Jump to content

dump file loop


SWARNNN

Recommended Posts

Hi,

everything was working fine and today i started the system and there was a pop-up "utorrent has crashed and a crash dump is saved as..when i try to send the report to developers it goes into a loop. I have seen the earlier posts, but couldn't figure out the solution. Can you please help me out here. I tried re-installing it many times but the error continues.

below is the roport of hijackthis is :

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 21:05:48, on 22/06/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16537)

CHROME: 27.0.1453.116

FIREFOX: 18.0.1 (en-US)

Boot mode: Normal

Running processes:

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Users\Dushyanth\AppData\Local\Pokki\Engine\pokki.exe

C:\Users\Dushyanth\AppData\Local\Pokki\Engine\pokki.exe

C:\Users\Dushyanth\AppData\Local\Temp\125288\svhost.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Pokki\Engine\pokki.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\mshta.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Download Manager\IDMan.exe

C:\Program Files (x86)\Full Tilt Poker\FullTiltPoker.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dushyanth\Downloads\Programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?babsrc=HP_ss&mntrId=C08B00216ABFAF58&affID=121441&tt=180613_ndt8&tsp=4921

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=17&barid={1390341D-62CF-11E2-BE8A-0026B9644BC1}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll

R3 - URLSearchHook: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: uTorrentControl_v6 - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: BitTorrentControl_v12 - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll

O3 - Toolbar: uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll

O3 - Toolbar: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll

O4 - HKLM\..\Run: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey

O4 - HKCU\..\Run: [125288] C:\Users\DUSHYA~1\AppData\Local\Temp\125288\svhost.exe

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F0D5FB7679C10DA30F76B8F9C2885E0D] "C:\Users\Dushyanth\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [bitTorrent] "C:\Users\Dushyanth\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - Startup: Dropbox.lnk = C:\Users\Dushyanth\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe

O4 - Global Startup: Digsby.lnk = C:\Program Files (x86)\Digsby\digsby.exe

O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\..\{9AA8E5F3-E609-44BE-9B56-56328A97E72A}: NameServer = 121.242.190.181 121.242.190.210

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_056607ee0106e5e8\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BrowserDefendert - Unknown owner - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe

O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe

O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Photon Plus. OUC (Photon Plus. RunOuc) - Unknown owner - C:\Program Files (x86)\Photon Plus\Huawei\UpdateDog\ouc.exe

O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - c:/postgreSQL/bin/pg_ctl.exe

O23 - Service: postgresql-x64-9.2 - PostgreSQL Server 9.2 (postgresql-x64-9.2) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_056607ee0106e5e8\STacSV64.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14148 bytes

Hoping for a solution.. :)

Link to comment
Share on other sites

Crapola.....You mave have bigger fish to fry....You really should do a full system virus/malware scan to make sure you're pc is clean!...

Off the top of my head there are a few pieces of software that are suspect and you should get rid of=

-SweetIM

-Delta toolbar

-Browser Defender

* R0, R1, R2, R3 - Internet Explorer Start/Search pages URLs

* F0, F1 - Autoloading programs

* N1, N2, N3, N4 - Netscape/Mozilla Start/Search pages URLs

* O1 - Hosts file redirection

* O2 - Browser Helper Objects

* O3 - Internet Explorer toolbars

* O4 - Autoloading programs from Registry

* O5 - IE Options icon not visible in Control Panel

* O6 - IE Options access restricted by Administrator

* O7 - Regedit access restricted by Administrator

* O8 - Extra items in IE right-click menu

* O9 - Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu

* O10 - Winsock hijacker

* O11 - Extra group in IE 'Advanced Options' window

* O12 - IE plugins

* O13 - IE DefaultPrefix hijack

* O14 - 'Reset Web Settings' hijack

* O15 - Unwanted site in Trusted Zone

* O16 - ActiveX Objects (aka Downloaded Program Files)

* O17 - Lop.com domain hijackers

* O18 - Extra protocols and protocol hijackers

* O19 - User style sheet hijack

* O20 - AppInit_DLLs Registry value autorun

* O21 - ShellServiceObjectDelayLoad Registry key autorun

* O22 - SharedTaskScheduler Registry key autorun

* O23 - Windows NT Services

Link to comment
Share on other sites

  • 3 weeks later...

I ran into similar troubles about 2 weeks ago when i upgraded to the uTorrent 3.3.1 RC (build 29812). The "Disk overload 100%" began to arise as well as the "spooling file hangs" (frozen) state.

