1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

PC slow due to virus

Discussion in 'Virus & Other Malware Removal' started by newtonis, Feb 5, 2013.

Thread Status:
Not open for further replies.
  1. newtonis

    newtonis Thread Starter

    Joined:
    Feb 5, 2013
    Messages:
    16
    My system is getting slow day by day. Now it is also affecting my internet speed.

    Here is the log file:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:19:29 PM, on 2/5/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
    C:\WINDOWS\system32\svchost.exe
    D:\Nisarg\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\LAPTOP\raous.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Opera\opera.exe
    C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe
    C:\Program Files\SpeedBit Video Accelerator\VARemove.exe
    C:\DOCUME~1\LAPTOP\LOCALS~1\Temp\VARemove.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\LAPTOP\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/?s=D23a
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O4 - HKCU\..\Run: [raous] C:\Documents and Settings\LAPTOP\raous.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart (User 'Default user')
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{25F5FC0C-E69E-445D-A9C7-3E39897E74DA}: NameServer = 220.226.100.40 220.226.6.104
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
    O23 - Service: UDisk Monitor - Unknown owner - D:\Nisarg\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe

    --
    End of file - 6089 bytes

    Please help!!! :confused:
     
  2. newtonis

    newtonis Thread Starter

    Joined:
    Feb 5, 2013
    Messages:
    16
    Sorry!!! I forgot to paste other logs.
    Here are the other log files:

