• Announcements

    • Bommuraj Paramaraj

      Important Security Advisory   06/07/2016

      On June 6th, 2016, BitTorrent was made aware of a security issue involving the vendor which powers our forums.
      The vulnerability appears to have been through one of the vendor’s other clients, however it allowed attackers to access some information on other accounts. As a result, attackers were able to download a list of our forum users. We are investigating further to learn if any other information was accessed.Our vendor has made backend changes so that the hashes in the file do not appear to be a usable attack vector. As a precaution, we are advising our users to change their passwords. While the passwords may not be used as a vector on the forums, those hashed passwords should be considered compromised. Anyone using the same password for forums as well as other places is strongly advised to update their passwords and/or practice good personal security practices.

Archived

This topic is now archived and is closed to further replies.

nishanth13

"It seems like uTorrent is already running but not responding "

2 posts in this topic

HI Guys ,

this is my problem i am attaching my hijack this report and process explorer reports please help .

Hijack This

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 2:24:41 PM, on 7/16/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

FIREFOX: 22.0 (en-US)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Users\nishanth\AppData\Roaming\uTorrent\utorrent.exe

C:\Program Files (x86)\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe

C:\Program Files (x86)\Privoxy\privoxy.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\KeyFocus\KFSensor\bin\kfsensmonitor.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Program Files (x86)\Notepad++\notepad++.exe

C:\Users\nishanth\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"

O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

O4 - HKLM\..\Run: [KFSensor] C:\Program Files (x86)\KeyFocus\KFSensor\bin\kfsensmonitor.exe -s

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Users\nishanth\AppData\Roaming\uTorrent\utorrent.exe"

O4 - Global Startup: 24Online Client.lnk = C:\Program Files (x86)\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: Privoxy.lnk = C:\Program Files (x86)\Privoxy\privoxy.exe

O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send Image To MindManager - res://C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/201

O8 - Extra context menu item: Send Link To MindManager - res://C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/203

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Send Page To MindManager - res://C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/204

O8 - Extra context menu item: Send Text To MindManager - res://C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/202

O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll

O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1355737065369

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apache2.2 - Apache Software Foundation - C:\WampDeveloper\Components\Apache\bin\httpd.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASO3DiskOptimizer - Systweak Software, (www.systweak.com) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe

O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe

O23 - Service: KFSensor (KeyFocusSensor) - KeyFocus Ltd., www.keyfocus.net - C:\Program Files (x86)\KeyFocus\KFSensor\bin\kfsnserv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Mysql - Unknown owner - C:\WampDeveloper\Components\Mysql\bin\mysqld.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe

O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE

O23 - Service: Photon Plus. OUC (Photon Plus. RunOuc) - Unknown owner - C:\Program Files (x86)\Photon Plus\Huawei\UpdateDog\ouc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe

O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 15103 bytes

Process Explorer

Process CPU Private Bytes Working Set PID Description Company Name

System Idle Process 56.75 0 K 24 K 0

System 1.35 112 K 668 K 4

Interrupts 1.92 0 K 0 K n/a Hardware Interrupts and DPCs

smss.exe 476 K 1,156 K 416 Windows Session Manager Microsoft Corporation

csrss.exe 0.05 2,372 K 4,832 K 588 Client Server Runtime Process Microsoft Corporation

wininit.exe 1,516 K 4,524 K 664 Windows Start-Up Application Microsoft Corporation

services.exe 0.08 6,624 K 12,684 K 736 Services and Controller app Microsoft Corporation

svchost.exe 0.06 4,796 K 9,196 K 928 Host Process for Windows Services Microsoft Corporation

BTStackServer.exe < 0.01 30,004 K 17,728 K 4612 Bluetooth Stack COM Server Broadcom Corporation.

BluetoothHeadsetProxy.exe 948 K 3,476 K 4752 Bluetooth Headset Skype Proxy Broadcom Corporation.