These problems did not arised with earlier uTorrent releases (I do not run beta versions due to sad experiences from especially the Microsoft operating systems in that state).

So I began to check out the comments in the forum regarding these states and found the notifications regarding "incompatible" 3rd party software and found the notifications regrding among others the Roxio. I don't use Roxio, but it was perinstalled from vendor with computer at delivery in late 2010 almost three years ago and has never caused any distorsions worth to inspect closer. I use a licensed Nero instead.

However, according to the recommendations I did the workaround to uninstall the Roxio although a better solution would be to disable it (anyhow, I did the uninstall).

This action completely changed the behavior of the uTorrent and shows that the uTorrent behavior is strongly dependent on the presence of other 3rd party software in the computer, a problem which must be fixed and concerns stable process isolation techniques - uTorrent should not be affected by other 3rd party processes in that way.

I had also to run the SetupGuide and have its proposals accepted to avoid sad behavior in the uTorrent, but it increased the uTorrent startup time considerably (I have more than 5.000 uploads active). I tried to increase the number of concurrent uploads, but it did not gave the desired effect. Now the startup would last over several hours, obviously because it now takes long time to register an upload with the correspondig tracker.

My computer is a Dell Inspiron One, Intel i3 processor, 8 GB RAM and about 10 TB HDD space, Internet connection 100 Mbps (tested around 60 Mbps throughput). The operating system is Windows 7 x64 Ultimate.

I use the Norton Internet Security product (licensed) together with a WatchGuard XTM hardware firewall and I don't want to uninstall the Norton (not giving any problems earlier).and the WinZip System Utilities Suite (licensed) for maintenance and computer optimisation. Some Dell System Software from vendor is also present but not used - I use Microsoft Windows backup software instead and is checking out the Acronis for this purpose as a possibility.

I got the "Disk overload 100%" failure now after a considerably long uptime in uTorrent, but I don't understand why. No upload was active, four download were up and running. Three of them at very low intensity, the fourth had downloaded about 80% when the failure occured.

I have run the HijackThis.exe according to recommendations, but I am new to this helpful tool and don't understand what the cause of the failure could be. Norton? Or any component in the WinZip System Utilities? If so, why? Due to the explanation I would check the problem with the vendors to have it fixed - but why should they start to give problem now after having been installed and well working for a long time? This is unrealistic.

So I am interested in your opinion regarding the content of the HijackThis report below.

---------------- Start of Hijackthis scan log --------------

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 9:45:39 AM, on 7/12/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

CHROME: 28.0.1500.71

FIREFOX: 13.0.1 (sv-SE)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe

C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Users\%CurrentUser%\AppData\Roaming\uTorrent\uTorrent.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files (x86)\OnecomCloudDrive\Dlls\OnecomCloudDrive.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/13

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Dell Verktygsfält - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - (no file)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll

O2 - BHO: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: SSOIEAddonBHO - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll

O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file)

O3 - Toolbar: (no name) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - (no file)

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll

O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [shwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe

O4 - HKLM\..\Run: [startCCC] "C:\Users\%CurrentUser%\Documents\ATI Catalyst\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Dell\Dell TouchCam" UpdateWithCreateOnce "Software\CyberLink\Dell TouchCam\1.1"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Google Update] "C:\Users\%CurrentUser%\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [One.com] C:\Program Files (x86)\OnecomCloudDrive\Dlls\AppLauncher.exe

O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

O4 - HKCU\..\Run: [uTorrent] "C:\Users\%CurrentUser%\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: BankID Security Application.lnk = C:\Program Files (x86)\Personal\bin\Personal.exe

O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.6.lnk = C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files (x86)\Advanced JPEG Compressor\ajcieex.htm

O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.dell.com

O15 - Trusted Zone: http://*.mcafee.com

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab

O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E7637F18-B2C8-43E4-BCFE-BC3437DF469F} - https://s.userzoom.com/s/UserZoom.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C172978A-C1ED-4FFC-9C82-B7219DF8F453}: NameServer = 217.151.63.50,217.151.63.19

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: pcdservice - Phantombility, Inc - C:\Program Files\Phantombility\Phantom CD\pcdservice.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 19718 bytes

Kind regards,

Axel49

Note I: The current USERID has been replaced with the string %CurrentUser% above due to integrity reasons.

Note II: The HijackThis.exe process was of course executed under the Administrator account to give complete information.

Link to comment
Share on other sites

Hi again,

I have investigated somewhot more in this matter but was not successfully completed. But here is my investigation, maybe it can bring someone an idea about how to proceed from here?

I would like comments and feedbacks!

Additional investigations:

Computer is a Dell Inspiron One with Intel i3 processor, 8 GB RAM, 2 TB system disk (Western Digital WD2002FAEX) and additional about 8 TB extra disk space.

OS is Windows 7 x64 Ultimate

uTorrent version is 3.3.1 Build 29812 32 bit.

Network is 100 Mbps fibre cable through a WatchGuard XTM appliance (hardware firewall).

More details can be found from the HijackThis.log found below showing active processes.

Number of Torrents: 5221

Downloading: 106

Uploading: 5115

Finished: 5115

Active: 0

Not active: 5221

Starting the uTorrent with a large number of uploads allowed and zero download works fine. The zero value for max download is not stored permanently, set to default = 5 and must be manually me overridden at startup to 0 to prevent downloads to appear unintentionally (normal behavior).

1st try:

with hard start of only one download caused fail, "Disk overload 100%", around 18% downloaded.

2nd try:

with starting via Settings, max download = 2 (max download = 1 gave no effect), worked, but halted with failing "Spool to disk (6402)" (hangs). No data in downloaded file directory, probably remaining in some cache.

Trying to increase max downoad due to the blocking... At 5 still one torrent was scheduled for download.

Download starting .... And crashed with "Disk overload 100%", around 17,% downloaded, and then hanging in queued status. uTorrent considered as dead and will be restarted again.

Process tree deleted via Windows Task Manager.

3rd try:

Crashed immediately with "Disk overload 100%" after all uploads were in place to be requested when I tried to download.

Obviously, some resource is at a critical stage when 5115 uploads are waiting for being requested.

Can this really be a Norton Internet Security issue? This seems unbelivable.

The Norton picks a new file immediately when it arrives (the filewatch principle) and this file should not be made available to another process in the system before it has been checked and found safe. Otherwise a leakage would obviously appear. Such a thing is a security issue, the uTorrent must be capable to accept security checkout to occur before processing a downloaded file internally - the NIS must have the authority to lock the file during security check to disable its availability to other processes in the computer. This is natural and obvious.

I will disable the NIS and restart the computer and retry again......

But if the failures are due to that the uTorrent cannot accept the delay causing unavalability of a new file undergoing security checkout before made available to the uTorrent (or any other process in the system), then this is completely unacceptable as being a security leakage.

There are lots of security software in the market acting inside a computer and they must not be prevented from doing their job or being tricked in their filewatch functionality.

The security checkout must have precedense with high priority although it will be visible to the processing software as a process snapping the exclusive control over a file when it arrives. The filewatch function, simply.

So let's see how things goes.....

4th try:

Norton Internet Security now disabled..... Not good, but we suspect its filewatch function to cause te failures in the uTorrent and check for confirmation. The principle is that no process in the computer must have access to data prior the security check has completed, these processes must be capable to wait.

Nobody wants infected files to be imported in his system this way unintentionally, this purpose must be obvious.

Only one download file being actively processed here, all other files are in pending state waiting for being requested.

Hmmmm.... I got the "Disk overload 100%" again. Obviously not caused by the Norton Internet Security - it was disabled and nonfunctional.

I attach the HijackThis.log. Right now I don't have any idea about how to proceed from here as I don't know what the indication causing the "Disk overload 100%"

---------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 11:59:10 AM, on 7/14/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

CHROME: 28.0.1500.72

FIREFOX: 13.0.1 (sv-SE)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe

C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Users\%CurrentUser%\AppData\Roaming\uTorrent\uTorrent.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files (x86)\OnecomCloudDrive\Dlls\OnecomCloudDrive.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\%CurrentUser%\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/13

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Dell Verktygsfält - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - (no file)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll

O2 - BHO: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: SSOIEAddonBHO - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll

O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file)

O3 - Toolbar: (no name) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - (no file)

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll

O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [shwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe

O4 - HKLM\..\Run: [startCCC] "C:\Users\%CurrentUser%\Documents\ATI Catalyst\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Dell\Dell TouchCam" UpdateWithCreateOnce "Software\CyberLink\Dell TouchCam\1.1"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Google Update] "C:\Users\%CurrentUser%\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [One.com] C:\Program Files (x86)\OnecomCloudDrive\Dlls\AppLauncher.exe

