Jump to content

Paused


hectortheinspector

Recommended Posts

Posted

On a regular basis all the torrents are paused. It does not matter whether they are downloading, uploading or even stopped. They all go into the paused mode. I then have to individually start them. I was wondering whether this was a program thing, router(Airlink) or maybe the provider?

Posted

...? Paused mode as in paused.png? If you're not doing it yourself, then it might be malware, or maybe someone controlling it via webui.

If you're using webui, then do select a better username/password combination. If you're not using webui, then make sure it's disabled in the Preferences.

Also...

a) get HijackThis from trendsecure.com, run it, view the log, and post the contents here

B) get Process Explorer from sysinternals.com, run it, Ctrl+D (to show the lower DLL pane), select the µTorrent process from the list, Ctrl+S (and save the list somewhere you'll find easily -- like the Desktop), then post the contents of the saved process list in the .txt file here

Posted

As requested:

Process PID CPU Description Company Name

System Idle Process 0 70.77

Interrupts n/a 0.77 Hardware Interrupts

DPCs n/a 0.77 Deferred Procedure Calls

System 4 3.85

smss.exe 1060 Windows NT Session Manager Microsoft Corporation

csrss.exe 1136 Client Server Runtime Process Microsoft Corporation

winlogon.exe 1160 Windows NT Logon Application Microsoft Corporation

services.exe 1204 Services and Controller app Microsoft Corporation

svchost.exe 1392 Generic Host Process for Win32 Services Microsoft Corporation

igfxsrvc.exe 2108 igfxsrvc Module Intel Corporation

svchost.exe 1488 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1616 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1828 Generic Host Process for Win32 Services Microsoft Corporation

svchost.exe 1912 Generic Host Process for Win32 Services Microsoft Corporation

spoolsv.exe 288 Spooler SubSystem App Microsoft Corporation

AppleMobileDeviceService.exe 2200 Apple Mobile Device Service Apple, Inc.

atchksrv.exe 2216 Displays state of Intel® Active Management Technology. Intel Corporation

avp.exe 2240 Kaspersky Anti-Virus Kaspersky Lab

mDNSResponder.exe 2256 Bonjour Service Apple Inc.

LMS.exe 2400 Local Manageability Service Intel

FormatM.exe 2644 MacOpener Mac Formatter DataViz Inc.

MagicTuneEngine.exe 2876

MagicTune.exe 536 MagicTune SEC

svchost.exe 2948

PSIService.exe 3032 nTitles PSIService

StarWindServiceAE.exe 3212 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software

svchost.exe 3260 Generic Host Process for Win32 Services Microsoft Corporation

UNS.exe 3308 User Notification Service Intel

FNPLicensingService.exe 3692 Activation Licensing Service Macrovision Europe Ltd.

iPodService.exe 3908 iPodService Module Apple Inc.

alg.exe 3004 Application Layer Gateway Service Microsoft Corporation

lsass.exe 1216 LSA Shell (Export Version) Microsoft Corporation

explorer.exe 576 Windows Explorer Microsoft Corporation

RTHDCPL.exe 1052 Realtek HD Audio Control Panel Realtek Semiconductor Corp.

atchk.exe 1084 Displays state of Intel® Active Management Technology. Intel Corporation

avp.exe 1100 Kaspersky Anti-Virus Kaspersky Lab

loadwzco.exe 1124 WinZip E-Mail Companion OE launcher Nektra S.A./WinZip Computing, S.L.

jusched.exe 1284 Java Platform SE binary Sun Microsystems, Inc.

eBayTBDaemon.exe 1292 eBay Toolbar Daemon eBay Inc.

Communications_Helper.exe 1424 Communications Manager Logitech Inc.

LVComSX.exe 1464 LVCom Server Logitech Inc.

PWRISOVM.EXE 1552 PowerISO Virtual Drive Manager PowerISO Computing, Inc.

swnxt.exe 1644 SpywareNuker XT Trek Blue, Inc

Acrotray.exe 1684 AcroTray Adobe Systems Inc.

iTunesHelper.exe 1712 iTunesHelper Module Apple Inc.

ctfmon.exe 1724 CTF Loader Microsoft Corporation

SecCopy.exe 1740 SecCopy Centered Systems

AtomicAlarmClock.exe 1760

UIWatcher.exe 1768 ashampoo UnInstaller Watcher ashampoo GmbH & Co. KG

robotaskbaricon.exe 1780 RoboForm TaskBar Icon Siber Systems

GammaTray.exe 1796 GammaTray MFC ?? ????