WmiPrvSE.exe 2,448 K 5,988 K 3708 WMI Provider Host Microsoft Corporation

dllhost.exe 324 K 96 K 6092 COM Surrogate Microsoft Corporation

svchost.exe 0.11 4,344 K 7,768 K 1004 Host Process for Windows Services Microsoft Corporation

atiesrxx.exe 1,448 K 4,012 K 480 AMD External Events Service Module AMD

atieclxx.exe 2,416 K 6,204 K 1460 AMD External Events Client Module AMD

svchost.exe 23,272 K 19,140 K 576 Host Process for Windows Services Microsoft Corporation

audiodg.exe 0.04 21,860 K 22,048 K 1116 Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 0.01 9,576 K 16,584 K 852 Host Process for Windows Services Microsoft Corporation

dwm.exe 1.80 33,512 K 43,248 K 3704 Desktop Window Manager Microsoft Corporation

WUDFHost.exe 1,908 K 6,000 K 5756 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation

svchost.exe 6,632 K 11,608 K 600 Host Process for Windows Services Microsoft Corporation

svchost.exe 0.11 25,056 K 40,128 K 1056 Host Process for Windows Services Microsoft Corporation

wuauclt.exe 1,940 K 6,396 K 5648 Windows Update Microsoft Corporation

svchost.exe 2,024 K 5,080 K 1192 Host Process for Windows Services Microsoft Corporation

SbieSvc.exe 1,816 K 3,696 K 1272 Sandboxie Service SANDBOXIE L.T.D

svchost.exe 0.02 15,872 K 16,456 K 1392 Host Process for Windows Services Microsoft Corporation

spoolsv.exe 7,516 K 11,056 K 1600 Spooler SubSystem App Microsoft Corporation

svchost.exe 12,056 K 15,252 K 1632 Host Process for Windows Services Microsoft Corporation

armsvc.exe 1,172 K 3,716 K 1740 Adobe Acrobat Update Service Adobe Systems Incorporated

httpd.exe 7,400 K 11,324 K 1820 Apache HTTP Server Apache Software Foundation

httpd.exe < 0.01 140,008 K 12,076 K 2132 Apache HTTP Server Apache Software Foundation

svchost.exe 0.01 4,660 K 7,848 K 1848 Host Process for Windows Services Microsoft Corporation

AppleMobileDeviceService.exe 0.03 2,892 K 8,112 K 1868 MobileDeviceService Apple Inc.

ASO3DefragSrv64.exe 0.01 2,444 K 4,112 K 1932 Advanced System Optimizer - Defrag Service Systweak Software, (www.systweak.com)

avp.exe 3.69 308,448 K 146,676 K 1992 Kaspersky Anti-Virus Kaspersky Lab ZAO

mDNSResponder.exe < 0.01 2,100 K 5,256 K 2040 Bonjour Service Apple Inc.

svchost.exe 1,904 K 4,796 K 1104 Host Process for Windows Services Microsoft Corporation

btwdins.exe 2,120 K 5,480 K 1368 Bluetooth Support Server Broadcom Corporation.

HWDeviceService64.exe 2,336 K 5,544 K 856 DCSHOST

DCSHelper.exe 1,796 K 6,328 K 1200 DataCardMonitor MFC Application Huawei Technologies Co., Ltd.

kfsnserv.exe 0.31 19,508 K 23,420 K 1268 KFSensor Server KeyFocus Ltd., www.keyfocus.net

mbamscheduler.exe 1,952 K 5,048 K 2064 Malwarebytes Anti-Malware Malwarebytes Corporation

mbamservice.exe 1.24 115,724 K 63,184 K 2108 Malwarebytes Anti-Malware Malwarebytes Corporation

mbamgui.exe 0.01 2,864 K 7,296 K 3312 Malwarebytes Anti-Malware Malwarebytes Corporation

mysqld.exe 0.02 463,232 K 43,192 K 2180

svchost.exe 1,180 K 3,472 K 2212 Host Process for Windows Services Microsoft Corporation

