TechSpot

Internet is too slow on my desktop but in lap its fast

By sritce
Oct 26, 2010
  1. hi,,
    I guess my desktop affected by virus. my browsing is too slow.taking nearly 4 min to open google.com...sometimes wont open.but getting good download speed in torrents.same internet connection,but used in my laptop using wifi ,speed is pretty good..kindly guide me to disinfect my system

    Thanks
     
  2. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
     
  3. sritce

    sritce TS Rookie Topic Starter Posts: 47

    mbam , gmer

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4052

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    10/27/2010 12:39:42 AM
    mbam-log-2010-10-27 (00-39-42).txt

    Scan type: Quick scan
    Objects scanned: 127237
    Time elapsed: 8 minute(s), 36 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
    ********************************************************************
    gmer:



    GMER 1.0.15.15477 - http://www.gmer.net
    Rootkit scan 2010-10-27 08:30:16
    Windows 6.1.7600
    Running: gmer.exe; Driver: C:\Users\sri\AppData\Local\Temp\uwldypow.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x8BF31992]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x8BF333FA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x8BF33674]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x8BF338E6]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x8BF322AA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x8BF32A52]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x8BF32E4E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x8BF324C8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x8BF32D34]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x8BF31582]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x8BF32C08]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x8BF3172A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x8BF32F6E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x8BF31F32]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x8BF32030]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x8BF32C9E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x8BF34596]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x8BF35716]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x8BF32694]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x8BF34688]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x8BF34D62]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x8BF32EE4]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x8BF32336]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x8BF32DC4]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x8BF31BDC]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x8BF34AFC]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x8BF33004]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x8BF31AD0]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x8BF33B30]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x8BF3509C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x8BF3498E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x8BF33368]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x8BF3322E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x8BF34330]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x8BF355B8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x8BF3279C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x8BF3214C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x8BF33BD2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x8BF34790]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x8BF351EC]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x8BF352DE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x8BF35418]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x8BF344BA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x8BF31D7C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x8BF31CD2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x8BF34F40]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x8BF31E68]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82A83599 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82AA7F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!RtlSidHashLookup + 220 82AAF730 4 Bytes [92, 19, F3, 8B]
    .text ntkrnlpa.exe!RtlSidHashLookup + 248 82AAF758 8 Bytes [FA, 33, F3, 8B, 74, 36, F3, ...]
    .text ntkrnlpa.exe!RtlSidHashLookup + 28C 82AAF79C 4 Bytes [E6, 38, F3, 8B]
    .text ntkrnlpa.exe!RtlSidHashLookup + 2B8 82AAF7C8 4 Bytes [AA, 22, F3, 8B]
    .text ntkrnlpa.exe!RtlSidHashLookup + 2DC 82AAF7EC 4 Bytes [52, 2A, F3, 8B]
    .text ...
    PAGE spsys.sys!?SPRevision@@3PADA + 4F90 9E9A2000 290 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...]
    PAGE spsys.sys!?SPRevision@@3PADA + 50B3 9E9A2123 486 Bytes [D5, 99, 9E, FE, 05, 34, D5, ...]
    PAGE spsys.sys!?SPRevision@@3PADA + 529A 9E9A230A 142 Bytes [99, 9E, 3B, 08, 77, 04, 3B, ...]
    PAGE spsys.sys!?SPRevision@@3PADA + 5329 9E9A2399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...]
    PAGE spsys.sys!?SPRevision@@3PADA + 538F 9E9A23FF 148 Bytes [18, 5D, C2, 14, 00, 8B, FF, ...]
    PAGE ...
    .text autochk.exe 002011D1 4 Bytes [5C, 7A, 2B, 64]
    .text autochk.exe 002011D7 2 Bytes [8A, 4D]
    .text autochk.exe 002011DA 1 Byte [41]
    .text autochk.exe 002011DA 3 Bytes [41, 00, 4E]
    .text autochk.exe 002011DE 1 Byte [55]
    .text ...

