AppHangB1

[Guest Biraj Tiwari]

Description:

A problem caused this program to stop interacting with Windows.

Problem signature:

Problem Event Name: AppHangB1

Application Name: BitTorrent.exe

Application Version: 7.6.1.26993

Application Timestamp: 4f7a2baa

Hang Signature: 7149

Hang Type: 1

OS Version: 6.1.7601.2.1.0.256.1

Locale ID: 1033

Additional Hang Signature 1: 71494fd2278e8ca7e2d5351438cbe482

Additional Hang Signature 2: acc6

Additional Hang Signature 3: acc6db7eabccb35ab283c0eef4ee00b0

Additional Hang Signature 4: bd15

Additional Hang Signature 5: bd15c967ff7a04642d28083ea9b204a2

Additional Hang Signature 6: 1ad8

Additional Hang Signature 7: 1ad80360cb17477a6225ef6d651ed0c6

Read our privacy statement online:

http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:

C:\Windows\system32\en-US\erofflps.txt

[Guest Biraj Tiwari]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:52:29 PM, on 4/4/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe

C:\Program Files (x86)\BitTorrent\BitTorrent.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\werfault.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Biraj\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Biraj\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Biraj\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RVFMGALR\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [ASUS ShellProcess Execute] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Biraj\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Google Update] "C:\Users\Biraj\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe

O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe

O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe

O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9843 bytes

[Guest Biraj Tiwari]

Process Explore:-

Process PID CPU Private Bytes Working Set Description Company Name

System Idle Process 0 86.93 0 K 24 K

System 4 0.02 168 K 2,292 K

Interrupts n/a 0.06 0 K 0 K Hardware Interrupts and DPCs

smss.exe 312 740 K 1,404 K

csrss.exe 488 < 0.01 2,580 K 4,792 K

wininit.exe 560 2,100 K 4,996 K

services.exe 616 7,324 K 10,648 K

svchost.exe 804 5,832 K 10,956 K Host Process for Windows Services Microsoft Corporation

NMIndexStoreSvr.exe 2940 12,196 K 17,420 K Nero Home Nero AG

FlashUtil32_11_2_202_228_ActiveX.exe 1940 3,568 K 8,504 K Adobe® Flash® Player Installer/Uninstaller 11.2 r202 Adobe Systems Incorporated

svchost.exe 884 0.03 6,488 K 10,300 K Host Process for Windows Services Microsoft Corporation

atiesrxx.exe 932 2,288 K 5,008 K AMD External Events Service Module AMD

atieclxx.exe 1436 < 0.01 3,484 K 7,452 K

svchost.exe 1004 < 0.01 23,936 K 24,916 K Host Process for Windows Services Microsoft Corporation

svchost.exe 152 < 0.01 111,220 K 118,984 K Host Process for Windows Services Microsoft Corporation

dwm.exe 1764 0.05 50,596 K 61,384 K Desktop Window Manager Microsoft Corporation

svchost.exe 340 < 0.01 21,904 K 34,944 K Host Process for Windows Services Microsoft Corporation

taskeng.exe 1736 3,360 K 7,616 K

AsRoutineController.exe 1832 3,396 K 528 K

TurboVHelp.exe 2300 12,224 K 764 K

EPUHelp.exe 2664 5,652 K 528 K

AI Suite II.exe 3468 59,576 K 5,536 K

AlertHelper.exe 2336 3,572 K 528 K

VRMHelp.exe 1860 5,248 K 528 K

svchost.exe 480 < 0.01 11,188 K 17,048 K Host Process for Windows Services Microsoft Corporation

svchost.exe 1140 < 0.01 15,484 K 17,648 K Host Process for Windows Services Microsoft Corporation

spoolsv.exe 1280 7,236 K 12,156 K Spooler SubSystem App Microsoft Corporation

svchost.exe 1308 16,376 K 17,452 K Host Process for Windows Services Microsoft Corporation

armsvc.exe 1420 1,316 K 3,988 K Adobe Acrobat Update Service Adobe Systems Incorporated

taskhost.exe 1620 9,052 K 11,256 K Host Process for Windows Tasks Microsoft Corporation

atkexComSvc.exe 1684 0.04 17,048 K 19,652 K

aaHMSvc.exe 1212 0.05 6,120 K 8,536 K

AsSysCtrlService.exe 1628 3,624 K 5,908 K

AdminService.exe 1996 2,744 K 6,228 K AdminService Application Atheros Commnucations

BCUService.exe 1080 1,088 K 3,548 K Browser Configuration Utility Auto-recovery Service DeviceVM, Inc.