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702
    Run by LAPTOP at 20:27:17 on 2013-02-06
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.601 [GMT 5.5:30]
    .
    AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\LAPTOP\raous.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe
    C:\Program Files\Reliance Netconnect - Broadband+\bin\PcmciaApp.exe
    C:\Program Files\Opera\opera.exe
    C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.speedbit.com/?s=D23a
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - c:\program files\dap\LinkVerifier.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    uRun: [raous] c:\documents and settings\laptop\raous.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    dRunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
    dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-System: EnableLUA = dword:0
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: &Download with &DAP - c:\program files\dap\dapextie.htm
    IE: &Verify with DAP - c:\program files\dap\dapverify.htm
    IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    TCP: Interfaces\{0185111F-1312-4CAF-A10C-0060EA12F162} : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{25F5FC0C-E69E-445D-A9C7-3E39897E74DA} : NameServer = 220.226.100.40 220.226.6.104
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
    Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
    Notify: igfxcui - igfxsrvc.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2012-12-23 11608]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-12-23 135336]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-12-23 60936]
    R2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2013-1-24 577752]
    R2 UDisk Monitor;UDisk Monitor;c:\program files\reliance netconnect - broadband+\bin\MonServiceUDisk.exe [2013-2-6 262144]
    R3 amsint32;amsint32;\??\c:\windows\system32\drivers\inmon.sys --> c:\windows\system32\drivers\inmon.sys [?]
    R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2013-2-6 104704]
    S2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2012-12-23 267432]
    .
    =============== File Associations ===============
    .
    ShellExec: EasyShare.exe: Preview="c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe"
    .
    =============== Created Last 30 ================
    .
    2013-02-06 14:42:47 104704 ----a-w- c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys
    2013-02-04 13:30:10 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-02-04 13:30:10 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-02-04 12:22:18 -------- d-----w- c:\documents and settings\laptop\local settings\application data\WinZip
    2013-02-04 12:08:14 -------- d-----w- c:\documents and settings\laptop\application data\BitTorrent
    2013-02-04 09:39:46 1409 ----a-w- c:\windows\QTFont.for
    2013-02-03 09:57:40 -------- d-----w- c:\program files\SpeedBit Video Accelerator
    2013-02-03 09:55:38 -------- d-----w- c:\documents and settings\laptop\application data\EQATEC Analytics
    2013-02-03 09:53:28 -------- d-----w- c:\documents and settings\laptop\local settings\application data\SpeedBIT
    2013-02-03 09:53:28 -------- d-----w- c:\documents and settings\all users\application data\SpeedBit
    2013-02-03 09:53:19 -------- d-----w- c:\program files\DAP
    2013-02-03 09:52:57 172032 ----a-w- c:\windows\system32\AniGIF.ocx
    2013-02-03 09:50:42 -------- d-----w- c:\program files\common files\SpeedBit
    2013-02-02 13:45:43 -------- d-----w- c:\documents and settings\all users\application data\YTD Video Downloader
    2013-02-02 13:12:01 0 ----a-w- c:\windows\system32\zteitpcmcia.dll
    2013-02-02 09:14:00 -------- d-sh--w- c:\documents and settings\laptop\IECompatCache
    2013-02-01 06:13:38 109696 ----a-w- c:\windows\system32\EasyHook64.dll
    2013-02-01 06:13:36 91264 ----a-w- c:\windows\system32\EasyHook32.dll
    2013-01-27 08:13:30 10240 --sh--r- c:\documents and settings\laptop\xxx.dll
    2013-01-27 08:13:29 113664 --sh--r- c:\documents and settings\laptop\raous.scr
    2013-01-27 08:13:29 113664 ----a-w- c:\documents and settings\laptop\x.exe
    2013-01-27 07:40:54 -------- d-----w- c:\program files\Cheatbook Database 2011
    2013-01-27 04:37:28 113664 --sh--r- c:\documents and settings\laptop\alg.exe
    2013-01-27 02:48:26 113664 --sh--r- c:\documents and settings\laptop\raous.exe
    2013-01-26 14:25:57 -------- d-----w- c:\program files\DesktopAnimated
    2013-01-25 12:30:25 103140 --sh--r- C:\blutc.exe
    2013-01-24 11:15:50 -------- d-----w- c:\documents and settings\laptop\local settings\application data\AskToolbar
    2013-01-24 09:48:57 -------- d-----w- c:\program files\Ask.com
    2013-01-24 09:48:57 -------- d-----w- C:\Firefox
    2013-01-24 09:48:28 -------- d-----w- c:\program files\PANDORA.TV
    2013-01-24 09:48:10 -------- d-----w- c:\program files\The KMPlayer
    2013-01-11 11:56:30 -------- d-----w- c:\program files\Reliance Netconnect - Broadband+
    2013-01-11 04:22:03 -------- d-----w- c:\documents and settings\laptop\application data\PC Speed Maximizer
    2013-01-11 04:14:27 -------- d-sh--w- c:\documents and settings\laptop\Downloads
    2013-01-11 03:29:54 -------- d-----w- c:\documents and settings\laptop\local settings\application data\Google
    2013-01-11 03:20:45 103140 --sh--r- C:\tnsnrw.exe
    2013-01-11 03:20:01 -------- d-----w- c:\documents and settings\all users\application data\YouTube Downloader
    2013-01-11 03:19:52 -------- d-----w- c:\program files\YouTube Downloader
    2013-01-11 03:19:30 -------- d-----w- c:\documents and settings\laptop\local settings\application data\Opera
    .
    ==================== Find3M ====================
    .
    .
    ============= FINISH: 20:28:21.31 ===============




