k1lljoy Posted October 1, 2009 Report Share Posted October 1, 2009 I have a problem thats been plaguing me for a while.... Im trying to download about 200 torrents... I have it set to download 20 at a time... and it still cant remain stable for more than a few minutes.When the download rate climbs over 2MB/s (im on a 100mbit connection), ram usage starts growing rapidly until it reaches 1.9-2GB and then utorrent freezes. Its downloading to a RAID5 array, and I have 12GB of RAM. Running WIndows 7 64bit. I tried to cut it down to 10 torrents at a time... no effect. Any ideas whats causing this? Link to comment Share on other sites More sharing options...
Switeck Posted October 1, 2009 Report Share Posted October 1, 2009 Hostile software is deeply embedded that is trying to monitor the traffic going to/from uTorrent. (A man-in-the-middle form of attack.)Best to remove such software.1st link in my signature, VERY bottom -- the Process Explorer procedure. We need uTorrent's DLL list to see what 3rd party DLLs are deep linking into uTorrent. Link to comment Share on other sites More sharing options...
k1lljoy Posted October 1, 2009 Author Report Share Posted October 1, 2009 I really doubt that... single torrent at a time I was able to download at over 10MB/s no problem..... but multiple torrents is a whole another story. Link to comment Share on other sites More sharing options...
Switeck Posted October 1, 2009 Report Share Posted October 1, 2009 That's why I'm asking you to look. Link to comment Share on other sites More sharing options...
k1lljoy Posted October 1, 2009 Author Report Share Posted October 1, 2009 Process PID CPU Description Company NameSystem Idle Process 0 85.25 Interrupts n/a 0.19 Hardware Interrupts DPCs n/a 0.19 Deferred Procedure Calls System 4 0.57 smss.exe 356 csrss.exe 488 wininit.exe 592 services.exe 652 svchost.exe 788 0.19 wlcomm.exe 4844 Windows Live Communications Platform Microsoft Corporation wmplayer.exe 8928 1.52 Windows Media Player Microsoft Corporation dllhost.exe 5292 COM Surrogate Microsoft Corporation nvvsvc.exe 844 nvvsvc.exe 1560 svchost.exe 892 svchost.exe 952 audiodg.exe 10784 svchost.exe 984 dwm.exe 2328 Desktop Window Manager Microsoft Corporation WUDFHost.exe 2636 svchost.exe 1012 wuauclt.exe 8804 Windows Update Microsoft Corporation svchost.exe 1028 svchost.exe 1144 spoolsv.exe 1292 svchost.exe 1320 avgwdsvc.exe 1420 avgrsa.exe 1692 avgnsa.exe 1700 0.19 svchost.exe 1472 MSCamS64.exe 1500 NBService.exe 1580 IoctlSvc.exe 1836 nvSCPAPISvr.exe 1904 svchost.exe 1960 avgemc.exe 1992 avgcsrvx.exe 2112 taskhost.exe 2360 Host Process for Windows Tasks Microsoft Corporation svchost.exe 3100 NMIndexingService.exe 3716 SearchIndexer.exe 3768 SearchProtocolHost.exe 7420 SearchFilterHost.exe 7720 wmpnetwk.exe 4584 svchost.exe 4708 svchost.exe 4384 0.19 FNPLicensingService.exe 1968 svchost.exe 2704 taskhost.exe 6876 svchost.exe 4360 lsass.exe 676 lsm.exe 684 csrss.exe 608 winlogon.exe 448 taskmgr.exe 1440 0.38 Windows Task Manager Microsoft Corporationexplorer.exe 2468 1.90 Windows Explorer Microsoft Corporation RAVCpl64.exe 2812 HD Audio Control Panel Realtek Semiconductor DisplayFusion.exe 3168 0.57 DisplayFusionHookx86.exe 3152 Skype.exe 3176 Skype Skype Technologies S.A. sidebar.exe 3228 Windows Desktop Gadgets Microsoft Corporation Dropbox.exe 3564 0.19 Dropbox OUTLOOK.EXE 3592 Microsoft Office Outlook Microsoft Corporation Acrobat.exe 1196 Adobe Acrobat 9.1 Adobe Systems Incorporated postbox.exe 3696 Postbox Postbox, Inc. wsftpgui.exe 3820 WS_FTP Pro Application Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421 Dreamweaver.exe 8124 0.95 Adobe Dreamweaver CS4 Adobe Systems, Inc. msnmsgr.exe 2320 Windows Live Messenger Microsoft Corporation WINWORD.EXE 3624 Microsoft Office Word Microsoft Corporation splwow64.exe 3456 Print driver host for 32bit applications Microsoft Corporation calc.exe 3004 Windows Calculator Microsoft Corporation BitLord.exe 12768 3.23 BitLord www.BitLord.com uTorrent.exe 6076 0.95 µTorrent BitTorrent, Inc.avgtray.exe 3656 AVG Tray Monitor AVG Technologies CZ, s.r.o.RIMAutoUpdate.exe 3704 RIM Auto Update Research In Motion LimitedScan2Pc.exe 3832 ScanToPc MFC Application jusched.exe 4032 Java Platform SE binary Sun Microsystems, Inc.firefox.exe 5356 1.52 Firefox Mozilla Corporationpidgin.exe 4028 ielowutil.exe 6608 Internet Low-Mic Utility Tool Microsoft CorporationOrbLauncher.exe 3652 Orb.exe 6300 procexp.exe 4292 Sysinternals Process Explorer Sysinternals - www.sysinternals.com procexp64.exe 4548 2.28 Sysinternals Process Explorer Sysinternals - www.sysinternals.comProcess: uTorrent.exe Pid: 6076Name Description Company Name Version{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000004.