TechSpot

Need help - svchost, iexplorer and explorer taking my process capacity

By gsureshmendon
Jul 29, 2011
  1. Dear All,

    My pc got infected with malware and virus. svchost.exe, iexplorer and explorer takes too much usage in my process. Two iexplorer and two explorer running at same time. I have done the 7-step virus removing process and got those log files. So plz find the attachments and help me out :)
     

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! I'll be glad to help but you missed a very important direction:

    When you have finished, leave the logs for review in your next reply .
    I'll review the logs after you have pasted them in.
    ====================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.
    If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
     
  3. gsureshmendon

    gsureshmendon TS Rookie Topic Starter

    Thanks for the basic instructions man

    Sorry i dont know how to proceed or reply for you, so i try in my way that iam going to paste those logs in this thread.


    ==============================================================================================================================


    MALWARE LOGS


    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7316

    Windows 6.1.7600
    Internet Explorer 9.0.8112.16421

    7/29/2011 5:15:53 PM
    mbam-log-2011-07-29 (17-15-53).txt

    Scan type: Quick scan
    Objects scanned: 179628
    Time elapsed: 6 minute(s), 36 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 1
    Registry Keys Infected: 6
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 13

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    c:\Windows\System32\wvsrvnil.dll (IPH.GenericBHO) -> Delete on reboot.

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\CLSID\{467C1A57-C8F7-ED97-851B-7C2BD734A397} (IPH.GenericBHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Soaejlze (IPH.GenericBHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{467C1A57-C8F7-ED97-851B-7C2BD734A397} (IPH.GenericBHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{467C1A57-C8F7-ED97-851B-7C2BD734A397} (IPH.GenericBHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{467C1A57-C8F7-ED97-851B-7C2BD734A397} (IPH.GenericBHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\Windows\System32\wvsrvnil.dll (IPH.GenericBHO) -> Delete on reboot.
    c:\Windows\System32\fsb.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
    c:\Users\Suresh\downloads\go_v1.3.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Windows\hpci.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Windows\pstc.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
    c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
    c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully.
    c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\plugs\mmc114.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
    c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\plugs\mmc229.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
    c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\plugs\mmc254.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
    c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\plugs\mmc31163742.txt (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
    c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\plugs\mmc64.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.


    ==============================================================================================================================
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    That's fine. Please paste in the 2 log from the DDS scan just like you did for Malwarebytes.

    There are several different malwares. One of them is going to be hard to remove:
    IF you have connected a flash drive, we will need to disinfect that.

    Mbam has removed many entries for this, but we have to see how much it spread to other files.
     