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Tunngle\TnglCtrl.exe[688] ntdll.dll!DbgBreakPoint 77843574 1 Byte [90]
    ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1624] C:\Windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
    ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1624] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
    .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1624] USER32.dll!NotifyWinEvent + 48B 75ECF724 4 Bytes [70, 11, 46, 6C] {JO 0x13; INC ESI; INSB }
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtCreateFile + 6 77854A36 4 Bytes [28, 00, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtCreateFile + B 77854A3B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtMapViewOfSection + 6 77855096 1 Byte [28]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtMapViewOfSection + 6 77855096 4 Bytes [28, 03, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtMapViewOfSection + B 7785509B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenFile + 6 77855146 4 Bytes [68, 00, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenFile + B 7785514B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenProcess + 6 778551F6 4 Bytes [A8, 01, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenProcess + B 778551FB 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenProcessToken + B 7785520B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenProcessTokenEx + 6 77855216 4 Bytes [A8, 02, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenProcessTokenEx + B 7785521B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenThread + 6 77855276 4 Bytes [68, 01, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenThread + B 7785527B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenThreadToken + 6 77855286 4 Bytes [68, 02, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenThreadToken + B 7785528B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtOpenThreadTokenEx + B 7785529B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtQueryAttributesFile + 6 778553A6 4 Bytes [A8, 00, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtQueryAttributesFile + B 778553AB 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtQueryFullAttributesFile + B 7785545B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtSetInformationFile + 6 77855AA6 4 Bytes [28, 01, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtSetInformationFile + B 77855AAB 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtSetInformationThread + 6 77855B06 4 Bytes [28, 02, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtSetInformationThread + B 77855B0B 1 Byte [E2]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtUnmapViewOfSection + 6 77855E26 1 Byte [68]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtUnmapViewOfSection + 6 77855E26 4 Bytes [68, 03, 07, 00]
    .text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[3000] ntdll.dll!NtUnmapViewOfSection + B 77855E2B 1 Byte [E2]

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74522494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74505624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [745056E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7452250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74518573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74514D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [745150CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [745151A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [745166D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [745182CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74518819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7451907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7451E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT C:\Windows\Explorer.EXE[2224] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74514C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

    Device \Driver\ACPI_HAL \Device\0000004f halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

    AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

    ---- Threads - GMER 1.0.15 ----

    Thread System [4:3824] 9E9AFF2E

    ---- EOF - GMER 1.0.15 ----
     
  4. sritce

    sritce TS Rookie Topic Starter Posts: 47

    dds and attach log

    dds :
    __________


    DDS (Ver_10-10-21.02) - NTFSx86
    Run by sri at 8:31:05.21 on Wed 10/27/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.1939 [GMT 5.5:30]


    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    C:\Windows\system32\STacSV.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TeamViewer3\TeamViewer_Host.exe
    C:\Program Files\Tunngle\TnglCtrl.exe
    C:\Program Files\Citrix\ICA Client\ssonsvr.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Citrix\ICA Client\concentr.exe
    C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Users\sri\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
    C:\Program Files\Citrix\ICA Client\WFCRUN32.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\taskhost.exe
    C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
    E:\New folder\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uSearch Page = hxxp://www.google.com
    uStart Page = hxxp://vshare.toolbarhome.com/?hp=df&t=1
    uSearch Bar = hxxp://www.google.com/ie
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof0.dll
    mURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof0.dll
    BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof0.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GR469A~1.DLL
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof0.dll
    TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
    uRun: [SRS Audio Sandbox] "c:\program files\srs labs\audio sandbox\SRSSSC.exe" /hideme
    uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
    uRun: [Google Update] "c:\users\sri\appdata\local\google\update\GoogleUpdate.exe" /c
    mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe"
    mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
    IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
    IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: {DD4904D1-273B-4EA8-918D-26B860C68466} = 192.168.1.1
    Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GRA32A~1.DLL
    Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GR469A~1.DLL

    ============= SERVICES / DRIVERS ===============

    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-4-16 65584]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2010-3-30 1107336]
    R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2010-9-30 71336]
    R2 TeamViewer;TeamViewer 3;c:\program files\teamviewer3\TeamViewer_Host.exe [2008-7-16 181544]
    R2 TunngleService;TunngleService;c:\program files\tunngle\TnglCtrl.exe [2010-9-26 716024]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
    R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2010-9-26 27136]
    S1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-5-7 132184]
    S2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe [2010-5-7 344736]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 MBLAUDRV;Mobiola Audio Service;c:\windows\system32\drivers\BTCamAudioDrv.sys [2010-9-16 13312]
    S3 MBLAUDRVOUT;Mobiola Audio Out Service;c:\windows\system32\drivers\BTCamAudioDrvOut.sys [2010-9-16 18304]
    S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [2010-8-14 384752]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-15 1343400]