SMSvcHost.exe < 0.01 26,812 K 16,320 K 2232 SMSvcHost.exe Microsoft Corporation

NitroPDFDriverService8x64.exe 1,212 K 3,256 K 2632 Nitro PDF Spool Service Nitro PDF Software

NLSSRV32.EXE 1,944 K 4,580 K 2960 This service enables products that use the Nalpeiron Licensing System Nalpeiron Ltd.

svchost.exe 1,164 K 3,452 K 2544 Host Process for Windows Services Microsoft Corporation

svchost.exe 0.25 146,904 K 148,764 K 936 Host Process for Windows Services Microsoft Corporation

TeamViewer_Service.exe < 0.01 4,724 K 11,512 K 2996 TeamViewer 8 TeamViewer GmbH

vmnat.exe < 0.01 1,540 K 4,372 K 1724 VMware NAT Service VMware, Inc.

vmnetdhcp.exe 1,240 K 3,800 K 892 VMware VMnet DHCP service VMware, Inc.

vmware-usbarbitrator64.exe < 0.01 3,364 K 7,144 K 2972 VMware USB Arbitration Service VMware, Inc.

vmware-authd.exe 4,604 K 8,688 K 1920 VMware Authorization Service VMware, Inc.

taskhost.exe 0.02 12,428 K 12,716 K 3876 Host Process for Windows Tasks Microsoft Corporation

SearchIndexer.exe 0.41 78,572 K 93,652 K 5028 Microsoft Windows Search Indexer Microsoft Corporation

SearchProtocolHost.exe 0.22 15,604 K 10,672 K 6140 Microsoft Windows Search Protocol Host Microsoft Corporation

SearchFilterHost.exe 0.01 2,552 K 6,160 K 5144 Microsoft Windows Search Filter Host Microsoft Corporation

svchost.exe 2,472 K 5,964 K 3796 Host Process for Windows Services Microsoft Corporation

svchost.exe 1,508 K 4,112 K 1124 Host Process for Windows Services Microsoft Corporation

TrustedInstaller.exe 7,984 K 14,952 K 3152 Windows Modules Installer Microsoft Corporation

taskhost.exe 6,432 K 13,636 K 2880 Host Process for Windows Tasks Microsoft Corporation

lsass.exe 0.05 4,392 K 10,340 K 768 Local Security Authority Process Microsoft Corporation

lsm.exe 2,684 K 4,316 K 776 Local Session Manager Service Microsoft Corporation

csrss.exe 0.97 2,568 K 6,732 K 704 Client Server Runtime Process Microsoft Corporation

winlogon.exe 2,844 K 7,020 K 824 Windows Logon Application Microsoft Corporation

explorer.exe 0.67 27,956 K 49,696 K 3924 Windows Explorer Microsoft Corporation

sttray64.exe 8,792 K 19,328 K 3920 IDT PC Audio IDT, Inc.

SynTPEnh.exe 3.74 9,040 K 13,224 K 3528 Synaptics TouchPad Enhancements Synaptics Incorporated

GoogleToolbarNotifier.exe < 0.01 2,964 K 1,124 K 4016 GoogleToolbarNotifier Google Inc.

utorrent.exe 0.20 11,452 K 16,284 K 3320 µTorrent BitTorrent, Inc.

CyberoamClient.exe 0.20 3,256 K 10,580 K 2592 24Online Client eLitecore Technologies Ltd.

BTTray.exe 0.05 6,644 K 14,292 K 4376 Bluetooth Tray Application Broadcom Corporation.

privoxy.exe 2,000 K 6,220 K 4888 Privoxy The Privoxy team - www.privoxy.org

firefox.exe 7.53 362,180 K 395,616 K 5216 Firefox Mozilla Corporation

plugin-container.exe 0.36 15,640 K 20,712 K 872 Plugin Container for Firefox Mozilla Corporation

FlashPlayerPlugin_11_8_800_94.exe 0.23 4,752 K 10,652 K 4848 Adobe Flash Player 11.8 r800 Adobe Systems, Inc.