  5. gsureshmendon

    gsureshmendon TS Rookie Topic Starter

    Thanks for that . Here the two logs from DDS

    DDS.TXT
    -----------------

    .
    DDS (Ver_2011-06-23.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_18
    Run by Suresh at 20:03:37 on 2011-07-29
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3069.1599 [GMT 5.5:30]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Airtel NetXpert\bin\sprtsvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Airtel NetXpert\bin\tgsrvc.exe
    C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
    C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\DAP\DAP.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\vssvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uWindow Title = >>> 'Full Speed' Enabled <<<
    uSearch Bar =
    mStart Page = about:blank
    uInternet Settings,ProxyOverride = *.local;<local>
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: SBCONVERT Class: {3017fb3e-9a77-4396-88c5-0ec9548fb42f} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
    BHO: SBCONVERT Class: {31b27f2d-6bc6-451b-b3d2-4eab36b2fc3b} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
    BHO: SearchPredictObj Class: {389943b0-c3a2-4e69-82cb-8596a84cb3dc} - c:\progra~1\search~1\SEARCH~1.DLL
    BHO: : {467c1a57-c8f7-ed97-851b-7c2bd734a397} - c:\windows\system32\wvsrvnil.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL
    BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\speedb~1\toolbar\grabber.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
    TB: Veoh Video Compass: {52836eb0-631a-47b1-94a6-61f9d9112dae} - c:\program files\veoh networks\veoh video compass\SearchRecsPlugin.dll
    TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll
    TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
    uRun: [AdobeBridge]
    mRun: [<NO NAME>]
    mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"
    mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"
    dRun: [Google Update] c:\windows\system32\config\systemprofile\appdata\local\google\update\gupdate.exe
    dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10n_ActiveX.exe -update activex
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
    IE: &Download with &DAP - c:\program files\dap\dapextie.htm
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
    IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49}
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{028DA33B-2951-4937-8540-645A8FF74E36} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{AC364EA0-B13A-45CA-91D1-53A18098825E}\0756E64716 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{AC364EA0-B13A-45CA-91D1-53A18098825E}\1496274756C6 : DhcpNameServer = 203.145.184.13 203.145.184.32
    TCP: Interfaces\{AC364EA0-B13A-45CA-91D1-53A18098825E}\2494C4C414 : DhcpNameServer = 192.168.1.1
    Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
    Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 bdfwfpf;bdfwfpf;c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf.sys [2010-7-15 88656]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 sprtsvc_netxpert;SupportSoft Sprocket Service (netxpert);c:\program files\airtel netxpert\bin\sprtsvc.exe [2011-7-6 206120]
    R2 tgsrvc_netxpert;SupportSoft Repair Service (netxpert);c:\program files\airtel netxpert\bin\tgsrvc.exe [2011-7-6 185640]
    R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2011\updatesrv.exe [2010-7-21 42912]
    R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-5-13 152528]
    R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2009-5-20 59904]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-5-11 64544]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-11-30 167936]
    R3 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2010-7-14 299008]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
    S2 raywatrz;i8042 Keyboard and PS/2 Mouse Port Controller;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmnsusbser.sys [2011-3-5 105984]
    S3 iscFlash;iscFlash;c:\program files\sp45765\iscflash.sys [2009-6-16 13312]
    S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-7-22 116136]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-7-24 1343400]
    S4 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe [2009-11-29 81920]
    S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-6-28 633424]
    S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-6-28 970320]
    S4 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.exe [2011-3-5 135168]
    S4 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2010-2-26 26168]
    S4 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-2-25 2253688]
    .
    =============== Created Last 30 ================
    .
    2011-07-29 11:35:49 -------- d-----w- c:\users\suresh\appdata\roaming\Malwarebytes
    2011-07-29 11:35:43 -------- d-----w- c:\programdata\Malwarebytes
    2011-07-29 11:35:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-07-29 10:02:20 -------- d-----w- c:\windows\system32\wbem\Logs
    2011-07-29 09:50:57 -------- d--h--w- c:\windows\PIF
    2011-07-29 09:49:10 -------- d-----w- c:\program files\common files\ParetoLogic
    2011-07-29 09:49:09 -------- d-----w- c:\program files\ParetoLogic
    2011-07-29 09:19:28 -------- d-----w- c:\users\suresh\appdata\roaming\ParetoLogic
    2011-07-29 09:19:28 -------- d-----w- c:\users\suresh\appdata\roaming\DriverCure
    2011-07-29 09:19:16 -------- d-----w- c:\programdata\ParetoLogic
    2011-07-27 17:59:38 -------- d-----w- c:\users\suresh\appdata\local\DDMSettings
    2011-07-27 08:45:06 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
    2011-07-26 17:57:20 46928 ----a-w- c:\windows\system32\AdobePDF.dll
    2011-07-26 17:47:42 -------- d-----w- c:\program files\Applied Linguistics
    2011-07-25 12:50:53 194 ----a-w- c:\windows\system32\RBDELDRV.BAT
    2011-07-25 09:27:20 -------- d-----w- c:\programdata\bdch
    2011-07-25 09:23:56 801792 ----a-w- c:\windows\system32\FntCache.dll
    2011-07-24 12:26:54 393216 ----a-w- c:\windows\system32\drivers\bthport.sys
    2011-07-24 12:26:53 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
    2011-07-24 07:57:01 -------- d-----w- c:\windows\system32\Wat
    2011-07-23 21:56:39 257024 ----a-w- c:\windows\system32\msv1_0.dll
    2011-07-23 21:52:52 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2011-07-23 21:52:52 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2011-07-23 21:52:52 297808 ----a-w- c:\windows\system32\mscoree.dll
    2011-07-23 21:52:52 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2011-07-23 21:52:52 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2011-07-23 21:33:14 -------- d-----w- c:\program files\MSXML 4.0
    2011-07-23 17:39:31 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
    2011-07-23 17:39:30 1413632 ----a-w- c:\windows\system32\ole32.dll
    2011-07-23 17:39:09 338944 ----a-w- c:\windows\system32\drivers\afd.sys
    2011-07-23 17:39:09 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-07-23 17:39:07 311296 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-07-23 17:39:07 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
    2011-07-23 17:39:07 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2011-07-23 17:37:58 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2011-07-23 17:35:55 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-07-23 17:35:54 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-07-23 17:35:52 738816 ----a-w- c:\windows\system32\wmpmde.dll
    2011-07-23 17:35:51 101760 ----a-w- c:\windows\system32\consent.exe
    2011-07-23 17:35:46 1164288 ----a-w- c:\windows\system32\mfc42u.dll
    2011-07-23 17:35:46 1137664 ----a-w- c:\windows\system32\mfc42.dll
    2011-07-23 17:35:16 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
    2011-07-23 17:35:14 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
    2011-07-23 17:35:09 123904 ----a-w- c:\windows\system32\poqexec.exe
    2011-07-23 17:35:08 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-07-23 17:35:07 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2011-07-23 17:35:07 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-07-23 17:18:13 172032 ----a-w- c:\windows\system32\wintrust.dll
    2011-07-23 17:17:53 132608 ----a-w- c:\windows\system32\cabview.dll
    2011-07-23 16:45:18 -------- d-----w- c:\users\suresh\appdata\roaming\BitDefender
    2011-07-23 16:44:59 -------- d-----w- c:\program files\BitDefender
    2011-07-23 16:40:43 -------- d-----w- c:\programdata\99eb0000-107a-4b20-2aa4-d69b7ea7d0b4
    2011-07-23 16:29:28 0 ----a-w- c:\windows\system32\E6e14QyY.exe
    2011-07-23 16:01:47 -------- d-----w- c:\programdata\87c30000-547f-4384-cf3c-92fd46ae0397
    2011-07-23 15:23:13 -------- d-----w- c:\users\suresh\appdata\roaming\QuickScan
    2011-07-23 15:22:52 253072 ----a-w- c:\windows\system32\drivers\Trufos.sys
    2011-07-23 15:22:04 -------- d-----w- c:\programdata\BitDefender
    2011-07-23 15:22:04 -------- d-----w- c:\program files\common files\BitDefender
    2011-07-23 15:20:36 327368 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
    2011-07-23 15:20:31 816727 ----a-w- c:\programdata\bdinstall.bin
    2011-07-22 10:44:49 -------- d-----w- c:\programdata\Big Fish Games
    2011-07-22 10:43:46 -------- d-----w- C:\BigFishGamesCache
    2011-07-22 06:57:16 832512 ----a-w- c:\windows\system32\wvsrvnil.dll
    2011-07-19 14:04:11 71680 --sha-r- c:\windows\system32\httpapiu.dll
    2011-07-19 06:42:08 -------- d-----w- c:\program files\DAP
    2011-07-18 11:06:04 -------- d-----w- c:\program files\DU Meter
    2011-07-17 18:00:51 -------- d-----w- c:\users\suresh\appdata\roaming\ISP Monitor
    2011-07-17 04:45:49 -------- d-----w- c:\programdata\Solidshield
    2011-07-15 22:57:09 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{50a69dc4-5d56-4f38-b39a-a306d4fa8ce4}\mpengine.dll
    2011-07-06 15:15:35 172032 ----a-w- c:\windows\system32\AniGIF.ocx
    2011-07-06 08:52:44 161 ----a-w- c:\users\suresh\startAgent.bat
    2011-07-06 08:51:47 -------- d-----w- c:\program files\common files\SupportSoft
    2011-07-06 08:51:35 -------- d-----w- c:\users\suresh\appdata\local\SupportSoft
    2011-07-06 08:51:34 -------- d-----w- c:\program files\Airtel NetXpert
    2011-07-06 08:51:19 314 ----a-w- c:\users\suresh\launchAgent.bat
    2011-07-06 08:51:19 30 ----a-w- c:\users\suresh\launchDrTCP.bat
    2011-07-06 08:50:52 7057587 ----a-w- c:\users\suresh\agent.exe
    2011-07-06 08:50:52 53760 ----a-w- c:\users\suresh\DRTCP021.exe
    2011-07-04 08:13:14 16896 ----a-w- c:\windows\system32\KeyHook.dll
    .
    ==================== Find3M ====================
    .
    2011-07-28 06:33:58 73312 ----a-w- c:\windows\system32\drivers\adfs.sys
    2011-07-25 09:23:56 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-07-17 18:00:15 737280 ----a-w- c:\windows\iun6002.exe
    2011-06-25 22:57:02 71679 --sha-w- c:\windows\pstc.exe
    2011-06-25 22:46:14 71568 --sh--w- c:\windows\lksi.exe
    2011-06-25 22:44:20 59716 --sha-w- c:\windows\hpci.exe
    2011-06-11 02:37:19 2332672 ----a-w- c:\windows\system32\win32k.sys
    2011-06-02 17:53:02 94208 ----a-w- c:\windows\system32\dpl100.dll
    2011-06-02 05:58:05 290816 ----a-w- c:\windows\system32\KernelBase.dll
    2011-06-02 03:45:49 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2011-06-02 03:45:49 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2011-06-02 03:45:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2011-06-02 03:45:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2011-05-24 13:44:10 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-05-24 10:35:34 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
    2011-05-14 06:35:55 169984 ----a-w- c:\windows\system32\winsrv.dll
    2011-05-14 06:33:14 271872 ----a-w- c:\windows\system32\conhost.exe
    2011-05-03 04:50:29 740864 ----a-w- c:\windows\system32\inetcomm.dll
    2010-07-08 05:07:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe
    2007-07-17 06:43:45 61440 ----a-w- c:\program files\RGSGrowBounds.aex
    .
    ============= FINISH: 20:04:23.19 ===============
     