    =============== Created Last 30 ================

    2010-10-26 18:54:02 -------- d-----w- c:\users\sri\appdata\roaming\Malwarebytes
    2010-10-26 18:53:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-10-26 18:53:41 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-10-26 18:53:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-10-26 18:53:41 -------- d-----w- c:\progra~2\Malwarebytes
    2010-10-26 17:14:36 -------- d-----w- C:\VundoFix Backups
    2010-10-26 16:16:12 -------- d-----w- c:\program files\Trend Micro
    2010-10-26 16:04:21 301568 ----a-w- c:\windows\system32\cmd.execf
    2010-10-26 15:30:24 61440 ----a-r- c:\users\sri\appdata\roaming\microsoft\installer\{04db4871-bc1d-44bf-aadb-47326365eb8c}\ARPPRODUCTICON.exe
    2010-10-23 13:25:11 -------- d-----w- c:\program files\vShare
    2010-10-22 12:43:22 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{1baff813-dae5-40bf-91e0-f75a0ac88a90}\mpengine.dll
    2010-10-22 02:32:52 -------- d-----w- c:\users\sri\appdata\roaming\PDF Writer
    2010-10-22 02:32:52 -------- d-----w- c:\users\sri\appdata\local\PDF Writer
    2010-10-22 02:32:52 -------- d-----w- c:\progra~2\PDF Writer
    2010-10-18 17:46:07 -------- d-----w- c:\program files\Switch Off
    2010-10-14 05:51:00 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
    2010-10-14 05:51:00 1413632 ----a-w- c:\windows\system32\ole32.dll
    2010-10-09 04:18:24 90624 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPWN7.DLL
    2010-10-09 04:12:05 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
    2010-10-09 04:12:05 135168 ----a-w- c:\windows\system32\bzpdfc.dll
    2010-10-09 04:12:05 103424 ----a-w- c:\windows\system32\bzDCT.dll
    2010-10-09 04:12:05 -------- d-----w- c:\program files\common files\Bullzip
    2010-10-09 04:12:01 196096 ----a-w- c:\windows\system32\bzpdf.dll
    2010-10-09 04:11:56 140288 ----a-w- c:\windows\system32\comdlg32.OCX
    2010-10-09 04:11:56 -------- d-----w- c:\program files\Bullzip
    2010-09-29 18:56:49 71336 ----a-w- c:\windows\system32\drivers\idmwfp.sys
    2010-09-29 07:39:15 190976 ----a-w- c:\windows\system32\drivers\ks.sys
    2010-09-29 07:05:50 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-09-29 07:05:42 13312 ----a-w- c:\program files\internet explorer\iecompat.dll

    ==================== Find3M ====================

    2010-10-19 06:11:44 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll
    2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec
    2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL
    2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys
    2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll
    2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll
    2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll
    2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-21 05:36:33 738816 ----a-w- c:\windows\system32\wmpmde.dll
    2010-08-21 05:36:24 224256 ----a-w- c:\windows\system32\schannel.dll
    2010-08-21 05:33:24 530432 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-21 05:32:37 316928 ----a-w- c:\windows\system32\spoolsv.exe
    2010-08-15 08:47:56 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-08-12 08:00:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
    2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
    2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll

    ============= FINISH: 8:31:34.96 ===============
    attach



    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-10-21.02)

    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/14/2010 11:48:29 AM
    System Uptime: 10/27/2010 12:28:52 AM (8 hours ago)

    Motherboard: Intel Corporation | | D945GCL
    Processor: Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz | | 1800/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 40 GiB total, 1.031 GiB free.
    D: is FIXED (NTFS) - 40 GiB total, 1.274 GiB free.
    E: is FIXED (NTFS) - 69 GiB total, 3.934 GiB free.
    F: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: kl2
    Device ID: ROOT\LEGACY_KL2\0000
    Manufacturer:
    Name: kl2
    PNP Device ID: ROOT\LEGACY_KL2\0000
    Service: kl2

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================

    ĀµTorrent
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Premiere 6.0
    Adobe Reader 9.4.0
    Ask Toolbar
    AVS Update Manager 1.0
    AVS Video Converter 6
    AVS4YOU Software Navigator 1.4
    Bullzip PDF Printer 7.1.0.1218
    CCleaner
    Citrix online plug-in
    Citrix online plug-in (DV)
    Citrix online plug-in (HDX)
    Citrix online plug-in (PNA)
    Citrix online plug-in (SSON)
    Citrix online plug-in (USB)
    Citrix online plug-in (Web)
    DivX Setup
    FIFA 07
    GOM Player
    Google Chrome
    Google Talk Plugin
    GPL Ghostscript Lite 8.70
    HijackThis 2.0.2
    IDT Audio
    Intel Audio Studio 2.7
    Internet Download Manager
    Java Auto Updater
    Java(TM) 6 Update 21
    K-Lite Codec Pack 6.3.0 (Full)
    Kaspersky Internet Security 2011
    LogMeIn Hamachi
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    MP3 Cutter 1.0
    Opera 9.27
    Paint.NET v3.5.5
    Picasa 3
    PowerISO
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Shockwave
    Show Desktop
    Softonic-Eng7 Toolbar
    SRS Audio Sandbox
    Switch Off
    TeamViewer 3
    Tennis Masters Series 2003
    The Battle for Middle-earth (tm)
    Tunngle beta
    VC80CRTRedist - 8.0.50727.4053
    VLC media player 1.1.4
    vShare Plugin
    WinRAR archiver
    WinZip 14.5