sqlservr.exe 1900 < 0.01 173,856 K 2,344 K SQL Server Windows NT - 64 Bit Microsoft Corporation

sqlwriter.exe 3044 2,764 K 6,920 K SQL Server VSS Writer - 64 Bit Microsoft Corporation

SearchIndexer.exe 3184 < 0.01 35,948 K 18,928 K Microsoft Windows Search Indexer Microsoft Corporation

SearchFilterHost.exe 1476 3,028 K 6,036 K

SearchProtocolHost.exe 4656 < 0.01 3,332 K 7,948 K Microsoft Windows Search Protocol Host Microsoft Corporation

svchost.exe 3572 36,504 K 30,376 K Host Process for Windows Services Microsoft Corporation

svchost.exe 3612 2,240 K 5,184 K Host Process for Windows Services Microsoft Corporation

NMIndexingService.exe 4104 < 0.01 4,892 K 9,608 K Nero Home Nero AG

PresentationFontCache.exe 4744 27,880 K 19,820 K PresentationFontCache.exe Microsoft Corporation

svchost.exe 4836 < 0.01 8,976 K 16,980 K Host Process for Windows Services Microsoft Corporation

wmpnetwk.exe 3540 < 0.01 10,836 K 9,240 K Windows Media Player Network Sharing Service Microsoft Corporation

svchost.exe 4608 13,404 K 16,092 K Host Process for Windows Services Microsoft Corporation

svchost.exe 1644 1,696 K 3,716 K Host Process for Windows Services Microsoft Corporation

WerFault.exe 1448 < 0.01 6,336 K 15,292 K Windows Problem Reporting Microsoft Corporation

lsass.exe 644 < 0.01 5,744 K 13,124 K Local Security Authority Process Microsoft Corporation

lsm.exe 652 3,068 K 4,772 K

csrss.exe 584 0.03 4,168 K 10,072 K

winlogon.exe 704 3,872 K 7,932 K

explorer.exe 1876 < 0.01 50,928 K 87,860 K Windows Explorer Microsoft Corporation

RAVCpl64.exe 2868 10,120 K 11,984 K Realtek HD Audio Manager Realtek Semiconductor

BtvStack.exe 2268 18,808 K 19,824 K Bluetooth Stack Server Atheros Commnucations

AthBtTray.exe 2276 5,104 K 12,676 K Bluetooth Tray Atheros Commnucations

sidebar.exe 2352 0.09 44,332 K 43,880 K Windows Desktop Gadgets Microsoft Corporation

DTShellHlp.exe 4228 < 0.01 5,792 K 13,160 K DAEMON Tools Shell Extensions Helper DT Soft Ltd

NMBgMonitor.exe 2544 4,368 K 9,392 K Nero Home Nero AG

DTLite.exe 2648 5,812 K 13,948 K DAEMON Tools Lite DT Soft Ltd

BitTorrent.exe 2860 12.46 22,628 K 23,020 K BitTorrent BitTorrent, Inc.

iexplore.exe 2508 < 0.01 13,856 K 32,752 K Internet Explorer Microsoft Corporation

iexplore.exe 2988 0.01 186,556 K 184,056 K Internet Explorer Microsoft Corporation

iexplore.exe 2348 < 0.01 89,036 K 84,844 K Internet Explorer Microsoft Corporation

iexplore.exe 3332 < 0.01 66,544 K 62,092 K Internet Explorer Microsoft Corporation

WinRAR.exe 5208 < 0.01 11,224 K 17,860 K WinRAR archiver Alexander Roshal

procexp.exe 6016 2,368 K 7,040 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

procexp64.exe 5844 0.14 23,984 K 40,140 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

chrome.exe 1572 29,612 K 47,868 K Google Chrome Google Inc.

chrome.exe 3560 < 0.01 25,628 K 33,440 K Google Chrome Google Inc.

pnSvc.exe 2220 9,720 K 528 K

EC Simulator.exe 2376 < 0.01 14,456 K 3,024 K

nusb3mon.exe 3412 2,244 K 5,856 K USB 3.0 Monitor Renesas Electronics Corporation

BCU.exe 3448 0.05 6,692 K 11,736 K Browser Configuration Utility DeviceVM, Inc.

AsShellProcess.exe 4016 1,512 K 5,320 K Helper AP for Windows ShellExec for NT ASUSTeK Computer Inc.

MOM.exe 4024 < 0.01 43,440 K 5,424 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.

CCC.exe 4540 < 0.01 123,448 K 5,552 K Catalyst Control Center: Host application ATI Technologies Inc.