    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/23/2012 10:27:55 PM
    System Uptime: 2/6/2013 8:09:01 PM (0 hours ago)
    .
    Motherboard: Acer | | Mimid
    Processor: Intel(R) Pentium(R) M processor 1.60GHz | uFCPGA | 1388/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 29 GiB total, 21.406 GiB free.
    D: is FIXED (NTFS) - 27 GiB total, 18.12 GiB free.
    E: is CDROM ()
    F: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: Ethernet Controller
    Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_00811025&REV_02\4&1D3F0FBB&0&08F0
    Manufacturer:
    Name: Ethernet Controller
    PNP Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_00811025&REV_02\4&1D3F0FBB&0&08F0
    Service:
    .
    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: PCI Modem
    Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_00811025&REV_04\3&B1BFB68&0&F3
    Manufacturer:
    Name: PCI Modem
    PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_00811025&REV_04\3&B1BFB68&0&F3
    Service:
    .
    ==== System Restore Points ===================
    .
    RP20: 2/6/2013 1:22:40 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    2007 Microsoft Office Suite Service Pack 2 (SP2)
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.5)
    Ask Toolbar
    Avira AntiVir Personal - Free Antivirus
    BitTorrent
    Bonjour
    CCScore
    Cheatbook Database 2011
    Counter-Strike 1.6
    DirectX for Managed Code Update (October 2004)
    Download Accelerator Plus (DAP)
    ESSBrwr
    ESSCDBK
    ESScore
    ESSgui
    ESShelp
    ESSini
    ESSPCD
    ESSPDock
    ESSSONIC
    ESSTOOLS
    essvatgt
    essvcpt
    HLPPDOCK
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Intel(R) Graphics Media Accelerator Driver for Mobile
    kgcbaby
    kgcbase
    kgchday
    kgchlwn
    kgcinvt
    kgckids
    kgcmove
    kgcvday
    KSU
    Microsoft .NET Framework 1.1
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Software Update for Web Folders (English) 12
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Notifier
    OfotoXMI
    Opera 12.12
    OTtBP
    OTtBPSDK
    PC Speed Maximizer v3.1
    QuickTime
    Realtek AC'97 Audio
    Reliance Netconnect - Broadband+
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB941569)
    Sereby's Updatepack - IE8 Addon Version 1.0.7
    SFR
    SHASTA
    SKIN0001
    SKINXSDK
    staticcr
    Texas Instruments PCIxx21/x515 drivers.
    The KMPlayer (remove only)
    TIxx21
    VLC media player 1.0.5
    VPRINTOL
    WebFldrs XP
    WinRAR archiver
    WinZip 16.5
    WIRELESS
    YTD Video Downloader 3.9.6
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2/2/2013 8:33:36 PM, error: Service Control Manager [7022] - The PandoraService service hung on starting.
    2/2/2013 8:33:29 PM, error: Service Control Manager [7022] - The Bonjour Service service hung on starting.
    2/2/2013 3:46:44 PM, error: Service Control Manager [7034] - The Avira AntiVir Guard service terminated unexpectedly. It has done this 3 time(s).
    2/2/2013 3:46:36 PM, error: Service Control Manager [7031] - The Avira AntiVir Guard service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    2/2/2013 3:46:28 PM, error: Service Control Manager [7031] - The Avira AntiVir Guard service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    .
    ==== End Of File ===========================


    GMER 2.0.18454 - http://www.gmer.net
    Rootkit scan 2013-02-06 20:59:52
    Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 HTS541060G9AT00 rev.MB3IA60A 55.89GB
    Running: zen0f3xi.exe; Driver: C:\DOCUME~1\LAPTOP\LOCALS~1\Temp\uwtdqpow.sys


    ---- System - GMER 2.0 ----

    SSDT F7CC2426 ZwCreateKey
    SSDT F7CC241C ZwCreateThread
    SSDT F7CC242B ZwDeleteKey
    SSDT F7CC2435 ZwDeleteValueKey
    SSDT F7CC243A ZwLoadKey
    SSDT F7CC2408 ZwOpenProcess
    SSDT F7CC240D ZwOpenThread
    SSDT F7CC2444 ZwReplaceKey
    SSDT F7CC243F ZwRestoreKey
    SSDT F7CC2430 ZwSetValueKey

    ---- Kernel code sections - GMER 2.0 ----

    ? C:\WINDOWS\system32\drivers\inmon.sys The system cannot find the file specified. !
    ? C:\DOCUME~1\LAPTOP\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 2.0 ----

    .text C:\Program Files\Reliance Netconnect - Broadband+\bin\PcmciaApp.exe[524] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3]
    .text C:\Program Files\Reliance Netconnect - Broadband+\bin\PcmciaApp.exe[524] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3]
    .text C:\WINDOWS\system32\ctfmon.exe[1112] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3]
    .text C:\WINDOWS\system32\ctfmon.exe[1112] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3]
    .text C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe[1544] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3]
    .text C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe[1544] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3]
    .text C:\Documents and Settings\LAPTOP\Desktop\zen0f3xi.exe[1744] kernel32.dll!TerminateProcess 7C801E1A 1 Byte [C3]
    .text C:\Documents and Settings\LAPTOP\Desktop\zen0f3xi.exe[1744] kernel32.dll!TerminateThread 7C81CB3B 1 Byte [C3]

    ---- EOF - GMER 2.0 ----
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1088263

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice