PC in general slow and browsing is slower

[maheshn1980]

Hi,

thanks for reading. My PC is dragging for the last 2 weeks. Somtimes the webpages don't open up and it takes forever for the browser(firefox) to open up even simple htms. I tried restarting but it stopped after reaching the desktop (the taskbar and desktop icons didn't load, only the wallpaper and the active mouse pointer were visible). I had to system restore it to 1 month back. Then it worked for a few days but again it happened today. Below is the HijackThis log. Pls help.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:27:57 PM, on 6/11/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\DU Meter\DUMeterSvc.exe

C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\WINDOWS\system32\vmnat.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Bitdefender\Bitdefender 2013\BdParentalSysTray.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\EssentialFax\essfaxcontrol.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\DU Meter\DUMeter.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Mahesh\Local Settings\Application Data\Smartbar\Application\QuickShare.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files\DFX\DFX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\TeamViewer\Version8\TeamViewer.exe

C:\Program Files\TeamViewer\Version8\tv_w32.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Essential Fax Print Controller] "C:\Program Files\EssentialFax\essfaxcontrol.exe"

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [HP CP1020 System Tray] "C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [instaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup

O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

O4 - HKLM\..\Run: [bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Documents and Settings\Mahesh\Local Settings\Application Data\Smartbar\Application\QuickShare.exe startup

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: DFX.lnk = ?

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O10 - Unknown file in Winsock LSP: c:\program files\bitdefender\bitdefender 2013\bdprovider.dll

O10 - Unknown file in Winsock LSP: c:\program files\bitdefender\bitdefender 2013\bdprovider.dll

O10 - Unknown file in Winsock LSP: c:\program files\bitdefender\bitdefender 2013\bdprovider.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll

O10 - Unknown file in Winsock LSP: c:\program files\bitdefender\bitdefender 2013\bdprovider.dll

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://www.filremoteaccess.in.fid-intl.com/dana-cached/sc/JuniperSetupClient.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{35B6FB71-F41F-48FA-8A04-0D6DE2C0DCB6}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{3F44C06E-5112-4B82-B719-A855C677FC51}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{71699057-6F90-4510-B68C-46C8D792C1B0}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{35B6FB71-F41F-48FA-8A04-0D6DE2C0DCB6}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{35B6FB71-F41F-48FA-8A04-0D6DE2C0DCB6}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe

O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe

O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe

O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PACSPTISVR-Sound_Organizer - Sony Corporation - C:\Program Files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe

O23 - Service: SafeBox - Bitdefender - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe

O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

--

End of file - 14747 bytes

[Maniac]

Hello maheshn1980 and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  

Please follow the instructions here and post your log files:

http://forums.malwarebytes.org/index.php?showtopic=9573

[maheshn1980]

Thanks Maniac. Following are the log files.

DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Mahesh at 22:35:06 on 2013-06-11

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3036.1600 [GMT 5.5:30]

.

FW: Bitdefender Firewall *Disabled*

.

============== Running Processes ================

.

C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\DU Meter\DUMeterSvc.exe

C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\WINDOWS\system32\vmnat.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Bitdefender\Bitdefender 2013\BdParentalSysTray.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\EssentialFax\essfaxcontrol.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\DU Meter\DUMeter.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Mahesh\Local Settings\Application Data\Smartbar\Application\QuickShare.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files\DFX\DFX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\TeamViewer\Version8\TeamViewer.exe

C:\Program Files\TeamViewer\Version8\tv_w32.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Program Files\Bitdefender\Bitdefender 2013\downloader.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k bthsvcs

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = about:blank

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [DU Meter] c:\program files\du meter\DUMeter.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [browser Infrastructure Helper] c:\documents and settings\mahesh\local settings\application data\smartbar\application\QuickShare.exe startup

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Essential Fax Print Controller] "c:\program files\essentialfax\essfaxcontrol.exe"

mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r

mRun: [P17Helper] Rundll32 P17.dll,P17Helper

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon

mRun: [HP CP1020 System Tray] "c:\program files\hp\hp laserjet professional cp1020 series\HPCP1020STRAY.EXE"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup

mRun: [iTSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /START

mRun: [bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-f400-7760-000000000003}\_SC_Acrobat.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dfx.lnk - c:\program files\dfx\DFX.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