FlashPlayerPlugin_11_8_800_94.exe 1.32 94,668 K 61,012 K 4764 Adobe Flash Player 11.8 r800 Adobe Systems, Inc.

notepad++.exe 0.04 9,976 K 18,456 K 3008 Notepad++ : a free (GNU) source code editor Don HO don.h@free.fr

SynTPHelper.exe 1,220 K 3,268 K 1380 Synaptics Pointing Device Helper Synaptics Incorporated

avp.exe 0.30 42,720 K 6,880 K 5072 Kaspersky Anti-Virus Kaspersky Lab ZAO

KeyScrambler.exe < 0.01 2,392 K 8,144 K 4152 KeyScrambler QFX Software Corporation

KeyScrambler.exe 2,580 K 7,440 K 4716 KeyScrambler QFX Software Corporation

jusched.exe 1,108 K 4,372 K 4300 Java Update Scheduler Oracle Corporation

kfsensmonitor.exe 0.10 4,948 K 11,884 K 4272 kfsensmonitor.exe KeyFocus Ltd., www.keyfocus.net

osk.exe 0.10 10,792 K 16,920 K 2852 Accessibility On-Screen Keyboard Microsoft Corporation

notepad.exe 11,692 K 25,800 K 1524 Notepad Microsoft Corporation

procexp.exe 2,332 K 7,552 K 208 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

procexp64.exe 15.20 27,184 K 49,088 K 3648 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: utorrent.exe Pid: 3320

Name Description Company Name Path

advapi32.dll Advanced Windows 32 Base API Microsoft Corporation C:\Windows\SysWOW64\advapi32.dll

apisetschema.dll ApiSet Schema DLL Microsoft Corporation C:\Windows\System32\apisetschema.dll

clbcatq.dll COM+ Configuration Catalog Microsoft Corporation C:\Windows\SysWOW64\clbcatq.dll

comctl32.dll User Experience Controls Library Microsoft Corporation C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

comdlg32.dll Common Dialogs DLL Microsoft Corporation C:\Windows\SysWOW64\comdlg32.dll

crypt32.dll Crypto API32 Microsoft Corporation C:\Windows\SysWOW64\crypt32.dll

cryptbase.dll Base cryptographic API DLL Microsoft Corporation C:\Windows\SysWOW64\cryptbase.dll

cryptsp.dll Cryptographic Service Provider API Microsoft Corporation C:\Windows\SysWOW64\cryptsp.dll

dhcpcsvc.dll DHCP Client Service Microsoft Corporation C:\Windows\SysWOW64\dhcpcsvc.dll

dhcpcsvc6.dll DHCPv6 Client Microsoft Corporation C:\Windows\SysWOW64\dhcpcsvc6.dll

dnsapi.dll DNS Client API DLL Microsoft Corporation C:\Windows\SysWOW64\dnsapi.dll

dwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation C:\Windows\SysWOW64\dwmapi.dll

FirewallAPI.dll Windows Firewall API Microsoft Corporation C:\Windows\SysWOW64\FirewallAPI.dll

FWPUCLNT.DLL FWP/IPsec User-Mode API Microsoft Corporation C:\Windows\SysWOW64\FWPUCLNT.DLL

gdi32.dll GDI Client DLL Microsoft Corporation C:\Windows\SysWOW64\gdi32.dll

imm32.dll Multi-User Windows IMM32 API Client DLL Microsoft Corporation C:\Windows\SysWOW64\imm32.dll

IPHLPAPI.DLL IP Helper API Microsoft Corporation C:\Windows\SysWOW64\IPHLPAPI.DLL

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\kernel32.dll

KernelBase.dll Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\KernelBase.dll