  6. gsureshmendon

    gsureshmendon TS Rookie Topic Starter

    ATTACH.TXT



    ATTACH
    ------------

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-06-23.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11/29/2009 1:39:48 AM
    System Uptime: 7/29/2011 5:19:17 PM (3 hours ago)
    .
    Motherboard: Compal | | 30F8
    Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz | CPU | 800/1066mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 49 GiB total, 8.591 GiB free.
    D: is FIXED (NTFS) - 110 GiB total, 5.213 GiB free.
    E: is FIXED (NTFS) - 9 GiB total, 2.924 GiB free.
    F: is CDROM ()
    H: is FIXED (NTFS) - 65 GiB total, 5.82 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010000_PID&C0AF\7&33DC9272&0&001D28C7B03B_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010000_PID&C0AF\7&33DC9272&0&001D28C7B03B_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{8E771301-0000-1000-8000-00805F9B34FB}_VID&00010000_PID&C0AF\7&33DC9272&0&001D28C7B03B_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{8E771301-0000-1000-8000-00805F9B34FB}_VID&00010000_PID&C0AF\7&33DC9272&0&001D28C7B03B_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&008C\7&33DC9272&0&9C18749B3D4D_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&008C\7&33DC9272&0&9C18749B3D4D_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_VID&00010000_PID&C0AF\7&33DC9272&0&001D28C7B03B_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_VID&00010000_PID&C0AF\7&33DC9272&0&001D28C7B03B_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{8E771401-0000-1000-8000-00805F9B34FB}_VID&00010000_PID&C0AF\7&33DC9272&0&001D28C7B03B_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{8E771401-0000-1000-8000-00805F9B34FB}_VID&00010000_PID&C0AF\7&33DC9272&0&001D28C7B03B_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000F\7&33DC9272&0&001BEE157220_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000F\7&33DC9272&0&001BEE157220_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00000004-0000-1000-8000-0002EE000002}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00000004-0000-1000-8000-0002EE000002}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_VID&00010001_PID&008C\7&33DC9272&0&9C18749B3D4D_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_VID&00010001_PID&008C\7&33DC9272&0&9C18749B3D4D_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&33DC9272&0&001BEE157220_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&33DC9272&0&001BEE157220_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Service:
    .
    Class GUID:
    Description:
    Device ID: USB\VID_138A&PID_0001\5&1479ABFB&0&2
    Manufacturer:
    Name:
    PNP Device ID: USB\VID_138A&PID_0001\5&1479ABFB&0&2
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{0000111B-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&33DC9272&0&001BEE157220_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{0000111B-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&33DC9272&0&001BEE157220_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00000000_PID&C056\7&33DC9272&0&001B59A07163_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00000000_PID&C056\7&33DC9272&0&001B59A07163_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{0000111B-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{0000111B-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Service:
    .
    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&33DC9272&0&001DFDEFDBF0_C00000000
    Service:
    .
    Class GUID:
    Description: pcouffin device ...
    Device ID: ROOT\PCOUFFIN\0000
    Manufacturer:
    Name: pcouffin device ...
    PNP Device ID: ROOT\PCOUFFIN\0000
    Service:
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    AC3Filter (remove only)
    Adobe Acrobat 9 Pro - English, Français, Deutsch
    Adobe Acrobat 9.4.5 - CPSID_83708
    Adobe After Effects CS4
    Adobe After Effects CS4 Presets
    Adobe After Effects CS4 Third Party Content
    Adobe AIR
    Adobe Anchor Service CS3
    Adobe Anchor Service CS4
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge CS4
    Adobe Bridge Start Meeting
    Adobe Camera Raw 4.0
    Adobe CMaps CS4
    Adobe Color - Photoshop Specific CS4
    Adobe Color EU Extra Settings CS4
    Adobe Color JA Extra Settings CS4
    Adobe Color NA Recommended Settings CS4
    Adobe Color Video Profiles AE CS4
    Adobe Color Video Profiles CS CS4
    Adobe CSI CS4
    Adobe Default Language CS4
    Adobe Device Central CS3
    Adobe Device Central CS4
    Adobe Dreamweaver CS3
    Adobe Drive CS4
    Adobe Dynamiclink Support
    Adobe ExtendScript Toolkit 2
    Adobe ExtendScript Toolkit CS4
    Adobe Extension Manager CS3
    Adobe Extension Manager CS4
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Linguistics CS4
    Adobe Media Encoder CS4
    Adobe Media Encoder CS4 Additional Exporter
    Adobe Media Encoder CS4 Exporter
    Adobe Media Encoder CS4 Importer
    Adobe Media Player
    Adobe MotionPicture Color Files CS4
    Adobe Output Module
    Adobe PDF Library Files CS4
    Adobe Photoshop CS4
    Adobe Photoshop CS4 Support
    Adobe Search for Help
    Adobe Service Manager Extension
    Adobe Setup
    Adobe Shockwave Player 11.5
    Adobe Type Support CS4
    Adobe Update Manager CS3
    Adobe Update Manager CS4
    Adobe Version Cue CS3 Client
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS4
    AdobeColorCommonSetCMYK
    AdobeColorCommonSetRGB
    Airtel NetXpert 3.0
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ashes Cricket 2009
    Autodesk DirectConnect 2009
    Autodesk MotionBuilder 7.5
    Baraha 9.3
    BitDefender Antivirus Pro 2011
    BitTorrent
    Bonjour
    Camtasia Studio 6
    Celtx (2.7)
    Connect
    ConvertXtoDVD 3.0.0.1
    Craft Director Studio
    DivX Setup
    DNA
    Download Accelerator Plus (DAP)
    eKalappai (remove only)
    ENE CIR Receiver Driver
    FBX Plugin 2009.0 for Max 2009
    Google Chrome
    Grammarly Add-In
    IDT Audio
    James Cameron's AVATAR(tm): THE GAME
    Java Auto Updater
    Java(TM) 6 Update 18
    Keyman Package - eKalappai20b
    kuler
    Macromedia Extension Manager
    Magic ISO Maker v5.5 (build 0274)
    MagicDisc 2.7.106
    Maya 2009
    Maya 2009 Documentation (en_US)
    Microsoft Office Excel MUI (English) 2010 (Beta)
    Microsoft Office Groove MUI (English) 2010 (Beta)
    Microsoft Office MondoOnly MUI (English) 2010 (Beta)
    Microsoft Office OneNote MUI (English) 2010 (Beta)
    Microsoft Office Outlook MUI (English) 2010 (Beta)
    Microsoft Office PowerPoint MUI (English) 2010 (Beta)
    Microsoft Office Proof (English) 2010 (Beta)
    Microsoft Office Proof (French) 2010 (Beta)
    Microsoft Office Proof (Spanish) 2010 (Beta)
    Microsoft Office Proofing (English) 2010 (Beta)
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
    Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)
    Microsoft Office Visio MUI (English) 2010 (Beta)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ Run Time Lib Setup
    Microsoft WSE 3.0 Runtime
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Murasu Anjal2000
    NVIDIA Drivers
    NVIDIA PhysX
    OpenOffice.org 3.2
    ParetoLogic PC Health Advisor
    PDF Settings CS4
    Photoshop Camera Raw
    Pixel Bender Toolkit
    PowerISO
    QuickTime
    RapidTyping
    RealFlow
    RealFlow Plugin for Maya
    Realtek 8136 8168 8169 Ethernet Driver
    Skype Toolbars
    Skype™ 5.3
    SpeedBit Video Downloader
    Suite Shared Configuration CS4
    Tavultesoft Keyman for ThamiZha! 6.0
    TeamViewer 6
    Trapcode Form
    Trapcode Particular
    VC80CRTRedist - 8.0.50727.4053
    Veoh Video Compass
    Veoh Web Player
    VLC media player 1.0.3
    Windows SideShow Managed Runtime 1.0
    WinRAR archiver
    WordWeb
    Xvid Video Codec
    ZBrush3
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/29/2011 8:03:35 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
    7/29/2011 7:28:39 PM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
    7/29/2011 7:24:51 PM, Error: Service Control Manager [7001] - The COM+ System Application service depends on the System Event Notification Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/29/2011 7:11:45 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/29/2011 6:38:21 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    7/29/2011 5:22:47 PM, Error: Microsoft-Windows-WMPNSS-Service [14333] - Service 'WMPNetworkSvc' did not start correctly due to error '0x8007042c'. Restart your computer, and then try to restart the service.
    7/29/2011 5:22:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    7/29/2011 5:20:57 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    7/29/2011 5:20:57 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
    7/29/2011 5:20:28 PM, Error: Service Control Manager [7023] - The i8042 Keyboard and PS/2 Mouse Port Controller service terminated with the following error: i8042 Keyboard and PS/2 Mouse Port Controller is not a valid Win32 application.
    7/29/2011 5:20:23 PM, Error: Service Control Manager [7000] - The DS1410D service failed to start due to the following error: The system cannot find the file specified.
    7/29/2011 4:55:16 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
    7/29/2011 4:53:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    7/29/2011 4:53:56 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    7/29/2011 4:53:47 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s).
    7/29/2011 4:53:26 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7034] - The i8042 Keyboard and PS/2 Mouse Port Controller service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/29/2011 4:53:16 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/29/2011 4:53:07 PM, Error: Service Control Manager [7034] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 4:53:07 PM, Error: Service Control Manager [7034] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 4:53:07 PM, Error: Service Control Manager [7034] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 4:53:07 PM, Error: Service Control Manager [7034] - The Superfetch service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 4:53:07 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
    7/29/2011 4:53:07 PM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/29/2011 3:57:38 PM, Error: Service Control Manager [7034] - The SupportSoft Sprocket Service (netxpert) service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 3:57:38 PM, Error: Service Control Manager [7034] - The SupportSoft Repair Service (netxpert) service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 3:33:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    7/29/2011 2:33:58 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/29/2011 2:28:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    7/29/2011 12:57:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0x8424f4a0, 0x8e91b82c, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072911-55208-01.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD bdfsfltr bdfwfpf DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    7/29/2011 12:48:52 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    7/29/2011 1:59:35 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: There are no more endpoints available from the endpoint mapper.
    7/29/2011 1:59:33 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/29/2011 1:59:33 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.
    7/29/2011 1:59:30 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/29/2011 1:59:02 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/29/2011 1:58:54 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/29/2011 1:46:07 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service has not been started.
    7/29/2011 1:45:26 PM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    7/29/2011 1:40:40 PM, Error: Service Control Manager [7023] - The System Event Notification Service service terminated with the following error: Overlapped I/O operation is in progress.
    7/29/2011 1:04:05 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
    7/29/2011 1:02:05 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/29/2011 1:02:05 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/29/2011 1:02:05 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/28/2011 9:50:01 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x005c00cd, 0x00000002, 0x00000001, 0x8408888c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072811-43227-01.
    7/28/2011 7:57:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
    7/28/2011 11:25:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows 7 Service Pack 1 (KB976932).
    7/27/2011 7:55:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    7/27/2011 12:30:51 AM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The pipe has been ended.
    7/27/2011 12:22:30 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x8410a419, 0x8e92bb50, 0x8e92b730). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072711-45505-01.
    7/26/2011 8:04:12 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    7/26/2011 4:42:15 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000074, 0x00000002, 0x00000001, 0x8407e88c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072611-61121-01.
    7/25/2011 6:29:30 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
    7/25/2011 5:36:55 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {E9513610-F218-4DDA-B954-2C7E6BA7CABB} as /. The error: "740" Happened while starting this command: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -Embedding
    7/25/2011 2:45:47 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Event Log service, but this action failed with the following error: An instance of the service is already running.
    7/25/2011 2:45:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/25/2011 2:44:52 PM, Error: Service Control Manager [7023] - The Remote Access Connection Manager service terminated with the following error: The parameter is incorrect.
    7/25/2011 2:44:47 PM, Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/25/2011 2:44:47 PM, Error: Service Control Manager [7031] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/25/2011 2:44:47 PM, Error: Service Control Manager [7031] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
    7/25/2011 2:44:47 PM, Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    7/25/2011 2:33:10 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    7/24/2011 5:44:28 AM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process.
    7/24/2011 12:43:52 AM, Error: Service Control Manager [7034] - The kmhfoot service terminated unexpectedly. It has done this 1 time(s).
    7/24/2011 1:35:27 PM, Error: Service Control Manager [7023] -
    7/23/2011 8:37:57 PM, Error: Service Control Manager [7034] - The DU Meter Service service terminated unexpectedly. It has done this 1 time(s).
    7/23/2011 8:18:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    7/23/2011 4:06:11 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x841042e1, 0x8e91bb50, 0x8e91b730). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072311-46847-01.
    7/23/2011 10:53:51 PM, Error: Service Control Manager [7034] - The NVIDIA Update Service service terminated unexpectedly. It has done this 1 time(s).
    7/23/2011 10:19:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    7/23/2011 10:19:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    7/23/2011 10:19:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    7/23/2011 10:19:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    7/23/2011 10:19:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bdfsfltr bdfwfpf discache SCDEmu spldr Wanarpv6
    7/22/2011 7:49:11 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume System Reserved.
    7/22/2011 7:49:11 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
    7/22/2011 7:48:47 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
    7/22/2011 1:50:03 PM, Error: Service Control Manager [7034] - The Problem Reports and Solutions Control Panel Support service terminated unexpectedly. It has done this 1 time(s).
    .
    ==== End Of File ===========================
     