LSP: c:\program files\bitdefender\bitdefender 2013\BdProvider.dll

LSP: %windir%\system32\vsocklib.dll

DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://www.filremoteaccess.in.fid-intl.com/dana-cached/sc/JuniperSetupClient.cab

TCP: Interfaces\{35B6FB71-F41F-48FA-8A04-0D6DE2C0DCB6} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

TCP: Interfaces\{3F44C06E-5112-4B82-B719-A855C677FC51} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

TCP: Interfaces\{71699057-6F90-4510-B68C-46C8D792C1B0} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\mahesh\application data\mozilla\firefox\profiles\6ekfd2sp.default-1368554305140\

FF - prefs.js: browser.startup.homepage - about:blank

FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll

.

============= SERVICES / DRIVERS ===============

.

R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2013-5-18 633344]

R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2013-5-18 162976]

R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2011-7-13 13616]

R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2011-7-13 5632]

R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2011-7-13 13616]

R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2012-10-24 71152]

R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2013-4-29 61464]

R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-2-5 18544]

R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2013-5-18 72704]

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2013-4-29 188176]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2013-4-29 94480]

R2 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2013\bdparentalservice.exe [2013-5-18 62688]

R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2013-2-13 152576]

R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2013-2-13 49152]

R2 DUMeterSvc;DU Meter Service;c:\program files\du meter\DUMeterSvc.exe [2012-5-6 1382672]

R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2012-2-5 68136]

R2 SafeBox;SafeBox;c:\program files\bitdefender\bitdefender safebox\safeboxservice.exe [2013-5-18 82824]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2012-12-11 4150112]

R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2013\updatesrv.exe [2013-5-18 55984]

R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-10-11 721048]

R3 acfva;acfva;c:\windows\system32\drivers\ACFVA32.sys [2012-4-29 87040]

R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2013-5-18 242504]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2013-5-18 116560]

R3 dgcfltr;DGC Filter Driver;c:\windows\system32\drivers\ACFDCP32.sys [2012-4-29 28928]

R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2012-2-5 65136]

R3 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2013-2-13 246936]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2013-4-12 104720]

R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2013-4-12 115984]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-2-5 1691480]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\fxxandroidusb.sys [2012-8-14 25728]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2013-5-18 486536]

S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2013-5-18 66392]

S3 HPFXBULKLEDM;HPFXBULKLEDM;c:\windows\system32\drivers\hppcbulkio.sys [2012-5-27 20792]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2013-1-15 18432]

S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer;c:\program files\sony\sound organizer\sony.earth\PACSPTISVR.exe [2010-11-19 157024]

S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\drivers\fxx\qcusbser.sys [2012-8-14 103424]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-06-11 03:34:36 388096 ----a-r- c:\documents and settings\mahesh\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2013-06-11 03:34:35 -------- d-----w- c:\program files\Trend Micro

2013-06-11 03:10:44 -------- d-----w- c:\windows\system32\wbem\repository\FS

2013-06-11 03:10:44 -------- d-----w- c:\windows\system32\wbem\Repository

2013-06-08 10:49:54 -------- d-sh--w- c:\documents and settings\mahesh\PrivacIE

2013-06-05 14:03:00 -------- d-----w- c:\program files\WinDirStat

2013-06-05 04:40:34 -------- d-----w- C:\StockLiveDF

2013-05-30 21:46:02 -------- d-----w- c:\documents and settings\mahesh\local settings\application data\bdch

2013-05-30 21:46:00 -------- d-----w- c:\documents and settings\all users\application data\bdch

2013-05-25 02:02:36 -------- d-----w- c:\program files\SubMagic

2013-05-18 04:22:40 376405 ----a-w- c:\documents and settings\all users\application data\1368850249.bdinstall.bin

