PC slow due to virus

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

newtonis

Thread Starter
Joined
Feb 5, 2013
Messages
16
My system is getting slow day by day. Now it is also affecting my internet speed.

Here is the log file:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:19:29 PM, on 2/5/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\system32\svchost.exe
D:\Nisarg\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\LAPTOP\raous.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\opera.exe
C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe
C:\Program Files\SpeedBit Video Accelerator\VARemove.exe
C:\DOCUME~1\LAPTOP\LOCALS~1\Temp\VARemove.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\LAPTOP\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/?s=D23a
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKCU\..\Run: [raous] C:\Documents and Settings\LAPTOP\raous.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart (User 'Default user')
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F5FC0C-E69E-445D-A9C7-3E39897E74DA}: NameServer = 220.226.100.40 220.226.6.104
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: UDisk Monitor - Unknown owner - D:\Nisarg\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe

--
End of file - 6089 bytes

Please help!!! :confused:
 

newtonis

Thread Starter
Joined
Feb 5, 2013
Messages
16
Sorry!!! I forgot to paste other logs.
Here are the other log files:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by LAPTOP at 20:27:17 on 2013-02-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.601 [GMT 5.5:30]
.
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\LAPTOP\raous.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe
C:\Program Files\Reliance Netconnect - Broadband+\bin\PcmciaApp.exe
C:\Program Files\Opera\opera.exe
C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.speedbit.com/?s=D23a
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - c:\program files\dap\LinkVerifier.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [raous] c:\documents and settings\laptop\raous.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
dRunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: EnableLUA = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: &Verify with DAP - c:\program files\dap\dapverify.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: Interfaces\{0185111F-1312-4CAF-A10C-0060EA12F162} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{25F5FC0C-E69E-445D-A9C7-3E39897E74DA} : NameServer = 220.226.100.40 220.226.6.104
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2012-12-23 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-12-23 135336]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-12-23 60936]
R2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2013-1-24 577752]
R2 UDisk Monitor;UDisk Monitor;c:\program files\reliance netconnect - broadband+\bin\MonServiceUDisk.exe [2013-2-6 262144]
R3 amsint32;amsint32;\??\c:\windows\system32\drivers\inmon.sys --> c:\windows\system32\drivers\inmon.sys [?]
R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2013-2-6 104704]
S2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2012-12-23 267432]
.
=============== File Associations ===============
.
ShellExec: EasyShare.exe: Preview="c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe"
.
=============== Created Last 30 ================
.
2013-02-06 14:42:47 104704 ----a-w- c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys
2013-02-04 13:30:10 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-04 13:30:10 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-04 12:22:18 -------- d-----w- c:\documents and settings\laptop\local settings\application data\WinZip
2013-02-04 12:08:14 -------- d-----w- c:\documents and settings\laptop\application data\BitTorrent
2013-02-04 09:39:46 1409 ----a-w- c:\windows\QTFont.for
2013-02-03 09:57:40 -------- d-----w- c:\program files\SpeedBit Video Accelerator
2013-02-03 09:55:38 -------- d-----w- c:\documents and settings\laptop\application data\EQATEC Analytics
2013-02-03 09:53:28 -------- d-----w- c:\documents and settings\laptop\local settings\application data\SpeedBIT
2013-02-03 09:53:28 -------- d-----w- c:\documents and settings\all users\application data\SpeedBit
2013-02-03 09:53:19 -------- d-----w- c:\program files\DAP
2013-02-03 09:52:57 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2013-02-03 09:50:42 -------- d-----w- c:\program files\common files\SpeedBit
2013-02-02 13:45:43 -------- d-----w- c:\documents and settings\all users\application data\YTD Video Downloader
2013-02-02 13:12:01 0 ----a-w- c:\windows\system32\zteitpcmcia.dll
2013-02-02 09:14:00 -------- d-sh--w- c:\documents and settings\laptop\IECompatCache
2013-02-01 06:13:38 109696 ----a-w- c:\windows\system32\EasyHook64.dll
2013-02-01 06:13:36 91264 ----a-w- c:\windows\system32\EasyHook32.dll
2013-01-27 08:13:30 10240 --sh--r- c:\documents and settings\laptop\xxx.dll
2013-01-27 08:13:29 113664 --sh--r- c:\documents and settings\laptop\raous.scr
2013-01-27 08:13:29 113664 ----a-w- c:\documents and settings\laptop\x.exe
2013-01-27 07:40:54 -------- d-----w- c:\program files\Cheatbook Database 2011
2013-01-27 04:37:28 113664 --sh--r- c:\documents and settings\laptop\alg.exe
2013-01-27 02:48:26 113664 --sh--r- c:\documents and settings\laptop\raous.exe
2013-01-26 14:25:57 -------- d-----w- c:\program files\DesktopAnimated
2013-01-25 12:30:25 103140 --sh--r- C:\blutc.exe
2013-01-24 11:15:50 -------- d-----w- c:\documents and settings\laptop\local settings\application data\AskToolbar
2013-01-24 09:48:57 -------- d-----w- c:\program files\Ask.com
2013-01-24 09:48:57 -------- d-----w- C:\Firefox
2013-01-24 09:48:28 -------- d-----w- c:\program files\PANDORA.TV
2013-01-24 09:48:10 -------- d-----w- c:\program files\The KMPlayer
2013-01-11 11:56:30 -------- d-----w- c:\program files\Reliance Netconnect - Broadband+
2013-01-11 04:22:03 -------- d-----w- c:\documents and settings\laptop\application data\PC Speed Maximizer
2013-01-11 04:14:27 -------- d-sh--w- c:\documents and settings\laptop\Downloads
2013-01-11 03:29:54 -------- d-----w- c:\documents and settings\laptop\local settings\application data\Google
2013-01-11 03:20:45 103140 --sh--r- C:\tnsnrw.exe
2013-01-11 03:20:01 -------- d-----w- c:\documents and settings\all users\application data\YouTube Downloader
2013-01-11 03:19:52 -------- d-----w- c:\program files\YouTube Downloader
2013-01-11 03:19:30 -------- d-----w- c:\documents and settings\laptop\local settings\application data\Opera
.
==================== Find3M ====================
.
.
============= FINISH: 20:28:21.31 ===============