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Okay, it's fairly easy to see where some of the 'overuse' is coming from. You've added some features to 'optimize' the system. What you didn't realize is they brought more than you asked for, like adding toolbars, browser helper objects and so on. Most 'optimizers' them selves, don't actually do much but use a lot of system resources while they run.

    The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. So we'll be removing some of them. There are several entries hat I can identify so we'll have to see if Combofix picks them up
    ======================================
    I strongly recommend that you remove everything you have from ParetoLogic. Not only are the products bad, but there are very few site that are safe to download them. I use the WOT Site Advisor and only click on 'green' sites. Most for this company are red or amber.
    =====================================
    What are you trying to do with all these .bat files?
    ======================================
    Java is way out of date. You have v6u18. The current is v6u26. Please update now: Java Updates After the update uninstall any earlier versions in Add/Remove Programs as they are vulnerabilities for the system.
    Note: Uncheck 'Install Yahoo Toolbar' on the download screen before you do the update.
    ======================================
    Let's see how much of this 'stuff' will be handled by the following:
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESETOnlineScan
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
      [o] Double click on the [​IMG]on your desktop.
    • Check 'Yes I accept terms of use.'
    • Click Start button
    • Accept any security warnings from your browser.
      [​IMG]
    • Uncheck 'Remove found threats'
    • Check 'Scan archives/
    • Leave remaining settings as is.
    • Press the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    • When the scan completes, press List of found threats
    • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    • Push the Back button
    • Push Finish

    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
    ============================================
    Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [​IMG]
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.

    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
     
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Forgot to ask: there are 17 Bluetooth Peripheral devices showing in the log. Could some/any of these account for the high usage?

    Additionally, I noticed you have Bit Torrent installed.
    P2P Warning:
    Note: Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall Bit Torrent for the following reasons:
    • As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
    • Malware writers use these program to include malicious content.
    • File sharing is usually unmonitored and there is a danger that your private files might be accessed.
    • The 'sharing' also includes malware that the shared system has on it.
    • Files that are illegal can be spread through file sharing.

    Please read the information on P2P Warning to help you better understand these dangers.
     
  9. gsureshmendon

    gsureshmendon TS Rookie Topic Starter

    ESET and COMBO FIX

    Hi man did everything as you instructed.

    ESETScan

    D:\BitDefender Antivirus Pro 2011 14.0.22.326 By Adrian Dennis.rar Win32/Packed.Autoit.E.Gen application
    D:\James Cameron's Avatar The Game [PC ~ Multi6] RELOADED.iso Win32/Packed.VMProtect.D trojan
    D:\ParetoLogic_PC_Health_Advisor_3_0__Patch_by_goodperson541.rar a variant of Win32/Delf.PSD trojan
    D:\Maya2010_Win32\Maya 2010\Crack\xf-maya2010-32bits.rar a variant of Win32/Keygen.BL application
    D:\softwares\Camtasia Studio 6.0.0 Build 689 [ iron Doom ]\keygen.rar probably a variant of Win32/Keygen.BJ application
    ===============================================================


    COMBO FIX

    ComboFix 11-08-03.02 - Suresh 08/03/2011 16:12:03.1.2 - x86
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3069.1560 [GMT 5.5:30]
    Running from: d:\softwares\ComboFix.exe
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
    c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
    c:\users\Suresh\agent.exe
    c:\users\Suresh\AppData\Roaming\inst.exe
    c:\users\Suresh\DRTCP021.exe
    c:\windows\iun6002.exe
    c:\windows\system32\E6e14QyY.exe
    c:\windows\system32\wvsrvnil.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Legacy_NPF
    -------\Service_NPF
    -------\Service_raywatrz
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-07-03 to 2011-08-03 )))))))))))))))))))))))))))))))
    .
    .
    2011-08-03 10:54 . 2011-08-03 11:03 -------- d-----w- c:\users\Suresh\AppData\Local\temp
    2011-08-03 10:54 . 2011-08-03 10:54 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-08-02 05:40 . 2011-08-02 05:40 -------- d-----w- c:\program files\ESET
    2011-08-02 05:39 . 2011-08-02 05:40 -------- d-----w- c:\windows\Downloaded Program Files
    2011-08-02 05:39 . 2011-08-02 05:39 -------- d-----w- c:\program files\Common Files\Java
    2011-08-02 05:38 . 2011-08-02 05:38 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-08-01 07:04 . 2011-08-01 07:04 -------- d-----w- c:\program files\Pixar
    2011-07-30 18:03 . 2011-07-30 18:03 -------- d-----w- c:\program files\Chaos Group
    2011-07-30 17:52 . 2011-07-30 18:04 -------- d-----w- c:\program files\Common Files\ChaosGroup
    2011-07-29 13:58 . 2011-07-29 14:48 -------- d-----w- c:\windows\debug
    2011-07-29 11:35 . 2011-07-29 11:35 -------- d-----w- c:\users\Suresh\AppData\Roaming\Malwarebytes
    2011-07-29 11:35 . 2011-07-29 11:35 -------- d-----w- c:\programdata\Malwarebytes
    2011-07-29 11:35 . 2011-07-29 11:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-07-29 10:02 . 2011-07-29 10:02 -------- d-----w- c:\windows\system32\wbem\Logs
    2011-07-29 09:50 . 2011-07-29 09:50 -------- d--h--w- c:\windows\PIF
    2011-07-29 09:49 . 2011-07-29 09:49 -------- d-----w- c:\program files\Common Files\ParetoLogic
    2011-07-29 09:49 . 2011-07-29 09:49 -------- d-----w- c:\program files\ParetoLogic
    2011-07-29 09:19 . 2011-07-29 09:19 -------- d-----w- c:\users\Suresh\AppData\Roaming\ParetoLogic
    2011-07-29 09:19 . 2011-07-29 09:19 -------- d-----w- c:\users\Suresh\AppData\Roaming\DriverCure
    2011-07-29 09:19 . 2011-07-29 09:49 -------- d-----w- c:\programdata\ParetoLogic
    2011-07-27 17:59 . 2011-07-27 17:59 -------- d-----w- c:\users\Suresh\AppData\Local\DDMSettings
    2011-07-27 08:45 . 2009-08-19 18:20 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
    2011-07-26 17:57 . 2009-08-19 18:20 46928 ----a-w- c:\windows\system32\AdobePDF.dll
    2011-07-26 17:47 . 2011-07-26 17:47 -------- d-----w- c:\program files\Applied Linguistics
    2011-07-25 12:50 . 2011-07-25 12:50 194 ----a-w- c:\windows\system32\RBDELDRV.BAT
    2011-07-25 09:27 . 2011-07-25 09:27 -------- d-----w- c:\programdata\bdch
    2011-07-25 09:23 . 2011-07-25 09:23 801792 ----a-w- c:\windows\system32\FntCache.dll
    2011-07-24 12:26 . 2011-04-28 03:29 393216 ----a-w- c:\windows\system32\drivers\bthport.sys
    2011-07-24 12:26 . 2011-04-28 03:29 60416 ------w- c:\windows\system32\drivers\BTHUSB.SYS
    2011-07-24 07:57 . 2011-07-24 07:57 -------- d-----w- c:\windows\system32\Wat
    2011-07-23 21:56 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
    2011-07-23 21:52 . 2009-11-25 07:17 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2011-07-23 21:52 . 2009-11-25 07:17 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2011-07-23 21:52 . 2009-11-25 07:17 297808 ----a-w- c:\windows\system32\mscoree.dll
    2011-07-23 21:52 . 2009-11-25 07:17 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2011-07-23 21:52 . 2009-11-25 07:17 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2011-07-23 21:33 . 2011-07-23 21:33 -------- d-----w- c:\program files\MSXML 4.0
    2011-07-23 17:39 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
    2011-07-23 17:39 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll
    2011-07-23 17:39 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-07-23 17:39 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
    2011-07-23 17:39 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-07-23 17:39 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
    2011-07-23 17:39 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2011-07-23 17:37 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2011-07-23 17:35 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-07-23 17:35 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-07-23 17:35 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
    2011-07-23 17:35 . 2010-10-16 04:41 101760 ----a-w- c:\windows\system32\consent.exe
    2011-07-23 17:35 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll
    2011-07-23 17:35 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll
    2011-07-23 17:35 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
    2011-07-23 17:35 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
    2011-07-23 17:35 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
    2011-07-23 17:35 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-07-23 17:35 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2011-07-23 17:35 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-07-23 17:18 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
    2011-07-23 17:17 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
    2011-07-23 16:45 . 2011-07-23 16:45 -------- d-----w- c:\users\Suresh\AppData\Roaming\BitDefender
    2011-07-23 16:44 . 2011-07-23 16:44 -------- d-----w- c:\program files\BitDefender
    2011-07-23 16:40 . 2011-07-23 16:40 -------- d-----w- c:\programdata\99eb0000-107a-4b20-2aa4-d69b7ea7d0b4
    2011-07-23 16:01 . 2011-07-23 16:01 -------- d-----w- c:\programdata\87c30000-547f-4384-cf3c-92fd46ae0397
    2011-07-23 15:23 . 2011-07-23 15:23 -------- d-----w- c:\users\Suresh\AppData\Roaming\QuickScan
    2011-07-23 15:22 . 2010-07-27 07:20 253072 ----a-w- c:\windows\system32\drivers\Trufos.sys
    2011-07-23 15:22 . 2011-07-23 16:45 -------- d-----w- c:\programdata\BitDefender
    2011-07-23 15:22 . 2011-07-23 16:44 -------- d-----w- c:\program files\Common Files\BitDefender
    2011-07-23 15:20 . 2010-07-27 07:05 327368 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
    2011-07-23 15:20 . 2011-07-23 16:46 816727 ----a-w- c:\programdata\bdinstall.bin
    2011-07-22 10:44 . 2011-07-23 15:14 -------- d-----w- c:\programdata\Big Fish Games
    2011-07-22 10:43 . 2011-07-23 15:14 -------- d-----w- C:\BigFishGamesCache
    2011-07-19 14:19 . 2011-07-19 14:19 -------- d-----w- c:\windows\Sun
    2011-07-19 14:04 . 2011-07-19 14:04 71680 --sha-r- c:\windows\system32\httpapiu.dll
    2011-07-19 06:42 . 2011-07-19 06:44 -------- d-----w- c:\program files\DAP
    2011-07-18 11:06 . 2011-07-25 12:05 -------- d-----w- c:\program files\DU Meter
    2011-07-17 18:00 . 2011-07-17 18:27 -------- d-----w- c:\users\Suresh\AppData\Roaming\ISP Monitor
    2011-07-17 04:45 . 2011-07-17 04:48 -------- d-----w- c:\programdata\Solidshield
    2011-07-17 04:25 . 2011-07-17 04:25 -------- d-----w- c:\program files\Ubisoft
    2011-07-15 22:57 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{50A69DC4-5D56-4F38-B39A-A306D4FA8CE4}\mpengine.dll
    2011-07-10 05:32 . 2011-08-03 10:39 -------- d-----w- c:\users\Administrator.Suresh-PC
    2011-07-06 15:15 . 1998-12-05 07:48 172032 ------w- c:\windows\system32\AniGIF.ocx
    2011-07-06 08:52 . 2011-07-06 08:52 161 ----a-w- c:\users\Suresh\startAgent.bat
    2011-07-06 08:51 . 2011-07-06 08:51 -------- d-----w- c:\program files\Common Files\SupportSoft
    2011-07-06 08:51 . 2011-07-06 08:51 -------- d-----w- c:\users\Suresh\AppData\Local\SupportSoft
    2011-07-06 08:51 . 2011-07-06 08:51 -------- d-----w- c:\program files\Airtel NetXpert
    2011-07-06 08:51 . 2011-07-06 08:51 -------- d-----w- c:\programdata\SupportSoft
    2011-07-06 08:51 . 2011-07-06 08:51 314 ----a-w- c:\users\Suresh\launchAgent.bat
    2011-07-06 08:51 . 2011-07-06 08:51 30 ----a-w- c:\users\Suresh\launchDrTCP.bat
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-07-28 06:33 . 2008-08-14 02:27 73312 ----a-w- c:\windows\system32\drivers\adfs.sys
    2011-06-25 22:57 . 2011-06-25 22:57 71679 --sha-w- c:\windows\pstc.exe
    2011-06-25 22:46 . 2011-06-25 22:46 71568 ------w- c:\windows\lksi.exe
    2011-06-23 21:36 . 2011-06-23 21:36 69632 ----a-r- c:\users\Suresh\AppData\Roaming\Microsoft\Installer\{6084D038-3401-4C9D-A216-86E6EEA25AFB}\ZBrush3.exe1_6084D03834014C9DA21686E6EEA25AFB.exe
    2011-06-23 21:36 . 2011-06-23 21:36 69632 ----a-r- c:\users\Suresh\AppData\Roaming\Microsoft\Installer\{6084D038-3401-4C9D-A216-86E6EEA25AFB}\ZBrush3.exe_6084D03834014C9DA21686E6EEA25AFB.exe
    2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\system32\dpl100.dll
    2011-05-24 13:44 . 2009-11-29 01:20 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-07-08 05:07 . 2010-07-08 05:07 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
    2007-07-17 06:43 . 2008-02-08 11:51 61440 ----a-w- c:\program files\RGSGrowBounds.aex
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitTorrent"="c:\program files\BitTorrent\bittorrent.exe" [2011-04-10 400760]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitDefender Antiphishing Helper"="c:\program files\bitdefender\bitdefender 2011\ieshow.exe" [2010-07-19 71216]
    "BDAgent"="c:\program files\bitdefender\bitdefender 2011\bdagent.exe" [2010-07-28 1403000]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe" [2011-03-08 234656]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "mixer"=wdmaud.drv
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Murasu Anjal2000.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Murasu Anjal2000.lnk
    backup=c:\windows\pss\Murasu Anjal2000.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^Users^Suresh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
    path=c:\users\Suresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
    backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
    2010-09-22 12:41 640440 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
    2011-06-07 15:24 40376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
    2011-07-28 06:33 611712 ------w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
    2011-04-10 06:49 400760 ----a-w- c:\program files\BitTorrent\bittorrent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
    2009-11-30 17:15 323392 ----a-w- c:\users\Suresh\Program Files\DNA\btdna.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
    2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fsb]
    2010-05-05 17:35 77824 ----a-w- c:\windows\System32\fsb.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2009-11-28 21:49 135664 ----atw- c:\users\Suresh\AppData\Local\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    2005-02-16 10:45 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\netxpert]
    2010-05-10 03:32 206120 ----a-w- c:\program files\Airtel NetXpert\bin\sprtcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    2009-08-19 09:54 13793824 ----a-w- c:\windows\System32\nvcpl.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    2006-05-20 10:13 188416 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-03-17 16:23 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    2011-06-15 09:32 15141768 ----a-r- c:\program files\Skype\Phone\Skype.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Speech Recognition]
    2009-07-14 01:14 51712 ----a-w- c:\windows\Speech\Common\sapisvr.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-04-08 07:29 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
    2009-07-22 04:03 458844 ----a-w- c:\program files\IDT\WDM\sttray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
    2010-04-28 18:15 2633976 ------w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WordWeb]
    2009-11-08 17:48 65216 ------w- c:\program files\WordWeb\wweb32.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
    2011-01-17 19:41 8192 ----a-w- c:\program files\Xvid\CheckUpdate.exe
    .
    R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys [2010-02-25 105984]
    R3 iscFlash;iscFlash;c:\program files\SP45765\iscflash.sys [2009-06-16 13312]
    R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-22 116136]
    R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-07-14 299008]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-23 1343400]
    R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [x]
    R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe [2009-03-03 81920]
    R4 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2010-06-28 633424]
    R4 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2010-06-28 970320]
    R4 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.exe [2010-09-27 135168]
    R4 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2010-02-26 26168]
    R4 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-02 721904]
    S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-07-15 88656]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 sprtsvc_netxpert;SupportSoft Sprocket Service (netxpert);c:\program files\Airtel NetXpert\bin\sprtsvc.exe [2010-05-10 206120]
    S2 tgsrvc_netxpert;SupportSoft Repair Service (netxpert);c:\program files\Airtel NetXpert\bin\tgsrvc.exe [2010-05-10 185640]
    S2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [2010-07-20 42912]
    S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-05-13 152528]
    S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-05-20 59904]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-05-11 64544]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-08-02 c:\windows\Tasks\At3.job
    - c:\windows\pstc.exe [2011-06-25 22:57]
    .
    2011-08-02 c:\windows\Tasks\At4.job
    - c:\windows\lksi.exe [2011-06-25 22:46]
    .
    2011-08-02 c:\windows\Tasks\At5.job
    - c:\windows\hpci.exe [2011-06-25 22:44]
    .
    2011-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1694817892-1893496286-3961741074-1000Core.job
    - c:\users\Suresh\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-28 21:49]
    .
    2011-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1694817892-1893496286-3961741074-1000UA.job
    - c:\users\Suresh\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-28 21:49]
    .
    2011-08-02 c:\windows\Tasks\ParetoLogic Registration3.job
    - c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-10-12 05:01]
    .
    2011-07-29 c:\windows\Tasks\ParetoLogic Update Version3.job
    - c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
    .
    2011-08-02 c:\windows\Tasks\PC Health Advisor Defrag.job
    - c:\program files\ParetoLogic\PCHA\PCHA.exe [2010-09-30 09:53]
    .
    2011-07-29 c:\windows\Tasks\PC Health Advisor.job
    - c:\program files\ParetoLogic\PCHA\PCHA.exe [2010-09-30 09:53]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://search.speedbit.com
    mStart Page = about:blank
    uInternet Settings,ProxyOverride = *.local;<local>
    IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
    IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.1.1
    Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
    Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
    .
    - - - - ORPHANS REMOVED - - - -
    .
    BHO-{3017FB3E-9A77-4396-88C5-0EC9548FB42F} - c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
    BHO-{31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
    BHO-{467C1A57-C8F7-ED97-851B-7C2BD734A397} - c:\windows\system32\wvsrvnil.dll
    WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    HKCU-Run-AdobeBridge - (no file)
    MSConfigStartUp-DNS7reminder - c:\program files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe
    MSConfigStartUp-FileZilla Server Interface - c:\program files\FileZilla Server\FileZilla Server Interface.exe
    MSConfigStartUp-googletalk - c:\program files\Google\Google Talk\googletalk.exe
    MSConfigStartUp-ISUSPM Startup - c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
    MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
    MSConfigStartUp-SSBkgdUpdate - c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
    AddRemove-V-Ray for Maya 2012 for x86 - d:\program files\Autodesk\Maya2009\bin\plug-ins/uninstall/wininstaller.exe-uninstall=d:\program files\Autodesk\Maya2009\bin\plug-ins/uninstall/install.log
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,bd,83,bf,ed,7c,86,41,83,80,4a,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,bd,83,bf,ed,7c,86,41,83,80,4a,\
    .
    [HKEY_USERS\.Default\Software\SetId\Internal]
    @Denied: (A 2) (LocalSystem)
    "DEVICE2"="vcvIsaaxyAA="
    "DATA2"="<settings accountStatus=\"4\" oldDevice=\"\" timeDiff=\"1106312873\" expireTime=\"1309830893\" productStatus=\"1\" obSize=\"0\" InstallSTD=\"1289332796\" isSubsc=\"0\" authStat_av=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"3\" moduleId1=\"9\" moduleId2=\"0\" relType=\"1\" />"
    .
    [HKEY_USERS\S-1-5-21-1694817892-1893496286-3961741074-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Photo Manager 2009.v11o"
    .
    [HKEY_USERS\S-1-5-21-1694817892-1893496286-3961741074-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Photo Manager 2009.v11p"
    .
    [HKEY_USERS\S-1-5-21-1694817892-1893496286-3961741074-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Photo Manager 2009.v11pf"
    .
    [HKEY_USERS\S-1-5-21-1694817892-1893496286-3961741074-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Photo Manager 2009.xmp"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'Explorer.exe'(1364)
    c:\windows\System32\netshell.dll
    c:\windows\System32\QUtil.dll
    c:\windows\System32\npmproxy.dll
    c:\windows\System32\hgcpl.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\nvvsvc.exe
    c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe
    c:\windows\system32\nvvsvc.exe
    c:\windows\system32\rundll32.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    c:\windows\system32\DllHost.exe
    c:\windows\system32\taskhost.exe
    c:\windows\system32\UI0Detect.exe
    c:\windows\system32\conhost.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\servicing\TrustedInstaller.exe
    .
    **************************************************************************
    .
    Completion time: 2011-08-03 16:41:37 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-08-03 11:11
    .
    Pre-Run: 5,858,697,216 bytes free
    Post-Run: 7,009,734,656 bytes free
    .
    - - End Of File - - A03C5CDDD46A1B306946EAAECBA08DB4
    ===============================================================
     