2013-05-18 04:12:53 -------- d-----w- c:\documents and settings\all users\application data\BDLogging

2013-05-18 04:12:47 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys

2013-05-18 04:12:46 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys

2013-05-18 04:12:46 511328 ----a-w- c:\windows\capicom.dll

2013-05-18 04:12:46 113616 ----a-w- c:\windows\system32\drivers\bdfndisf.sys

2013-05-18 04:12:40 242504 ----a-w- c:\windows\system32\drivers\avchv.sys

2013-05-18 04:12:39 486536 ----a-w- c:\windows\system32\drivers\avckf.sys

2013-05-18 04:12:38 633344 ----a-w- c:\windows\system32\drivers\avc3.sys

2013-05-18 04:12:19 -------- d-----w- c:\documents and settings\mahesh\application data\Bitdefender

2013-05-18 04:12:18 -------- d-----w- c:\documents and settings\all users\application data\Bitdefender

2013-05-18 04:11:15 -------- d-----w- c:\documents and settings\mahesh\application data\QuickScan

2013-05-18 04:11:05 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys

2013-05-18 04:11:03 355744 ----a-w- c:\windows\system32\drivers\trufos.sys

2013-05-18 04:11:03 -------- d-----w- c:\program files\Bitdefender

2013-05-18 03:36:07 -------- d-----w- c:\program files\common files\Bitdefender

2013-05-14 17:41:53 -------- d-----w- c:\program files\Enigma Software Group

2013-05-14 17:41:12 -------- d-----w- c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP

2013-05-14 17:41:09 -------- d-----w- c:\program files\common files\Wise Installation Wizard

.

==================== Find3M ====================

.

2013-06-11 03:12:16 17488 ----a-w- c:\windows\gdrv.sys

2013-05-15 15:45:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-15 15:45:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll

2013-04-16 22:17:14 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-04-16 22:17:14 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-04-12 23:28:55 385024 ----a-w- c:\windows\system32\html.iec

2013-04-12 07:03:16 188176 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

2013-04-12 07:03:02 94480 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2013-04-12 07:03:02 104720 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys

2013-04-12 07:02:06 115984 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys

2013-04-12 07:02:04 174864 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll

2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys

2013-04-04 09:20:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-31 23:36:45 723230 ----a-w- c:\windows\unins000.exe

2013-02-17 03:27:32 2174976 ----a-w- c:\program files\common files\atimpenc.dll

.

============= FINISH: 22:35:13.05 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 2/5/2012 1:45:21 PM

System Uptime: 6/11/2013 8:41:28 AM (14 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | G41MT-S2

Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz | Socket 775 | 3000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 49 GiB total, 13.769 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 417 GiB total, 76.638 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP598: 4/30/2013 5:52:51 AM - Software Distribution Service 3.0

RP599: 5/1/2013 3:00:14 AM - Software Distribution Service 3.0

RP600: 5/1/2013 5:50:33 AM - Software Distribution Service 3.0

RP601: 5/1/2013 10:18:57 PM - Installed Real Time DATA FEEDER 2.9.0 for AmiBroker