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/23/2012 10:27:55 PM
System Uptime: 2/6/2013 8:09:01 PM (0 hours ago)
.
Motherboard: Acer | | Mimid
Processor: Intel(R) Pentium(R) M processor 1.60GHz | uFCPGA | 1388/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 29 GiB total, 21.406 GiB free.
D: is FIXED (NTFS) - 27 GiB total, 18.12 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_00811025&REV_02\4&1D3F0FBB&0&08F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_00811025&REV_02\4&1D3F0FBB&0&08F0
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_00811025&REV_04\3&B1BFB68&0&F3
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_00811025&REV_04\3&B1BFB68&0&F3
Service:
.
==== System Restore Points ===================
.
RP20: 2/6/2013 1:22:40 PM - System Checkpoint
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 2 (SP2)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5)
Ask Toolbar
Avira AntiVir Personal - Free Antivirus
BitTorrent
Bonjour
CCScore
Cheatbook Database 2011
Counter-Strike 1.6
DirectX for Managed Code Update (October 2004)
Download Accelerator Plus (DAP)
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
essvcpt
HLPPDOCK
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Intel(R) Graphics Media Accelerator Driver for Mobile
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
KSU
Microsoft .NET Framework 1.1
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Notifier
OfotoXMI
Opera 12.12
OTtBP
OTtBPSDK
PC Speed Maximizer v3.1
QuickTime
Realtek AC'97 Audio
Reliance Netconnect - Broadband+
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB941569)
Sereby's Updatepack - IE8 Addon Version 1.0.7
SFR
SHASTA
SKIN0001
SKINXSDK
staticcr
Texas Instruments PCIxx21/x515 drivers.
The KMPlayer (remove only)
TIxx21
VLC media player 1.0.5
VPRINTOL
WebFldrs XP
WinRAR archiver
WinZip 16.5
WIRELESS
YTD Video Downloader 3.9.6
.
==== Event Viewer Messages From Past Week ========
.
2/2/2013 8:33:36 PM, error: Service Control Manager [7022] - The PandoraService service hung on starting.
2/2/2013 8:33:29 PM, error: Service Control Manager [7022] - The Bonjour Service service hung on starting.
2/2/2013 3:46:44 PM, error: Service Control Manager [7034] - The Avira AntiVir Guard service terminated unexpectedly. It has done this 3 time(s).
2/2/2013 3:46:36 PM, error: Service Control Manager [7031] - The Avira AntiVir Guard service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
2/2/2013 3:46:28 PM, error: Service Control Manager [7031] - The Avira AntiVir Guard service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
.
==== End Of File ===========================


GMER 2.0.18454 - http://www.gmer.net
Rootkit scan 2013-02-06 20:59:52
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 HTS541060G9AT00 rev.MB3IA60A 55.89GB
Running: zen0f3xi.exe; Driver: C:\DOCUME~1\LAPTOP\LOCALS~1\Temp\uwtdqpow.sys


---- System - GMER 2.0 ----

SSDT F7CC2426 ZwCreateKey
SSDT F7CC241C ZwCreateThread
SSDT F7CC242B ZwDeleteKey
SSDT F7CC2435 ZwDeleteValueKey
SSDT F7CC243A ZwLoadKey
SSDT F7CC2408 ZwOpenProcess
SSDT F7CC240D ZwOpenThread
SSDT F7CC2444 ZwReplaceKey
SSDT F7CC243F ZwRestoreKey
SSDT F7CC2430 ZwSetValueKey

---- Kernel code sections - GMER 2.0 ----

? C:\WINDOWS\system32\drivers\inmon.sys The system cannot find the file specified. !
? C:\DOCUME~1\LAPTOP\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 2.0 ----

.text C:\Program Files\Reliance Netconnect - Broadband+\bin\PcmciaApp.exe[524] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3]
.text C:\Program Files\Reliance Netconnect - Broadband+\bin\PcmciaApp.exe[524] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3]
.text C:\WINDOWS\system32\ctfmon.exe[1112] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3]
.text C:\WINDOWS\system32\ctfmon.exe[1112] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3]
.text C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe[1544] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3]
.text C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe[1544] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3]
.text C:\Documents and Settings\LAPTOP\Desktop\zen0f3xi.exe[1744] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3]
.text C:\Documents and Settings\LAPTOP\Desktop\zen0f3xi.exe[1744] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3]

---- EOF - GMER 2.0 ----
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top