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db {DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db actxprxy.dll ActiveX Interface Marshaling Library Microsoft Corporation 6.1.7100.0ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.1.7100.0ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.0AUTHZ.dll Authorization Framework Microsoft Corporation 6.1.7100.0CFGMGR32.dll Configuration Manager DLL Microsoft Corporation 6.1.7100.0CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.8030.0COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.7100.19comctl32.dll.mui User Experience Controls Library Microsoft Corporation 6.10.7100.0comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.1.7100.0credssp.dll Credential Delegation Security Package Microsoft Corporation 6.1.7100.0CRYPT32.dll Crypto API32 Microsoft Corporation 6.1.7100.0CRYPTBASE.dll Base cryptographic API DLL Microsoft Corporation 6.1.7100.0CRYPTSP.dll Cryptographic Service Provider API Microsoft Corporation 6.1.7100.0cversions.2.db cversions.2.db DEVOBJ.dll Device Information Set DLL Microsoft Corporation 6.1.7100.0dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.1.7100.0dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.1.7100.0DisplayFusionHookx86.dll DisplayFusion Hook Binary Fortress Software 1.9.0.0DnsApi.dll DNS Client API DLL Microsoft Corporation 6.1.7100.0DUser.dll Windows DirectUser Engine Microsoft Corporation 6.1.7100.0duser.dll.mui Windows DirectUser Engine Microsoft Corporation 6.1.7100.0dwmapi.dll Microsoft Desktop Window Manager API Microsoft Corporation 6.1.7100.0FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.1.7100.0fwpuclnt.dll FWP/IPsec User-Mode API Microsoft Corporation 6.1.7100.0GDI32.dll GDI Client DLL Microsoft Corporation 6.1.7100.19GPAPI.dll Group Policy Client API Microsoft Corporation 6.1.7100.0hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 6.1.7100.0hnetcfg.dll.mui Home Networking Configuration Manager Microsoft Corporation 6.1.7100.0iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.0.7100.13IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.1.7100.0Iphlpapi.dll IP Helper API Microsoft Corporation 6.1.7100.0kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.1.7100.0KERNELBASE.dll Windows NT BASE API Client DLL Microsoft Corporation 6.1.7100.0KernelBase.dll.mui Windows NT BASE API Client DLL Microsoft Corporation 6.1.7100.0locale.nls LPK.dll Language Pack Microsoft Corporation 6.1.7100.0MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.1.7100.0MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.1.7100.0msctf.dll.mui MSCTF Server DLL Microsoft Corporation 6.1.7100.0msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.7100.0mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.1.7100.0msxml3.dll MSXML 3.0 SP11 Microsoft Corporation 8.110.7100.0msxml3r.dll XML Resources Microsoft Corporation 8.110.7100.0netshell.dll Network Connections Shell Microsoft Corporation 6.1.7100.0netutils.dll Net Win32 API Helpers DLL Microsoft Corporation 6.1.7100.0nlaapi.dll Network Location Awareness 2 Microsoft Corporation 6.1.7100.0normnfd.nls npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.1.7100.0NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.1.7100.0ntdll.dll NT Layer DLL Microsoft Corporation 6.1.7100.0ntdll.dll NT Layer DLL Microsoft Corporation 6.1.7100.0ntmarta.dll Windows NT MARTA provider Microsoft Corporation 6.1.7100.0ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.1.7100.0oleaut32.dll Microsoft Corporation 6.1.7100.0peerdist.dll BranchCache Client Library Microsoft Corporation 6.1.7100.0profapi.dll User Profile Basic API Microsoft Corporation 6.1.7100.0propsys.dll Microsoft Property System Microsoft Corporation 7.0.7100.0psapi.dll Process Status Helper Microsoft Corporation 6.1.7100.0rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.1.7100.0RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.1.7100.0RpcRtRemote.dll Remote RPC Extension Microsoft Corporation 6.1.7100.0rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.1.7100.0sechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation 6.1.7100.0SETUPAPI.dll Windows Setup API Microsoft Corporation 6.1.7100.0SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.1.7100.0shfolder.dll Shell Folder Service Microsoft Corporation 6.1.7100.0SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.1.7100.0slc.dll Software Licensing Client