D
Deleted member 26636
Guest
since yesterday my system has been running really slow...it takes ages to boot, restart or shutdown...when it finally boots...the taskbar takes about 5 mins to load & then the few startup programs take even longer. my PC is always connected to the internet 24/7. though i have avira free & comodo, i suspect its a virus.the problem started with mozilla firefox which just wouldn't open..then when i tried to open a website using IE i get the following error- the instruction at "ox7c90100b" referenced memory at "0x00000014". the memory couldn't be read. click on ok to terminate the program.
today when i switched on my PC my network connection was dead..i opened the control panel & then network connections but the folder was empty..when i clicked on create a new connection..the system just hangs.i scanned my PC using avira & no virus was detected. here is a Hijack this log file,please analyse it & help me solve my problem. thank you.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:04:14 PM, on 7/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
D:\SOFTWARES\Comodo Firewall\Comodo\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\SOFTWARES\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\System32\svchost.exe
D:\SOFTWARES\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\TUProgSt.exe
D:\SOFTWARES\Avira\AntiVir Desktop\avgnt.exe
D:\SOFTWARES\HP USB Multimedia Keyboard\KMaestro.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\SOFTWARES\Comodo Firewall\Comodo\COMODO Internet Security\cfp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\TEMP\pseoufkivg.exe
D:\SOFTWARES\SuperCopier 2\SuperCopier2\SuperCopier2.exe
D:\SOFTWARES\SRS\SRSSSC.exe
C:\WINDOWS\system32\ctfmon.exe
D:\SOFTWARES\uTorrent\uTorrent.exe
D:\SOFTWARES\BitTorrent\bittorrent.exe
C:\WINDOWS\explorer.exe
D:\SOFTWARES\Avira\AntiVir Desktop\avscan.exe
G:\BACKUP\SOFTWARES & DRIVERS\Antivirus & Antispyware\Conficker.C Remover.exe
D:\SOFTWARES\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\SOFTWARES\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\SOFTWARES\Java\bin\ssv.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\SOFTWARES\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [avgnt] "D:\SOFTWARES\Avira\AntiVir Desktop\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [BtcMaestro] "D:\SOFTWARES\HP USB Multimedia Keyboard\KMaestro.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\SOFTWARES\Comodo Firewall\Comodo\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [PromoReg] C:\WINDOWS\TEMP\pseoufkivg.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] D:\SOFTWARES\SuperCopier 2\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] D:\SOFTWARES\SRS\SRSSSC.exe /hideme
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\SOFTWARES\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "D:\SOFTWARES\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [BitTorrent] "D:\SOFTWARES\BitTorrent\bittorrent.exe"
O4 - HKLM\..\Policies\Explorer\Run: []
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User '?')
O4 - HKUS\S-1-5-21-682003330-1343024091-725345543-1003\..\Run: [SuperCopier2.exe] D:\SOFTWARES\SuperCopier 2\SuperCopier2\SuperCopier2.exe (User '?')
O4 - HKUS\S-1-5-21-682003330-1343024091-725345543-1003\..\Run: [DAEMON Tools Lite] "D:\SOFTWARES\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-682003330-1343024091-725345543-1003\..\Run: [uTorrent] "D:\SOFTWARES\uTorrent\uTorrent.exe" (User '?')
