I Cant Stop Downloading

tick

By tick,
in Malware Removal

 Share Followers 0

Recommended Posts

tick

tick

Posted
Posted

so heres my lil situation. i jsut installed windows vista 64 bit. and i noticed today (after installing my AV) that my downloads were going rather slow, web pages were slow. i look further and notice im downloading, and theres nothing downloading. im connected to some server in maylasia, and some irc2 server. tho nothing is running that would cause this.

i ran hijack this and deleted a buncha ie toolbars n search assistants (i never use IE). the only thing i have seen in the hijack this log that looks amiss is..

C:Program Files (x86)Common FilesRealtime SoftRTSHookInteropx32RTSHookInterop.exe

not sure what that is or does.

i dont know if i can delete this or not.

orbit is a download manager. the rest is self explanatory.

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:WindowsSysWOW64rundll32.exe

C:Program Files (x86)TencentFoxmailFoxmail.exe

C:Program Files (x86)Common FilesRealtime SoftRTSHookInteropx32RTSHookInterop.exe

G:FlashFXPFlashFXP.exe

C:Program Files (x86)Orbitdownloaderorbitnet.exe

C:UserstickAppDataLocalTempTemp1_TcpView.zipTcpview.exe

G:mircmirc.exe

C:Program Files (x86)Orbitdownloaderorbitdm.exe

C:Program Files (x86)Trend MicroHijackThisHijackThis.exe

C:WindowsSysWOW64DllHost.exe

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:Program Files (x86)Orbitdownloaderorbitcth.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre6binssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - "C:Program FilesBitDefenderBitDefender 2009Antispam32IEToolbar.dll" (file missing)

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Javajre6binjusched.exe"

O4 - HKCU..Run: [Foxmail] "C:Program Files (x86)TencentFoxmailFoxmail.exe" -min

O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Stoic Joker's T-Clock x64.lnk = C:Program Files (x86)txclockx64Clock.exe

O4 - Global Startup: Orbit.lnk = C:Program Files (x86)Orbitdownloaderorbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:Program Files (x86)Orbitdownloaderorbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:Program Files (x86)Orbitdownloaderorbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:Program Files (x86)Orbitdownloaderorbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:Program Files (x86)Orbitdownloaderorbitmxt.dll/202

O8 - Extra context menu item: ÔÚFoxmailÖÃÌí¼Ó¸ÃRSSƵµÀ/ƵµÀ×é - res://C:Windowssystem32fmrsslink.dll/201

O13 - Gopher Prefix:

O17 - HKLMSystemCCSServicesTcpip..{B9C05618-D87F-4C64-91F4-07529F7FEA6D}: NameServer = 12.183.0.2 12.183.1.4

O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)

O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:Program FilesCommon FilesBitDefenderBitDefender Arrakis ServerbinArrakis3.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program Files (x86)Common FilesLightScribeLSSrvc.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:Program FilesCommon FilesBitDefenderBitDefender Update Servicelivesrv.exe

O23 - Service: NMIndexingService - Nero AG - C:Program Files (x86)Common FilesNeroLibNMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:Windowssystem32nvvsvc.exe (file missing)

O23 - Service: O&O Defrag - Unknown owner - C:Windowssystem32oodag.exe (file missing)

O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)

O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)

O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)

O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:Program FilesBitDefenderBitDefender 2009vsserv.exe

O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing)

O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)

if somethings wrong, dont jsut tell me how to fix by downloading some program, tell me what is wrong plz.

i seen to many forums where 'x' is told to get the spysweeper and go away.

really annoying with dialup.

i have a feeling in the back of my mind that its bit defender updating 'in the background'. no such thing on dialup. kaspersky used to do that. tehy dont anymore cause i wont use crap that does that.

tick

i think i found my prob, after a rash of uninstalling and rebooting after each one, it was found to be NERO!!! nero 8 essentials, came with my asus board.

now i can use my internet connection again.

oh, and thats for that google reply...

it helped me absolutely NONE. i found all needed info from tcpview and process explorer. tho google did let me find the wiki page on llnw, and what thier major cousomers were, again, that was NO help.

now i can go back to installing stuff that werks

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Followers 0
Go to topic listing