RP602: 5/2/2013 5:49:53 AM - Software Distribution Service 3.0

RP603: 5/3/2013 5:49:33 AM - Software Distribution Service 3.0

RP604: 5/4/2013 5:49:36 AM - Software Distribution Service 3.0

RP605: 5/5/2013 1:42:51 AM - Software Distribution Service 3.0

RP606: 5/5/2013 5:49:25 AM - Software Distribution Service 3.0

RP607: 5/6/2013 5:49:28 AM - Software Distribution Service 3.0

RP608: 5/7/2013 5:49:35 AM - Software Distribution Service 3.0

RP609: 5/8/2013 5:50:13 AM - System Checkpoint

RP610: 5/8/2013 5:50:23 AM - Software Distribution Service 3.0

RP611: 5/9/2013 5:46:36 AM - Software Distribution Service 3.0

RP612: 5/10/2013 5:44:27 AM - Software Distribution Service 3.0

RP613: 5/11/2013 5:43:50 AM - Software Distribution Service 3.0

RP614: 5/12/2013 1:42:01 AM - Software Distribution Service 3.0

RP615: 5/12/2013 5:43:50 AM - Software Distribution Service 3.0

RP616: 5/13/2013 5:43:50 AM - Software Distribution Service 3.0

RP617: 5/14/2013 5:42:58 AM - Software Distribution Service 3.0

RP618: 5/14/2013 11:11:50 PM - Installed SpyHunter

RP619: 5/14/2013 11:23:42 PM - Removed SpyHunter

RP620: 5/15/2013 5:42:34 AM - Software Distribution Service 3.0

RP621: 5/16/2013 3:00:17 AM - Software Distribution Service 3.0

RP622: 5/16/2013 5:39:18 AM - Software Distribution Service 3.0

RP623: 5/17/2013 5:58:50 AM - System Checkpoint

RP624: 5/17/2013 7:06:35 AM - Software Distribution Service 3.0

RP625: 5/18/2013 7:13:01 AM - Software Distribution Service 3.0

RP626: 5/19/2013 3:00:15 AM - Software Distribution Service 3.0

RP627: 5/20/2013 3:36:15 AM - System Checkpoint

RP628: 5/21/2013 4:33:37 AM - System Checkpoint

RP629: 5/22/2013 4:47:41 AM - System Checkpoint

RP630: 5/23/2013 4:57:30 AM - System Checkpoint

RP631: 5/24/2013 5:45:23 AM - System Checkpoint

RP632: 5/25/2013 6:45:23 AM - System Checkpoint

RP633: 5/26/2013 7:44:17 AM - System Checkpoint

RP634: 5/27/2013 7:45:14 AM - System Checkpoint

RP635: 5/28/2013 8:36:52 AM - System Checkpoint

RP636: 5/29/2013 8:37:35 AM - System Checkpoint

RP637: 5/30/2013 10:58:02 AM - System Checkpoint

RP638: 5/31/2013 11:58:53 AM - System Checkpoint

RP639: 6/1/2013 1:02:19 PM - System Checkpoint

RP640: 6/2/2013 1:34:52 PM - System Checkpoint

RP641: 6/3/2013 2:44:40 PM - System Checkpoint

RP642: 6/3/2013 6:51:41 PM - Restore Operation

RP643: 6/4/2013 8:08:07 PM - System Checkpoint

RP644: 6/6/2013 12:17:33 AM - System Checkpoint

RP645: 6/7/2013 12:59:33 AM - System Checkpoint

RP646: 6/8/2013 1:59:33 AM - System Checkpoint

RP647: 6/9/2013 2:59:33 AM - System Checkpoint

RP648: 6/10/2013 3:59:34 AM - System Checkpoint

RP649: 6/11/2013 4:58:58 AM - System Checkpoint

RP650: 6/11/2013 8:39:16 AM - Restore Operation

RP651: 6/11/2013 9:04:32 AM - Installed HiJackThis

.

==== Installed Programs ======================

.

µTorrent

Adobe Acrobat 8 Professional - English, Français, Deutsch

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.2

Advanced Fix 2013 version 2.0.1.106

AmiBroker 5.40

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

AviSynth 2.5

AVS Video Converter

Belkin Setup and Router Monitor

Belkin USB Print and Storage Center

Bitdefender Total Security 2013

Bluetooth Stack for Windows by Toshiba

Bonjour

Canon MP Navigator EX 2.0

Canon Utilities Solution Menu

CanoScan LiDE 100 Scanner Driver

CBR Reader

Chitrankan

ComicRack v0.9.128

Compatibility Pack for the 2007 Office system

ConvertXtoDVD 3.3.4.106e

Creative System Information

DFX

DU Meter

EasySaver B9.0904.1

Epub reader

EssentialFax

FBReader for Windows

Foxit Reader

GIST-OT-Fonts

GOM Player

Google Earth

Google Hindi Input

Google SketchUp 8

Google Update Helper

HiJackThis

HindiWriter - The Phonetic Hindi Writer

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB954550-v5)

