808 4,264 K 8,740 K Windows Logon Application Microsoft Corporationwininit.exe 664 2,224 K 5,220 K Windows Start-Up Application Microsoft CorporationUNS.exe 2708 3,916 K 8,280 K User Notification Service Intel CorporationTPwrMain.exe 4216 9,544 K 15,144 K TOSHIBA Power Saver TOSHIBA CorporationTPCHWMsg.exe 3340 5,380 K 9,456 K TOSHIBA PC Health Monitor TOSHIBA CorporationTPCHSrv.exe 4536 10,564 K 11,972 K TOSHIBA PC Health Monitor TOSHIBA CorporationTosSmartSrv.exe 5152 4,480 K 9,968 K TosSmartSrv.exe TOSHIBA CorporationTosSENotify.exe 6876 6,624 K 12,852 K TosSENotify.exe.mui TOSHIBA CorporationTosNcCore.exe 4172 5,804 K 12,680 K Message Center TOSHIBA CorporationToshibaServiceStation.exe 4776 46,648 K 69,844 K TOSHIBA Service Station TOSHIBA CorporationTosDIMonitor.exe 4460 75,476 K 67,036 K Toshiba Places Icon Utility ToshibaTosBtHSP.exe 6140 5,220 K 9,268 K TosBtHSP TOSHIBA CORPORATION.TosBtHid.exe 5384 3,632 K 8,632 K TosBtHid TOSHIBA CORPORATION.TosA2dp.exe 5988 6,936 K 11,840 K TosA2DP TOSHIBA CORPORATION.TecoService.exe 3192 5,044 K 9,700 K TOSHIBA eco Utility Service TOSHIBA CorporationTeco.exe 4300 5,600 K 10,744 K TOSHIBA eco Utility TOSHIBA CorporationTCrdMain.exe 4248 22,484 K 36,428 K TOSHIBA Flash Cards Main Module TOSHIBA Corporationtaskeng.exe 504 4,152 K 9,068 K Task Scheduler Engine Microsoft Corporationtaskeng.exe 4068 3,996 K 8,776 K Task Scheduler Engine Microsoft CorporationSynTPHelper.exe 4824 3,328 K 6,008 K Synaptics Pointing Device Helper Synaptics Incorporatedsvchost.exe 1876 13,756 K 15,968 K Host Process for Windows Services Microsoft Corporationsvchost.exe 3772 3,432 K 7,428 K Host Process for Windows Services Microsoft Corporationsvchost.exe 2616 2,728 K 7,404 K Host Process for Windows Services Microsoft Corporationspoolsv.exe 1848 10,504 K 16,440 K Spooler SubSystem App Microsoft Corporationsmss.exe 428 752 K 1,440 K Windows Session Manager Microsoft Corporationservices.exe 728 6,672 K 11,416 K Services and Controller app Microsoft Corporationrundll32.exe 2524 2,508 K 6,560 K Windows host process (Rundll32) Microsoft Corporationrundll32.exe 2512 2,492 K 6,068 K Windows host process (Rundll32) Microsoft Corporationrundll32.exe 2504 1,448 K 3,044 K Windows host process (Rundll32) Microsoft Corporationnvxdsync.exe 1424 9,724 K 20,132 K NVIDIA User Experience Driver Component NVIDIA Corporationnvvsvc.exe 984 3,636 K 8,508 K NVIDIA Driver Helper Service, Version 301.42 NVIDIA CorporationnvSCPAPISvr.exe 1008 2,840 K 6,072 K Stereo Vision Control Panel API Server NVIDIA CorporationNASvc.exe 7024 2,768 K 7,160 K NeroUpdate Nero AGmscorsvw.exe 2224 8,344 K 11,192 K .NET Runtime Optimization Service Microsoft Corporationmscorsvw.exe 6568 4,948 K 6,628 K .NET Runtime Optimization Service Microsoft CorporationmDNSResponder.exe 2260 2,924 K 6,400 K Bonjour Service Apple Inc.lsm.exe 756 3,472 K 5,148 K Local Session Manager Service Microsoft Corporationielowutil.exe 7428 2,156 K 540 K Internet Low-Mic Utility Tool Microsoft Corporationdllhost.exe 6300 4,364 K 9,444 K COM Surrogate Microsoft Corporationconhost.exe 1536 1,480 K 3,172 K Console Window Host Microsoft CorporationCFSwMgr.exe 6276 4,504 K 560 K ConfigFree Switch Manager Process TOSHIBA CORPORATIONCFSvcs.exe 6880 2,564 K 3,424 K ConfigFree Service Process TOSHIBA CORPORATIONCFIWmxSvcs64.exe 6800 2,992 K 5,336 K ConfigFree Service Process TOSHIBA CORPORATIONarmsvc.exe 2104 1,348 K 4,020 K Adobe Acrobat Update Service Adobe Systems IncorporatedProcess: uTorrent.exe Pid: 5196Name Description Company Name Pathadvapi32.dll Advanced Windows 32 Base API Microsoft Corporation C:\Windows\SysWOW64\advapi32.dllapisetschema.dll ApiSet Schema DLL Microsoft Corporation C:\Windows\System32\apisetschema.dllbcrypt.dll Windows Cryptographic Primitives Library (Wow64) Microsoft Corporation C:\Windows\SysWOW64\bcrypt.dllbcryptprimitives.dll Windows Cryptographic Primitives Library Microsoft Corporation C:\Windows\SysWOW64\bcryptprimitives.dllC_1252.NLS C:\Windows\System32\C_1252.NLScfgmgr32.dll Configuration Manager DLL Microsoft Corporation