KernelBase.dll.mui Windows NT BASE API Client DLL Microsoft Corporation C:\Windows\SysWOW64\en-US\KernelBase.dll.mui

locale.nls C:\Windows\System32\locale.nls

lpk.dll Language Pack Microsoft Corporation C:\Windows\SysWOW64\lpk.dll

mdnsNSP.dll Bonjour Namespace Provider Apple Inc. C:\Program Files (x86)\Bonjour\mdnsNSP.dll

msasn1.dll ASN.1 Runtime APIs Microsoft Corporation C:\Windows\SysWOW64\msasn1.dll

msctf.dll MSCTF Server DLL Microsoft Corporation C:\Windows\SysWOW64\msctf.dll

msi.dll Windows Installer Microsoft Corporation C:\Windows\SysWOW64\msi.dll

msiltcfg.dll Windows Installer Configuration API Stub Microsoft Corporation C:\Windows\SysWOW64\msiltcfg.dll

msvcrt.dll Windows NT CRT DLL Microsoft Corporation C:\Windows\SysWOW64\msvcrt.dll

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation C:\Windows\SysWOW64\mswsock.dll

npmproxy.dll Network List Manager Proxy Microsoft Corporation C:\Windows\SysWOW64\npmproxy.dll

nsi.dll NSI User-mode interface DLL Microsoft Corporation C:\Windows\SysWOW64\nsi.dll

ntdll.dll NT Layer DLL Microsoft Corporation C:\Windows\System32\ntdll.dll

ntdll.dll NT Layer DLL Microsoft Corporation C:\Windows\SysWOW64\ntdll.dll

ole32.dll Microsoft OLE for Windows Microsoft Corporation C:\Windows\SysWOW64\ole32.dll

oleaut32.dll Microsoft Corporation C:\Windows\SysWOW64\oleaut32.dll

profapi.dll User Profile Basic API Microsoft Corporation C:\Windows\SysWOW64\profapi.dll

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation C:\Windows\SysWOW64\rasadhlp.dll

rpcrt4.dll Remote Procedure Call Runtime Microsoft Corporation C:\Windows\SysWOW64\rpcrt4.dll

RpcRtRemote.dll Remote RPC Extension Microsoft Corporation C:\Windows\SysWOW64\RpcRtRemote.dll

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation C:\Windows\SysWOW64\rsaenh.dll

sechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation C:\Windows\SysWOW64\sechost.dll

shell32.dll Windows Shell Common Dll Microsoft Corporation C:\Windows\SysWOW64\shell32.dll

shfolder.dll Shell Folder Service Microsoft Corporation C:\Windows\SysWOW64\shfolder.dll

shlwapi.dll Shell Light-weight Utility Library Microsoft Corporation C:\Windows\SysWOW64\shlwapi.dll

SortDefault.nls C:\Windows\Globalization\Sorting\SortDefault.nls

sspicli.dll Security Support Provider Interface Microsoft Corporation C:\Windows\SysWOW64\sspicli.dll

StaticCache.dat C:\Windows\Fonts\StaticCache.dat

user32.dll Multi-User Windows USER API Client DLL Microsoft Corporation C:\Windows\SysWOW64\user32.dll

userenv.dll Userenv Microsoft Corporation C:\Windows\SysWOW64\userenv.dll

usp10.dll Uniscribe Unicode script processor Microsoft Corporation C:\Windows\SysWOW64\usp10.dll

utorrent.exe µTorrent BitTorrent, Inc. C:\Users\nishanth\AppData\Roaming\uTorrent\utorrent.exe

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation C:\Windows\SysWOW64\uxtheme.dll

version.dll Version Checking and File Installation Libraries Microsoft Corporation C:\Windows\SysWOW64\version.dll

winnsi.dll Network Store Information RPC interface Microsoft Corporation C:\Windows\SysWOW64\winnsi.dll

wow64.dll Win32 Emulation on NT64 Microsoft Corporation C:\Windows\System32\wow64.dll

wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation C:\Windows\System32\wow64cpu.dll

wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation C:\Windows\System32\wow64win.dll

ws2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation C:\Windows\SysWOW64\ws2_32.dll

wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation C:\Windows\SysWOW64\wship6.dll

WSHTCPIP.DLL Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation C:\Windows\SysWOW64\WSHTCPIP.DLL

Please Help me .

Share this post


Link to post
Share on other sites