Dll Microsoft Corporation 6.1.7100.0SortDefault.nls SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.1.7100.0SspiCli.dll Security Support Provider Interface Microsoft Corporation 6.1.7100.0StaticCache.dat SXS.DLL Fusion 2.5 Microsoft Corporation 6.1.7100.19upnp.dll UPnP Control Point API Microsoft Corporation 6.1.7100.0urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 8.0.7100.18urlmon.dll.mui OLE32 Extensions for Win32 Microsoft Corporation 8.0.7100.0USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.1.7100.19USERENV.dll Userenv Microsoft Corporation 6.1.7100.0USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.7100.0uTorrent.exe µTorrent BitTorrent, Inc. 1.8.3.15772uxtheme.dll Microsoft UxTheme Library Microsoft Corporation 6.1.7100.0VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.1.7100.0webio.dll Web Transfer Protocols API Microsoft Corporation 6.1.7100.0WINHTTP.dll Windows HTTP Services Microsoft Corporation 6.1.7100.0WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.1.7100.0wkscli.dll Workstation Service Client DLL Microsoft Corporation 6.1.7100.0WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.1.7100.0wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.1.7100.0wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.1.7100.0wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.1.7100.0WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.1.7100.0wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.1.7100.0wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.1.7100.0------------------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:56:22 PM, on 10/1/2009Platform: Unknown Windows (WinNT 6.01.3004)MSIE: Internet Explorer v8.00 (8.00.7100.0000)Boot mode: NormalRunning processes:C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Users\Yegor\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXEC:\Program Files (x86)\AVG\AVG8\avgtray.exeC:\Program Files (x86)\Postbox\postbox.exeC:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exeC:\Program Files (x86)\Ipswitch\WS_FTP Pro\wsftpgui.exeC:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exeC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeC:\Program Files (x86)\Pidgin\pidgin.exeC:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exeC:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXEC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\Program Files (x86)\Orb Networks\Orb\bin\OrbLauncher.exeC:\Program Files (x86)\Orb Networks\Orb\bin\Orb.exeC:\Program Files (x86)\BitLord\BitLord.exeC:\Program Files (x86)\uTorrent\uTorrent.exeC:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exeC:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 75.151.214.249:8080R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dllO2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files (x86)\Ipswitch\WS_FTP Pro\wsbho2k0.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllO2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dllO4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [blackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /backgroundO4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbyloginO4 - HKLM\..\Run: [3170 Scan2PC] "C:\Windows\Twain_32\Samsung\CLX3170\Scan2Pc.exe"O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [Orb] "C:\Program Files (x86)\Orb Networks\Orb\bin\OrbLauncher.exe" /backgroundO4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: Dropbox.lnk = Yegor\AppData\Roaming\Dropbox\bin\Dropbox.exeO4 - Startup: Microsoft Office Outlook 2007.lnk = ?O4 - Startup: Mozilla Firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exeO4 - Startup: Postbox.lnk = C:\Program Files (x86)\Postbox\postbox.exeO4 - Startup: WS_FTP Pro.lnk = C:\Program Files (x86)\Ipswitch\WS_FTP Pro\wsftpgui.exeO4 - Global Startup: Pidgin.lnk = C:\Program Files (x86)\Pidgin\pidgin.exeO8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htmO8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htmO8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htmO8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLLO13 - Gopher Prefix: O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 13497 bytes Link to comment Share on other sites More sharing options...
Switeck Posted October 1, 2009 Report Share Posted October 1, 2009 I couldn't find anything about these in GOOGLE searches, but all the repeats can't be good!{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000004.db{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db...{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.