O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

O4 - HKCU\..\Run: [uTorrent] "C:\Users\%CurrentUser%\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: BankID Security Application.lnk = C:\Program Files (x86)\Personal\bin\Personal.exe

O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.6.lnk = C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files (x86)\Advanced JPEG Compressor\ajcieex.htm

O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.dell.com

O15 - Trusted Zone: http://*.mcafee.com

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab

O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E7637F18-B2C8-43E4-BCFE-BC3437DF469F} - https://s.userzoom.com/s/UserZoom.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C172978A-C1ED-4FFC-9C82-B7219DF8F453}: NameServer = 217.151.63.50,217.151.63.19

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: pcdservice - Phantombility, Inc - C:\Program Files\Phantombility\Phantom CD\pcdservice.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 19214 bytes

------------------------------------------------------

I would like comments on these notifications.

Kind regards,

Axel49

Note: By integrity reasons I have replaced the USERID above with the reference %CurrentUser%.

Somewhat tricky, but it seems that I can run uTorrent with this large number of uploads to provide data. But no download can be done in this state, it gets the uTorrent to fail with no recovery (restart required).

The problem arised earlier seldom when downloading - now most downloads are broken with non-recoverable failures.

Link to comment
Share on other sites

Ok, I have already planned for some rearrangements and will add an extra WD4001FAEX HDD (4 TB) in short to the system for increased volume processing. Neither the WD2002FAEX nor WD4001FAEX are "slow" HDDs, they run data transfer at 600 Mbps and uses a 64MB internal disk cache.

uTorrent cache is currently set to "automatically" increase and decrease its size with the end user tools provided. Hopefully this works. I have played a little with the uTorrent cache settings but miss tools for investigating what happens, for example follow it via reporting interfaces to the Windows Performance Monitor.

Obviously the uTorrent itself is unable to control its own internal cache otherwise it should me possible to schedule a WAIT for flushing the cache when needed. There are tools avaible inside Windows for synchronising processes for such actions.

To get less troubles the "download" and the "upload" should have been placed internally in separate processes with no intervention, i e, one virtual "download machine" and one virtual "upload machine" they can run concurrently if the user so desires but not necessarily - this is an archictekturial design question - and controlled by the user by a "control pane" where "upload", "download" or both can be selected for example., like an operator's console. other features can be added if one wishes, such as "play" etc.

It is possible to control the present uTorrent in a similar way with the instrumentation for balancing between "upload" and "download". The problem I can see is the "balanced" mode which implies that the "upload" and the "download" should run concurrently.

I cannot run in "balanced" mode at present with full load In the present uTorrent system the consequences of a full loaded "upload" machine is that the "download" cannot be successfully executed. With my equipment this occurs when around 4.800 - 5.000 "upload" items are loaded and registered with tracker to serve incoming requests.

I can start uTorrent as a "upload" machine without any bigger logical problems. But registering with tracker takes a considerably amount of time, maybe depending on heavy load on the tracker. I haven't investigated this yet. To be able to download I must restart uTorrent to the "download" machine to avoid failures as "Disk overload 100%" or "spooling file to disk" freezes.

This is process isolation to increase volume capacity, I haven't run in any troble yet with this way to work with the uTorrent except the slow and time-consuming startup of the "upload" machine.

But these experiences indicate that the "uppload" and the "download" virtual machines aren't well separated in internal program code, they affect each other in an undesirable manner.

Hopefully you are able to point out these experiences to the people at the uTorrent work group. I don't know what your present role within this group is nor if you are associated with them in some way at all. But we are talking with each other and it is a good start.

Kind regards,

Axel49

Link to comment
Share on other sites

By the way:

Can this really be a Norton Internet Security issue? This seems unbelivable.

Yes it really can!! It interfers with just about every process on the machine

I don't know what your present role within this group is nor if you are associated with them in some way at all.
Absolutely nothing and no association at all.
Neither the WD2002FAEX nor WD4001FAEX are "slow" HDDs, they run data transfer at 600 Mbps and uses a 64MB internal disk cache.
It is not the drive speed, but the interface and the bus that connects them.

SATA interfaces should not give any problems at all, ATA 300 can if you are pushing high download rates with overly large cache sizes. NAS, networked mapped drives and external USB drives WILL. Writing to an SSD can also trigger overloading.

With my equipment this occurs when around 4.800 - 5.000 "upload" items are loaded and registered with tracker to serve incoming requests.
V3 uTorrent clients do not function well as a "workhorse" and the recent I/O system rewrite has not done anything to help that up to now.
Link to comment
Share on other sites

Okay, this clarifies things.