  10. gsureshmendon

    gsureshmendon TS Rookie Topic Starter

    Done

    ============================================
    What are you trying to do with all these .bat files?


    Quote:



    2011-07-06 08:52:44 161 ----a-w- c:\users\suresh\startAgent.bat
    2011-07-06 08:51:19 314 ----a-w- c:\users\suresh\launchAgent.bat
    2011-07-06 08:51:19 30 ----a-w- c:\users\suresh\launchDrTCP.bat
    2011-07-25 12:50:53 194 ----a-w- c:\windows\system32\RBDELDRV.BAT


    ============================================


    My answer is "I DONT KNOW" :)


    Then i uninstalled ParetoLogic

    updated Java

    ============================================

    Forgot to ask: there are 17 Bluetooth Peripheral devices showing in the log. Could some/any of these account for the high usage?

    ============================================

    My answer is "HELP ME PLZ"


    and BIT TORRENT any excuses can i get for this. Badly need that for collecting animation tutorials.

    ============================================
     
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Regarding the .bat files You answer of "I don't know" is not enough:
    1. Are you the Administrator on this system?
    2. Are there other accounts?
    3. Do you mean that you or the Administrator didn't set up these batch files?
    4. Is your account name suresh?
    =====================================
    I can't answer the question about the Bluetooth peripherals because I don't know what they are. But I do know that having 17 of them isn't 'normal!
    ===========================================
    For the Eset entries:

    Please download OTMovit by Old Timer and save to your desktop.
    • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
      Code:
      :Files  
      D:\BitDefender Antivirus Pro 2011 14.0.22.326 By Adrian Dennis.rar 
      D:\James Cameron's Avatar The Game [PC ~ Multi6] RELOADED.iso 
      D:\ParetoLogic_PC_Health_Advisor_3_0__Patch_by_goodperson541.rar 
      D:\Maya2010_Win32\Maya 2010\Crack\xf-maya2010-32bits.rar 
      D:\softwares\Camtasia Studio 6.0.0 Build 689 [ iron Doom ]\keygen.rar
      :Commands
      [purity]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
    • Click the red Moveit! button.
    • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
    • Close OTMoveIt3
    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
    ==========================================
    It would appear that you're using Bit Torrent for more than tutorials: All of the entries in Eset are from pirated programs.
    Pirated Programs:
    1. Maya2010
    2. Camtasia Studio 6.0.0 Build 689
    3. James Cameron's Avatar The Game [PC ~ Multi6]
    4. BitDefender Antivirus Pro 2011
    5. ParetoLogic_PC_Health_Advisor

    ===================================================
    Download CKScanner and save to your desktop.
    • Doubleclick CKScanner.exe and click Search For Files.
    • When the cursor hourglass disappears, click Save List To File.
    • A message box will verify that the file is saved.
    • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents
      in your next reply.
     