SetPoint.exe 1840 Logitech SetPoint Event Manager (UNICODE) Logitech Inc.

KHALMNPR.exe 1948 Logitech KHAL Main Process Logitech Inc.

MacName.exe 1848 MacName UI Loader DataViz Inc.

NCProTray.exe 1880 NCPro Samsung

VersionTrackerPro.exe 444 VersionTracker Pro Windows CNET TechTracker

WZQKPICK.EXE 752 WinZip Executable WinZip Computing, S.L.

MagicDisc.exe 768 MagicISO Virtual CD/DVD Manager MagicISO, Inc.

SkypeMate.exe 780 Application for Skype

Skype.exe 556 Skype. Take a deep breath Skype Technologies S.A.

skypePM.exe 3716 Skype Extras Manager Skype Technologies

uTorrent.exe 3740 23.85

procexp.exe 3220 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

Process: uTorrent.exe Pid: 3740

Name Description Company Name Version

ACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180

adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180

ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180

ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000

CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308

COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982

comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180

COMRes.dll Microsoft Corporation 2001.12.4414.0258

ctype.nls

DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.2938

dnsq.dll DNSQ Kaspersky Lab 7.00.0000.0125

GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3159

hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180

IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180

Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912

kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119

lgscroll.dll Logitech Scroll Enabler (UNICODE) Logitech Inc. 4.00.0121.0000

locale.nls

MacName.dll MacName UI Hook DataViz Inc. 6.00.0005.0004

mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 1.00.0004.0012

miscr3.dll Kaspersky Anti-Virus Ring 3 Hooker Helper Kaspersky Lab 7.00.0000.0125

MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180

MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.2180

msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180

MSVCP80.dll Microsoft® C++ Runtime Library Microsoft Corporation 8.00.50727.1433

MSVCR80.dll Microsoft® C Runtime Library Microsoft Corporation 8.00.50727.1433

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180

mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.2180

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976

ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180

NTMARTA.DLL Windows NT MARTA provider Microsoft Corporation 5.01.2600.2180

ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726

oleaut32.dll Microsoft Corporation 5.01.2600.3266

psapi.dll Process Status Helper Microsoft Corporation 5.01.2600.2180

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938

RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173

rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180

SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180

Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180

SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180

SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241

SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.2995

sortkey.nls

sorttbls.nls

unicode.nls

USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099

uTorrent.exe

uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180

VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 5.01.2600.2180

WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180

WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180

wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:51:15 AM, on 3/16/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\system32\spoolsv.exe