C:\Windows\SysWOW64\cfgmgr32.dllclbcatq.dll COM+ Configuration Catalog Microsoft Corporation C:\Windows\SysWOW64\clbcatq.dllcomctl32.dll User Experience Controls Library Microsoft Corporation C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dllcomdlg32.dll Common Dialogs DLL Microsoft Corporation C:\Windows\SysWOW64\comdlg32.dllcrypt32.dll Crypto API32 Microsoft Corporation C:\Windows\SysWOW64\crypt32.dllcryptbase.dll Base cryptographic API DLL Microsoft Corporation C:\Windows\SysWOW64\cryptbase.dllcryptsp.dll Cryptographic Service Provider API Microsoft Corporation C:\Windows\SysWOW64\cryptsp.dlldevobj.dll Device Information Set DLL Microsoft Corporation C:\Windows\SysWOW64\devobj.dlldhcpcsvc.dll DHCP Client Service Microsoft Corporation C:\Windows\SysWOW64\dhcpcsvc.dlldhcpcsvc6.dll DHCPv6 Client Microsoft Corporation C:\Windows\SysWOW64\dhcpcsvc6.dlldnsapi.dll DNS Client API DLL Microsoft Corporation C:\Windows\SysWOW64\dnsapi.dlldwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation C:\Windows\SysWOW64\dwmapi.dllFirewallAPI.dll Windows Firewall API Microsoft Corporation C:\Windows\SysWOW64\FirewallAPI.dllFWPUCLNT.DLL FWP/IPsec User-Mode API Microsoft Corporation C:\Windows\SysWOW64\FWPUCLNT.DLLgdi32.dll GDI Client DLL Microsoft Corporation C:\Windows\SysWOW64\gdi32.dllIconCodecService.dll Converts a PNG part of the icon to a legacy bmp icon Microsoft Corporation C:\Windows\SysWOW64\IconCodecService.dlliertutil.dll Run time utility for Internet Explorer Microsoft Corporation C:\Windows\SysWOW64\iertutil.dllimm32.dll Multi-User Windows IMM32 API Client DLL Microsoft Corporation C:\Windows\SysWOW64\imm32.dllindex.dat C:\Users\Didonko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.datindex.dat C:\Users\Didonko\AppData\Roaming\Microsoft\Windows\Cookies\index.datindex.dat C:\Users\Didonko\AppData\Local\Microsoft\Windows\History\History.IE5\index.datIPHLPAPI.DLL IP Helper API Microsoft Corporation C:\Windows\SysWOW64\IPHLPAPI.DLLkernel32.dll Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\kernel32.dllKernelBase.dll Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\KernelBase.dllKernelBase.dll.mui Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\en-US\KernelBase.dll.muilocale.nls C:\Windows\System32\locale.nlslpk.dll Language Pack Microsoft Corporation C:\Windows\SysWOW64\lpk.dllmdnsNSP.dll Bonjour Namespace Provider Apple Inc. C:\Program Files (x86)\Bonjour\mdnsNSP.dllmsasn1.dll ASN.1 Runtime APIs Microsoft Corporation C:\Windows\SysWOW64\msasn1.dllmsctf.dll MSCTF Server DLL Microsoft Corporation C:\Windows\SysWOW64\msctf.dllmsctf.dll.mui MSCTF Server DLL Microsoft Corporation C:\Windows\SysWOW64\en-US\msctf.dll.muimsimg32.dll GDIEXT Client DLL Microsoft Corporation C:\Windows\SysWOW64\msimg32.dllmsvcrt.dll Windows NT CRT DLL Microsoft Corporation C:\Windows\SysWOW64\msvcrt.dllmswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation C:\Windows\SysWOW64\mswsock.dllncrypt.dll Windows cryptographic library Microsoft Corporation C:\Windows\SysWOW64\ncrypt.dllnormaliz.dll Unicode Normalization DLL Microsoft Corporation C:\Windows\SysWOW64\normaliz.dllnpmproxy.dll Network List Manager Proxy Microsoft Corporation C:\Windows\SysWOW64\npmproxy.dllnsi.dll NSI User-mode interface DLL Microsoft Corporation C:\Windows\SysWOW64\nsi.dllntdll.dll NT Layer DLL Microsoft Corporation C:\Windows\System32\ntdll.dllntdll.dll NT Layer DLL Microsoft Corporation C:\Windows\SysWOW64\ntdll.dllole32.dll Microsoft OLE for Windows Microsoft Corporation C:\Windows\SysWOW64\ole32.dlloleaut32.dll Microsoft Corporation C:\Windows\SysWOW64\oleaut32.dllprofapi.dll User Profile Basic API Microsoft Corporation C:\Windows\SysWOW64\profapi.dllpsapi.dll Process Status Helper Microsoft Corporation C:\Windows\SysWOW64\psapi.dllR000000000009.clb C:\Windows\Registration\R000000000009.clbrasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation C:\Windows\SysWOW64\rasadhlp.dllrpcrt4.dll Remote Procedure Call Runtime Microsoft Corporation C:\Windows\SysWOW64\rpcrt4.dllRpcRtRemote.dll Remote RPC Extension Microsoft Corporation