  12. gsureshmendon

    gsureshmendon TS Rookie Topic Starter

    Now i uninstalled BitTorrent

    The QandA
    1. Are you the Administrator on this system? YES
    2. Are there other accounts? YES, but created by me
    3. Do you mean that you or the Administrator didn't set up these batch files? YES
    4. Is your account name suresh? YES

    ===============================================================

    Bluetooth peripherals : Is ther any option to disable it - My friends sometimes ask me to send some pics or mp3s from my laptop so i use my laptops bluetooth and they connect with their mobile bluetooth to transfer the files. Can i go and delete all those bluetooth names in my devices list. Pls Correct me

    ===============================================================

    All processes killed
    ========== FILES ==========
    File/Folder D:\BitDefender Antivirus Pro 2011 14.0.22.326 By Adrian Dennis.rar not found.
    File move failed. D:\James Cameron's Avatar The Game [PC ~ Multi6] RELOADED.iso scheduled to be moved on reboot.
    File/Folder D:\ParetoLogic_PC_Health_Advisor_3_0__Patch_by_goodperson541.rar not found.
    D:\Maya2010_Win32\Maya 2010\Crack\xf-maya2010-32bits.rar moved successfully.
    D:\softwares\Camtasia Studio 6.0.0 Build 689 [ iron Doom ]\keygen.rar moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes

    User: Administrator.Suresh-PC
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 41620 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: Suresh
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 59371834 bytes
    ->Java cache emptied: 10597484 bytes
    ->Flash cache emptied: 7746 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 13278 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 67.00 mb


    OTM by OldTimer - Version 3.1.18.0 log created on 08062011_124854

    Files moved on Reboot...
    File move failed. D:\James Cameron's Avatar The Game [PC ~ Multi6] RELOADED.iso scheduled to be moved on reboot.

    Registry entries deleted on Reboot...

    ===============================================================

    I think i already deleted those files , i visited those file paths the file doesn't exist.

    ===============================================================

    CKScanner - Additional Security Risks - These are not necessarily bad
    c:\flexlm\awkeygen.exe
    c:\program files\autodesk\maya2009\brushes\fun\cracks.mel
    c:\program files\autodesk\maya2009\brushes\fun\cracks.mel.icon
    c:\program files\autodesk\maya2009\docs\maya2009\en_us\files\uv_texture_mapping_creating_a_cracker_box_model.htm
    c:\program files\autodesk\maya2009\scripts\others\crackshatter.mel
    c:\program files\autodesk\maya2009\scripts\others\crackshatter.res.mel
    c:\program files\du meter\crack\dumeter.exe
    c:\program files\du meter\crack\dumetersvc.exe
    c:\program files\du meter\crack\registration.reg
    c:\users\suresh\documents\e-on software\vue 7 xstream\objects\miscellaneous\boolean objects\24_cracked sphere.vob
    c:\users\suresh\downloads\real_money_doubling_forex_robot_fap_turbo_-_sells_like_candy!_full_cracked_sept_2009_.exe (1).torrent
    c:\users\suresh\downloads\real_money_doubling_forex_robot_fap_turbo_-_sells_like_candy!_full_cracked_sept_2009_.exe.torrent
    c:\_otm\movedfiles\08062011_124854\d_maya2010_win32\maya 2010\crack\xf-maya2010-32bits.rar
    c:\_otm\movedfiles\08062011_124854\d_softwares\camtasia studio 6.0.0 build 689 [ iron doom ]\keygen.rar
    scanner sequence 3.JD.11.UNAPUD
    ----- EOF -----
     
  13. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You will have to search for which of those Bluetooth devices is doing what and why there are so many! I do not suggest you delete them all. Something put them there.

    About the batch files: Because of your history of using files sharing, cracks and keygens, I won't remove the files. There are on your account and recently set up.
     
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Please round up the bits of information you've put in the 3 threads about this same problem and input it here, on this thread.
     
  15. gsureshmendon

    gsureshmendon TS Rookie Topic Starter

    Its getting bigger

    My problem is not the same now. Its getting bigger that now i cant access my net and my display is also not working. See im ready to uninstall anything which corrupts my routine digital life. So, help me out of those batch files now mainly on my services. Its not working it says authentication is not there for me to start a service. so System notification, tcp/ip, win event log not getting start. And my DHCP service says starting..... but holds there still.

    Im planning to renstall win7 and go to my home winxp baby.

    Now tell me wat to do
     
  16. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    There are so many problems with the system that I don't think you have any choice other than to reformat and reinstall:

    Things to be concerned about:

    1. No hard drive space free:
    C: is FIXED (NTFS) - 49 GiB total, 8.591 GiB free.
    D: is FIXED (NTFS) - 110 GiB total, 5.213 GiB free.
    E: is FIXED (NTFS) - 9 GiB total, 2.924 GiB free.
    Total hard drive space= 168GB Total Hard drive space available=None

    2. System install date shows: Install Date: 11/29/2009 1:39:48 AM
    There are no updates for security or Windows.

    3. 17 Bluetooth Devices

    4. No System Restore points.>> Errors have shut it down

    5. Outdated Beta version: This may be what need Authentication
    Microsoft Office Excel MUI (English) 2010 (Beta)
    Microsoft Office Groove MUI (English) 2010 (Beta)
    Microsoft Office MondoOnly MUI (English) 2010 (Beta)
    Microsoft Office OneNote MUI (English) 2010 (Beta)
    Microsoft Office Outlook MUI (English) 2010 (Beta)
    Microsoft Office PowerPoint MUI (English) 2010 (Beta)
    Microsoft Office Proof (English) 2010 (Beta)
    Microsoft Office Proof (French) 2010 (Beta)
    Microsoft Office Proof (Spanish) 2010 (Beta)
    Microsoft Office Proofing (English) 2010 (Beta)
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
    Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)

    6. Multiple Errors in the Even Viewer for Services not starting, in part because their dependencies weren't running.

    7. Error: The file system structure on the disk is corrupt and unusable on volume System Reserved and volume C.
    7/22/2011 7:49:11 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the :.
    Error: Failing updates: This problem can be caused by system corruption on your computer.

    And lastly, I have to wonder if you have a legitimate copy of Windows 7.
     
  17. gsureshmendon

    gsureshmendon TS Rookie Topic Starter

    Ba bye

    Already done . You are late
     
  18. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    People like you who don't even bother with a thank you, make a smart a.. comment instead, make me sorry I wasted my time on you.

    This thread is closed.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...