As I can conclude from other threads at the forum several commentators belived you to be some type of representative for the uTorrent group so commenting here should have contributational effects in the evolvement of the µTorrent. But this is a dream only.

The same mispretation relies with the Microsoft running "beta tests" with many thousands of testers acting on vounteer basis as they belive that their comments would be a way to affect the result. Very few comments in these "beta test programs" from the very large public beta teste's group are considered at all, it is not the proper way to even try to affect the design of the final product and beta test groups aren't assigned such a role. They should possibly detect programming errors appearing in some situations and reproducable solely.

I will extend my current environment with more disk space and plans för an additional 4 TB HDD (Western Digital, WD4001FAEX). But the problems appearing with the µTorrent indicates serious errors in programming.

µTorrent is an application and resides thus in the application layer. It should not be dependent on the hardware layer nor other processes and that incoming data are undergoing a security check is something the end user has assigned to his computer. This should not affect the end user process µTorrent in any way (possibly a slight delay due to that the security check needs some time piece to complete its mission. Such things the µTorrent has to persist, and the running process must persist malware and sad software containing programming errors and therefore may stop unexpectionally. In an multitasking environment (time share environment) the supervisor is responsible for protecting different processes from each others. This is fundamental as well as the application must not be hardware dependent - this is the hardware or physical layer in the process model (vertical as opposed to horisontial).

The active space of a process should thus be well isolated (horisontial isolation) and well defined vertically. There should not be any dependencies relying on properties within other layers, This breaks the fundamental architecturial design of a multitasking system, composed of several processes running independently of each other and the different layers who serves an application process on top.

The application should work independently and regardless a possible bottleneck in another layer or process (peer), such as transport (logical protocol, hardware design) or for example security software checking data to certify that it is clean.

This is by design general principles for programming, to make an application independent of properties and features belonging to other application processes and layers. The application makes use of services and interfaces simply like a driver which gives an interface and connects to a vendor dependent feature on for example a motherboard.

Bottlenecks and programming errors are basically not the same thing.

But as being an end customer I need to check for another product if this product, due to malfunctions (programming errors by design) or sad performance, cannot be accepted. I've started to have a closer look on the VUZE torrent client as I don't intend to write my own torrent client.

But anyhow, more disk space is needed to store the files being distributed and this is the primary issue to add more disk space.

Many thanks for your replies, comments and sharing of thoughts! Hopefully, something will reach the µTorrent working group and I can agree in the conclusins - something has logically failed regarding the processing logic concerning the I/O channel management structure to make the inconsistencies we see now. This has of course nothing to do with the hardware layer nor other processes outside thie µTorrent application process.

Let's see what happens next!

Link to comment
Share on other sites

Yes, it is a deviation from the "Microsoft standard design" to allow for 3rd party software.....

Regarding the µTorrent software thie Microsoft principle means that the torrent protocol should be made available within their System Center product.

But torrent protocol (indeed, partner interface definition for data exchange) is ambiguous as it is being used by instances like ThePirateBay and other suspect instances in conflict with proprietary rights regarding movies, videos and music....

It seems that the Microsoft doesn't want to be involved..... Things may change, however, but it is to belive that the Microsoft will develop their own product, thus causing incompatibility with the current torrent protocol.

However, the tie is that it is relatively simple to enable gateways between the torrent protocol and some other similar protocol.... Such implementations of gateways have already been been developed between for example the FTP and HTTP protocol for voluminious data exchange purposes.

This concerns the ancient Microsoft idea (Bill Gates around the early 1990's) to evolve their MSN system worldwide to takeover control from the Internet and the IETF and the IANA. They are ongoing to make success with this goal after more than 20 years and are said to currently control around 95% of the world market.

Such things makes the life hard to 3rd party vendors and the Microsoft "doesn't recommends to allow them into your system" ..... Not very surprising.

Link to comment
Share on other sites

As I can conclude from other threads at the forum several commentators belived you to be some type of representative for the uTorrent group

I'm afraid I cannot do anything about the inability of others to read the word Member emblazoned immediately below my username

Yes, it is a deviation from the "Microsoft standard design" to allow for 3rd party software.....

And then M$ forced the ".NET framework" on every developer of "Standard Windows" applications.