    ==== Event Viewer Messages From Past Week ========

    10/27/2010 12:29:28 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: kl2
    10/27/2010 12:29:11 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147014847
    10/27/2010 1:34:14 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    10/26/2010 10:31:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    10/26/2010 10:31:54 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/26/2010 10:31:54 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    10/24/2010 9:00:32 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ARAVIND-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{DD4904D1-273B-4EA8-918D-26B860C. The master browser is stopping or an election is being forced.
    10/24/2010 1:59:52 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer GURU-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3C390C27-9C20-4457-8A9A-68AB679077. The master browser is stopping or an election is being forced.
    10/23/2010 9:51:25 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer SAMMY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3C390C27-9C20-4457-8A9A-68AB6790772A. The master browser is stopping or an election is being forced.
    10/23/2010 5:25:59 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer JOY-B2C1BC49278 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3C390C27-9C20-4457-8A9A-68. The master browser is stopping or an election is being forced.
    10/23/2010 3:35:23 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
    10/23/2010 12:15:48 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer HOME that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3C390C27-9C20-4457-8A9A-68AB6790772A}. The master browser is stopping or an election is being forced.
    10/23/2010 12:09:31 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
    10/22/2010 9:11:59 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer KARAN that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3C390C27-9C20-4457-8A9A-68AB6790772A. The master browser is stopping or an election is being forced.
    10/22/2010 5:11:48 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ABHINAV-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3C390C27-9C20-4457-8A9A-68AB679. The master browser is stopping or an election is being forced.
    10/22/2010 12:48:48 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
    10/21/2010 11:47:07 AM, Error: Microsoft-Windows-HttpEvent [15005] - Unable to bind to the underlying transport for [::]:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
    10/20/2010 9:41:00 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer HCL that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3C390C27-9C20-4457-8A9A-68AB6790772A}. The master browser is stopping or an election is being forced.

    ==== End Of File ===========================
     
  5. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Please, follow all instructions to a dot.
    You didn't update MBAM.
    Update it, re-run, post new log.
     
  6. sritce

    sritce TS Rookie Topic Starter Posts: 47

    @broni

    Hi..thanks for guiding me...but internet is down,i am not able to update mbam.any other way i could update the malware software?
     
  7. sritce

    sritce TS Rookie Topic Starter Posts: 47

    @broni

    sorry to trouble u..i managed to update it somehow..will post the log after scan
     
  8. sritce

    sritce TS Rookie Topic Starter Posts: 47

    pasted the updated mbma log

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4959

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    10/27/2010 6:55:20 PM
    mbam-log-2010-10-27 (18-55-20).txt

    Scan type: Full scan (C:\|D:\|E:\|F:\|)
    Objects scanned: 254697
    Time elapsed: 59 minute(s), 37 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 5

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    E:\New folder\FFF-AYSABTU.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    E:\Softwaress\SRS AUDIO SANDBOX KEY GEN.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
    E:\Softwaress\Microsoft Office 2007 FULL + Keygen ( Vista comp.)\Office [Keygen].exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
    E:\Softwaress\TuneUp Utilities 2009 v8.0.3100.31 - (Malestrom)\TuneUp Utilities 2009 v8.0.3100.31 - (Malestrom)\Keygen\TuneUp.Utilities.2009-keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
    E:\Softwaress\downloader\internet download manager 5.17 build 5\patch 5.xx (2008-12-06)\Patch 5.xx (2008-12-06).exe (Trojan.Agent) -> Quarantined and deleted successfully.
     
  9. sritce

    sritce TS Rookie Topic Starter Posts: 47

    i quarantined the listed virus in malware software..still internet is dead if i try using lan...but wifi its working fine.
     
  10. sritce

    sritce TS Rookie Topic Starter Posts: 47

    thread can be closed..i format the system..thanks for the help anyhow..
     
  11. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Thank you for letting me know.

    Good luck :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...