C:\Windows\SysWOW64\RpcRtRemote.dllrsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation C:\Windows\SysWOW64\rsaenh.dllsahook.dll SiteAdvisor McAfee, Inc. C:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dllsechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation C:\Windows\SysWOW64\sechost.dllsecur32.dll Security Support Provider Interface Microsoft Corporation C:\Windows\SysWOW64\secur32.dllsetupapi.dll Windows Setup API Microsoft Corporation C:\Windows\SysWOW64\setupapi.dllshell32.dll Windows Shell Common Dll Microsoft Corporation C:\Windows\SysWOW64\shell32.dllshlwapi.dll Shell Light-weight Utility Library Microsoft Corporation C:\Windows\SysWOW64\shlwapi.dllsnxhk.dll avast! snxhk AVAST Software C:\ProgramsInstalled\Avast\snxhk.dllSortDefault.nls C:\Windows\Globalization\Sorting\SortDefault.nlssspicli.dll Security Support Provider Interface Microsoft Corporation C:\Windows\SysWOW64\sspicli.dllStaticCache.dat C:\Windows\Fonts\StaticCache.daturlmon.dll OLE32 Extensions for Win32 Microsoft Corporation C:\Windows\SysWOW64\urlmon.dlluser32.dll Multi-User Windows USER API Client DLL Microsoft Corporation C:\Windows\SysWOW64\user32.dlluserenv.dll Userenv Microsoft Corporation C:\Windows\SysWOW64\userenv.dllusp10.dll Uniscribe Unicode script processor Microsoft Corporation C:\Windows\SysWOW64\usp10.dlluTorrent.exe µTorrent BitTorrent, Inc. C:\ProgramsInstalled\Utorrent\uTorrent.exeuxtheme.dll Microsoft UxTheme Library Microsoft Corporation C:\Windows\SysWOW64\uxtheme.dllversion.dll Version Checking and File Installation Libraries Microsoft Corporation C:\Windows\SysWOW64\version.dllWindowsCodecs.dll Microsoft Windows Codecs Library Microsoft Corporation C:\Windows\SysWOW64\WindowsCodecs.dllwininet.dll Internet Extensions for Win32 Microsoft Corporation C:\Windows\SysWOW64\wininet.dllwinnsi.dll Network Store Information RPC interface Microsoft Corporation C:\Windows\SysWOW64\winnsi.dllwintrust.dll Microsoft Trust Verification APIs Microsoft Corporation C:\Windows\SysWOW64\wintrust.dllWLIDNSP.DLL Microsoft® Windows Live ID Namespace Provider Microsoft Corp. C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLLwow64.dll Win32 Emulation on NT64 Microsoft Corporation C:\Windows\System32\wow64.dllwow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation C:\Windows\System32\wow64cpu.dllwow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation C:\Windows\System32\wow64win.dllws2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation C:\Windows\SysWOW64\ws2_32.dllwship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation C:\Windows\SysWOW64\wship6.dllWSHTCPIP.DLL Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation C:\Windows\SysWOW64\WSHTCPIP.DLL Link to comment Share on other sites More sharing options...
DreadWingKnight Posted July 10, 2012 Report Share Posted July 10, 2012 Uninstall McAfee SiteAdvisor (and the rest of McAfee while you're at it) Link to comment Share on other sites More sharing options...
Didonko Posted July 10, 2012 Author Report Share Posted July 10, 2012 McAfee SiteAdvisor fully removed - standing by for further development. So far so good, but that was the case after the restart yesterday as well.On another note, why would McAfee start interfering now, after 6 months of staying idle and not making a beep? Link to comment Share on other sites More sharing options...
Didonko Posted July 10, 2012 Author Report Share Posted July 10, 2012 Due to the lack of proper internet connection, uTorrent will not be active in the next few days.After the removal of McAfee site adviser, for the time being after the restart (~12-14GB download size) the CPU scored significantly lower usage. While one gadget still shows momentary peaks (refresh rate is set at 1 sec) which were not visible on the other gadget. The system has been stable, did not hang. However, I would like to give it another try, this time leave it for longer period of time and greater torrent load (50+ GB)Thank you for the quick answer, I think it really helped. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.