O4 - HKUS\S-1-5-21-682003330-1343024091-725345543-1003\..\Run: [BitTorrent] "D:\SOFTWARES\BitTorrent\bittorrent.exe" (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User '?')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://D:\SOFTWARES\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\SOFTWARES\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: add to google photos screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\SOFTWARES\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\SOFTWARES\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\SOFTWARES\Java\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\SOFTWARES\Java\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O11 - Options group: [international] International
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Eset Trial Reset (.esettrialreset) - Unknown owner - C:\WINDOWS\reset.exe (file missing)
O23 - Service: Norton2009 Reset (.norton2009reset) - Unknown owner - C:\Program Files\Norton2009Reset.exe
O23 - Service: Avira AntiVir Scheduler (antivirschedulerservice) - Avira GmbH - D:\SOFTWARES\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (antivirservice) - Avira GmbH - D:\SOFTWARES\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\SOFTWARES\Comodo Firewall\Comodo\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (idrivert) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\SOFTWARES\Max 09\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - KALiNKOsoft - C:\Program Files\KALiNKOsoft\Pinnacle Game Profiler\pinnacle_updater.exe
O23 - Service: mental ray Satellite 3.7.1 for Maya 2009 (32 bit) (RaySat2009Server) - Unknown owner - C:\Program Files\Autodesk\mrsat3.7.1-maya2009\bin\raysat2009server.exe
O23 - Service: TabletService (tabletservice) - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 7943 bytes
today when i switched on my PC my network connection was dead..i opened the control panel & then network connections but the folder was empty..when i clicked on create a new connection..the system just hangs.i scanned my PC using avira & no virus was detected. here is a Hijack this log file,please analyse it & help me solve my problem. thank you.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:04:14 PM, on 7/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
D:\SOFTWARES\Comodo Firewall\Comodo\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\SOFTWARES\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\System32\svchost.exe
D:\SOFTWARES\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\TUProgSt.exe
D:\SOFTWARES\Avira\AntiVir Desktop\avgnt.exe
D:\SOFTWARES\HP USB Multimedia Keyboard\KMaestro.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\SOFTWARES\Comodo Firewall\Comodo\COMODO Internet Security\cfp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\TEMP\pseoufkivg.exe
D:\SOFTWARES\SuperCopier 2\SuperCopier2\SuperCopier2.exe
D:\SOFTWARES\SRS\SRSSSC.exe
C:\WINDOWS\system32\ctfmon.exe
D:\SOFTWARES\uTorrent\uTorrent.exe
D:\SOFTWARES\BitTorrent\bittorrent.exe
C:\WINDOWS\explorer.exe
D:\SOFTWARES\Avira\AntiVir Desktop\avscan.exe
G:\BACKUP\SOFTWARES & DRIVERS\Antivirus & Antispyware\Conficker.C Remover.exe
D:\SOFTWARES\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\SOFTWARES\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\SOFTWARES\Java\bin\ssv.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\SOFTWARES\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [avgnt] "D:\SOFTWARES\Avira\AntiVir Desktop\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [BtcMaestro] "D:\SOFTWARES\HP USB Multimedia Keyboard\KMaestro.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\SOFTWARES\Comodo Firewall\Comodo\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [PromoReg] C:\WINDOWS\TEMP\pseoufkivg.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] D:\SOFTWARES\SuperCopier 2\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] D:\SOFTWARES\SRS\SRSSSC.exe /hideme
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\SOFTWARES\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "D:\SOFTWARES\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [BitTorrent] "D:\SOFTWARES\BitTorrent\bittorrent.exe"
O4 - HKLM\..\Policies\Explorer\Run: []
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User '?')
O4 - HKUS\S-1-5-21-682003330-1343024091-725345543-1003\..\Run: [SuperCopier2.exe] D:\SOFTWARES\SuperCopier 2\SuperCopier2\SuperCopier2.exe (User '?')
O4 - HKUS\S-1-5-21-682003330-1343024091-725345543-1003\..\Run: [DAEMON Tools Lite] "D:\SOFTWARES\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-682003330-1343024091-725345543-1003\..\Run: [uTorrent] "D:\SOFTWARES\uTorrent\uTorrent.exe" (User '?')
O4 - HKUS\S-1-5-21-682003330-1343024091-725345543-1003\..\Run: [BitTorrent] "D:\SOFTWARES\BitTorrent\bittorrent.exe" (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User '?')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://D:\SOFTWARES\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\SOFTWARES\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: add to google photos screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\SOFTWARES\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\SOFTWARES\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\SOFTWARES\Java\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\SOFTWARES\Java\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O11 - Options group: [international] International
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Eset Trial Reset (.esettrialreset) - Unknown owner - C:\WINDOWS\reset.exe (file missing)
O23 - Service: Norton2009 Reset (.norton2009reset) - Unknown owner - C:\Program Files\Norton2009Reset.exe
O23 - Service: Avira AntiVir Scheduler (antivirschedulerservice) - Avira GmbH - D:\SOFTWARES\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (antivirservice) - Avira GmbH - D:\SOFTWARES\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\SOFTWARES\Comodo Firewall\Comodo\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (idrivert) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\SOFTWARES\Max 09\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - KALiNKOsoft - C:\Program Files\KALiNKOsoft\Pinnacle Game Profiler\pinnacle_updater.exe
O23 - Service: mental ray Satellite 3.7.1 for Maya 2009 (32 bit) (RaySat2009Server) - Unknown owner - C:\Program Files\Autodesk\mrsat3.7.1-maya2009\bin\raysat2009server.exe
O23 - Service: TabletService (tabletservice) - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 7943 bytes