Sure it gave every Windows user a standard GUI pattern to their chosen applications, BUT it forced EVERY software developer into the "Microsoft paradigm" which gave them [M$] back some of the power of almost total control that various court cases had deprived them of, but it took away the possibility of creative thinking by developers which ultimately will/would have lead to a stagnation of software development.

Link to comment
Share on other sites

it took away the possibility of creative thinking by developers which ultimately will/would have lead to a stagnation of software development.

I can only agree.....

An interesting book originating from Finland in this field shows that discussions are ongoing regarding these matters. Well worth reading!

http://www.amazon.com/No-Fear-Business-Leadership-Digital/dp/9814346667

Link to comment
Share on other sites

I'm afraid I cannot do anything about the inability of others to read the word Member emblazoned immediately below my username

There are labeled "Members" here that are very active on this forum that have the ability to delete posts and ban people...So I wouldn't

go by that assumption....

In the words of Forrest Gump..."Life is like a box of chocolates. You never know what you're gonna get"

Link to comment
Share on other sites

There are labeled "Members" here that are very active on this forum that have the ability to delete posts and ban people...So I wouldn't

go by that assumption....

Not quite sure how having permissions to delete posts threads on the forum would indicate those members work for uTorrent?

Having the label of BitTorrent Staff maybe, AND how would any other forum members know who COULD delete posts??

Link to comment
Share on other sites

I've tested the µTorrent 3.1.1 (Build 29812 32 bit) slightly more.

It seems to be obvious that the problem concerns a buggy implementation of the BitTorrent client AND that the bug resides INSIDE the µTorrent software.

It has NOTHING to do with other vendors nor their software although that software which uses filewatch features can be considered to be involved. But they aren't the faulting cause.

To talk about "incompatible" software from other vendors as the cause is not correct despite to the fact that the µTorrent software is an end user application software. Even when erroneous software is active in the computer (for example a developer testing his new programs) they should NOT affect other processes.

Of course, this can happen with software acting on system level and working in the Windows Kernel as well as problems with hardware can occur.

But the critical moment occurs when there are "too many active seeds" up and running (including "queued seeds").

Maybe the critical limit can depend on computer environment (operating system and hardware) but I have no indication that this should have any essential importance. The problem resides within the µTorrent body and has very little with surrounding factors to do.

But what happens beyond the critical limit - "too many active seeds" - is that when you start a new leech task the risk of that it fails with the unrecoverable "Disk overload 100%" problem (in my case the most commonly appearing indication although some more similar indications also may occur. But they appear seldom, however, it is likely that they originate from the same cause. .

A closer consideration of this state indicates that a file lock or maybe disk lock (exclusive control) has occured and that the lock hasn't been released. The way I found to release this locking is to shut down the active µTorrent process including killing the µTorrent process in the Task Manager (preferably via the "End process tree" tool). Thus, the computer doesn't need to be rebooted, which is a significant indication that the problem relies within the µTorrent body.

I don't have access to the µTorrent code and cannot see what use of lock features are implemented nor why. But in general lock features should be avoided in end user application, things should be solved in another way. This is generally because using lock features will significantially slow down the whole system by making the locked resource unavailable to other processes, thus blocking them from execution. Using locks is also heavy and resource consuming operations and should therefore be avoided as much as possible to optimise the application software for effectiveness of execution. Using lock features is very seldom an optimal solution for programming issues. Such tasks should most preferably be handled by the operating system - not end user application.

The problem arises at high level seeds present, in my case the critical level seems to start appearing around 4400-4500 seeds. I have succeded with this knowledge to increase my number of seeds to about 5400 (by stopping seeds, thus giving possibility to additional leechs to complete successfully).

But to me it is obvious that I cannot run any leech successfully at all when the present number of seeds is at my maximum, i e 5400 (because I don't have more to set out). The "Disk overload 100%" is very, very likely to appear immediately when a new leech starts and this likelihood increases significanly with increased number of seeds.

Thus, the µTorrent must undergo volume test to be properly classified as being "stable". Do you really perform volume testings? No such limitations are presented in documentation nor implemented in the software, therefore, one may wonder whether this test area has been considered at all.

Hopefully this helps! The problem should be possible to solve with minor software updates, but I do not know anything about the logic behind the implementation of lock features in the µTorrent nor the cause to why they were made.

Kind regards,

Axel49

These notifications should be relevant although later builds have been released. But no indication that the problem I am talking about should have been resolved has been given.

However, I can test with a newer build, but it would most probably only bring information that this issue is still unresolved. You need to indicate that changes have been made in this area regarding the use of locks.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...