E:\WINDOWS\Explorer.EXE

E:\WINDOWS\RTHDCPL.EXE

E:\Program Files\Intel\AMT\atchk.exe

E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

E:\Program Files\WinZip E-Mail Companion\loadwzco.exe

E:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

E:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

E:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe

E:\Program Files\PowerISO\PWRISOVM.EXE

E:\Program Files\Spyware Nuker\swnxt.exe

E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

E:\Program Files\iTunes\iTunesHelper.exe

E:\WINDOWS\system32\ctfmon.exe

E:\PROGRA~1\SecCopy\SecCopy.exe

E:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe

E:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe

E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

E:\Program Files\MagicTune Premium\GammaTray.exe

E:\Program Files\Logitech\SetPoint\SetPoint.exe

E:\Program Files\Conversions Plus\MacName.exe

E:\Program Files\SEC\Natural Color Pro\NCProTray.exe

E:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE

E:\Program Files\TechTracker\VersionTracker Pro\VersionTrackerPro.exe

E:\Program Files\WinZip\WZQKPICK.EXE

E:\Program Files\MagicDisc\MagicDisc.exe

E:\Program Files\SkypeMate\SkypeMate.exe

E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

E:\Program Files\Intel\AMT\atchksrv.exe

E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

E:\Program Files\Bonjour\mDNSResponder.exe

E:\Program Files\Intel\AMT\LMS.exe

E:\Program Files\Conversions Plus\FORMATM.EXE

E:\Program Files\MagicTune Premium\MagicTuneEngine.exe

C:\Program Files\Outlook Express\svchost.exe

E:\WINDOWS\system32\PSIService.exe

E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\Intel\AMT\UNS.exe

E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

E:\Program Files\iPod\bin\iPodService.exe

E:\Program Files\MagicTune Premium\MagicTune.exe

E:\Program Files\Skype\Phone\Skype.exe

E:\Program Files\Skype\Plugin Manager\skypePM.exe

E:\WINDOWS\system32\igfxsrvc.exe

E:\Program Files\uTorrent\uTorrent.exe

E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

E:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://latino.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - E:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - E:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - E:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - E:\Program Files\Power Translator 11\Applications\LEC IE Translation Extension.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKLM\..\Run: [igfxTray] E:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] E:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] E:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [atchk] "E:\Program Files\Intel\AMT\atchk.exe"

O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"

O4 - HKLM\..\Run: [WinZip E-Mail Companion OEAPI] "E:\Program Files\WinZip E-Mail Companion\loadwzco.exe"

O4 - HKLM\..\Run: [QuickFinder Scheduler] "E:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"

O4 - HKLM\..\Run: [PdxRegCl] "E:\Program Files\Paradox\Programs\PdxRegCl.exe" /s /c

O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [eBayToolbar] E:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

O4 - HKLM\..\Run: [NBKeyScan] "E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LVCOMSX] "E:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"

O4 - HKLM\..\Run: [Media Codec Update Service] E:\Program Files\Essentials Codec Pack\update.exe -silent

O4 - HKLM\..\Run: [PWRISOVM.EXE] E:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [MacLicense] "E:\Program Files\Conversions Plus\MacLic.exe"

O4 - HKLM\..\Run: [sWN2] E:\Program Files\Spyware Nuker\swnxt.exe /h

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [second Copy] "E:\PROGRA~1\SecCopy\SecCopy.exe"

O4 - HKCU\..\Run: [skinClock] E:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe

O4 - HKCU\..\Run: [uIWatcher] E:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe

O4 - HKCU\..\Run: [mtryxe] e:\documents and settings\gord\local settings\application data\mtryxe.exe mtryxe

O4 - HKCU\..\Run: [RoboForm] "E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user')

O4 - Startup: MagicDisc.lnk = E:\Program Files\MagicDisc\MagicDisc.exe

O4 - Startup: SkypeMate.lnk = E:\Program Files\SkypeMate\SkypeMate.exe

O4 - Global Startup: GammaTray.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: MacName.lnk = E:\Program Files\Conversions Plus\MacName.exe

O4 - Global Startup: NCProTray.lnk = ?

O4 - Global Startup: VersionTrackerPro.lnk = ?

O4 - Global Startup: WinZip Quick Pick.lnk = E:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: Append to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Customize Menu - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: eBay Search - res://E:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: Fill Forms - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: Open with WordPerfect - E:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta

O8 - Extra context menu item: RoboForm Toolbar - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: Save Forms - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1200522297687

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1200621632078

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Intel® Active Management Technology System Status Service (atchksrv) - Intel Corporation - E:\Program Files\Intel\AMT\atchksrv.exe

O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - E:\Program Files\Power Translator 11\LogoMedia TranslateDotNet Server.exe

O23 - Service: Intel® Active Management Technology Local Management Service (LMS) - Intel - E:\Program Files\Intel\AMT\LMS.exe

O23 - Service: MacFormatService - DataViz Inc. - E:\Program Files\Conversions Plus\FORMATM.EXE

O23 - Service: MagicTuneEngine - Unknown owner - E:\Program Files\MagicTune Premium\MagicTuneEngine.exe

O23 - Service: Window Net Dns (MyDNS) - Unknown owner - C:\Program Files\Outlook Express\svchost.exe

O23 - Service: ProtexisLicensing - Unknown owner - E:\WINDOWS\system32\PSIService.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Intel® Active Management Technology User Notification Service (UNS) - Intel - E:\Program Files\Intel\AMT\UNS.exe

--

End of file - 14857 bytes

Posted

With all that software I'm not surprised. Firstly see if you can get rid of that HTTP hooking in Kaspersky. Second why is a conversion software hooking into uT? There are other possible problem programs installed, however they don't normally cause the symptoms you're experiencing.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...