HP LaserJet Professional CP1020 Series

Intel® Graphics Media Accelerator Driver

iTunes

Juniper Networks Host Checker

Juniper Networks, Inc. Setup Client

Juniper Terminal Services Client

K-Lite Mega Codec Pack 5.1.0

Magnifying Glass Pro 1.9

Malwarebytes Anti-Malware version 1.75.0.1300

Media Player Classic - Home Cinema 1.6.0.4014

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

Nero 7 Essentials

neroxml

nimbledataPro - Version 1.5.0.0

Nokia Connectivity Cable Driver

NOW

ON_OFF Charge B11.0110.1

Oracle VM VirtualBox 4.2.12

Philips Intelligent Agent

QuickShare

Real Time DATA FEEDER 2.9.0 for AmiBroker

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB941569)

Sound Blaster Audigy

Sound Organizer

TeamViewer 8

Total Video Converter 3.50

Total Video Converter 3.71 100812

Trade Vinayak

TradeTiger

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

USB ACF Modem

Video Mover

Videora iPhone 4 Converter 6

VMware Player

WebFldrs XP

Winamp

Winamp Detector Plug-in

WinDirStat 1.1.2

Windows Media Format 11 runtime

Windows PowerShell 1.0

WinRAR archiver

Xilisoft Video Converter Ultimate

.

==== Event Viewer Messages From Past Week ========

.

6/6/2013 1:18:08 AM, error: Dhcp [1002] - The IP address lease 192.168.2.2 for the Network Card with network address 50E549B483D1 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

6/11/2013 8:38:56 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

.

==== End Of File ===========================

[maheshn1980]

Hi, let me know if you need any other logs etc.

[Maniac]

Step 1

Please uninstall the following applications:

µTorrent

QuickShare

Step 2

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
  
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete depending on your system's specifications.
  
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  
• Post the contents of JRT.txt into your next message.
  

Step 3

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
  
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Delete.
  
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
  
• Please post the content of that logfile with your next answer.
  
• You can find the logfile at C:\AdwCleaner[s1].txt as well.
  

Step 4

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

• Junkware Removal Tool log
  
• AdwCleaner log
  
• Malwarebytes' Anti-Malware log
  
• a new fresh DDS log

[maheshn1980]

Hi Thanks for helping me. I haven't uninstalled utorrent as i use it often however the rest of the steps are done. Pls see the logs below.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Microsoft Windows XP x86

Ran by Mahesh on Wed 06/12/2013 at 23:11:48.38

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\browser infrastructure helper

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarbackup

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\splashtop"

Successfully deleted: [Folder] "C:\Documents and Settings\Mahesh\Application Data\red kawa"

Successfully deleted: [Folder] "C:\Documents and Settings\Mahesh\Application Data\splashtop"

Failed to delete: [Folder] "C:\Documents and Settings\Mahesh\Local Settings\Application Data\smartbar"

Successfully deleted: [Folder] "C:\Program Files\red kawa"

Successfully deleted: [Folder] "C:\Program Files\searchya!"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 06/12/2013 at 23:14:06.44

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.303 - Logfile created 06/12/2013 at 23:25:29

# Updated 08/06/2013 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : Mahesh - MAHESH-AA2EF2EE

# Boot Mode : Normal

# Running from : C:\Documents and Settings\Mahesh\My Documents\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\7k1py6vs.default\searchplugins\search.xml

File Deleted : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\9xh8ef1b.default\searchplugins\search.xml

File Deleted : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\a88gy8ny.default\searchplugins\search.xml

File Deleted : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\biqg8ix6.default\searchplugins\search.xml

Folder Deleted : C:\DOCUME~1\Mahesh\LOCALS~1\Temp\Smartbar

Folder Deleted : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\7k1py6vs.default\extensions\staged

Folder Deleted : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\9xh8ef1b.default\extensions\staged

Folder Deleted : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\a88gy8ny.default\extensions\staged

Folder Deleted : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\biqg8ix6.default\extensions\staged

Folder Deleted : C:\Documents and Settings\Mahesh\Local Settings\Application Data\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6492E171-2427-4932-B414-33574A089F5E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6492E171-2427-4932-B414-33574A089F5E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\SmartbarLog

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\6ekfd2sp.default-1368554305140\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\7k1py6vs.default\prefs.js

C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\7k1py6vs.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={96384B58-CE22-41F4-A4C5-89AD8127[...]

Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={96384B58-CE22-41F4-A4C5-89AD812722B0}&m[...]

File : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\9xh8ef1b.default\prefs.js

C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\9xh8ef1b.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={96384B58-CE22-41F4-A4C5-89AD8127[...]

Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={96384B58-CE22-41F4-A4C5-89AD812722B0}&m[...]

Deleted : user_pref("browser.startup.homepage", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc-100&cd=2XzuyEtN[...]

File : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\a88gy8ny.default\prefs.js

C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\a88gy8ny.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={96384B58-CE22-41F4-A4C5-89AD8127[...]

Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={96384B58-CE22-41F4-A4C5-89AD812722B0}&m[...]

Deleted : user_pref("browser.startup.homepage", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc-100&cd=2XzuyEtN[...]

File : C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\biqg8ix6.default\prefs.js

C:\Documents and Settings\Mahesh\Application Data\Mozilla\Firefox\Profiles\biqg8ix6.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={96384B58-CE22-41F4-A4C5-89AD8127[...]

Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={96384B58-CE22-41F4-A4C5-89AD812722B0}&m[...]

Deleted : user_pref("browser.startup.homepage", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc-100&cd=2XzuyEtN[...]

*************************

AdwCleaner[R1].txt - [7939 octets] - [12/06/2013 23:23:57]

AdwCleaner[s1].txt - [8476 octets] - [12/06/2013 23:25:29]

########## EOF - C:\AdwCleaner[s1].txt - [8536 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.06.11.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Mahesh :: MAHESH-AA2EF2EE [administrator]

6/12/2013 11:34:49 PM

mbam-log-2013-06-12 (23-34-49).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 295027

Time elapsed: 7 minute(s), 30 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Mahesh at 23:44:27 on 2013-06-12

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3036.1724 [GMT 5.5:30]

.

AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: Bitdefender Firewall *Disabled*

.

============== Running Processes ================

.

C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\DU Meter\DUMeterSvc.exe

C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\WINDOWS\system32\vmnat.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\Program Files\TeamViewer\Version8\TeamViewer.exe

C:\Program Files\Bitdefender\Bitdefender 2013\BdParentalSysTray.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\TeamViewer\Version8\tv_w32.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\EssentialFax\essfaxcontrol.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\DU Meter\DUMeter.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\DFX\DFX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\notepad.exe

C:\Program Files\Bitdefender\Bitdefender 2013\downloader.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k bthsvcs

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = about:blank

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [DU Meter] c:\program files\du meter\DUMeter.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Essential Fax Print Controller] "c:\program files\essentialfax\essfaxcontrol.exe"

mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r

mRun: [P17Helper] Rundll32 P17.dll,P17Helper

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon

mRun: [HP CP1020 System Tray] "c:\program files\hp\hp laserjet professional cp1020 series\HPCP1020STRAY.EXE"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup

mRun: [iTSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /START

mRun: [bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-f400-7760-000000000003}\_SC_Acrobat.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dfx.lnk - c:\program files\dfx\DFX.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

LSP: c:\program files\bitdefender\bitdefender 2013\BdProvider.dll

LSP: %windir%\system32\vsocklib.dll

DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://www.filremoteaccess.in.fid-intl.com/dana-cached/sc/JuniperSetupClient.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{35B6FB71-F41F-48FA-8A04-0D6DE2C0DCB6} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

TCP: Interfaces\{3F44C06E-5112-4B82-B719-A855C677FC51} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

TCP: Interfaces\{71699057-6F90-4510-B68C-46C8D792C1B0} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

TCP: Interfaces\{8AE1EE23-D802-4C2F-A061-EE5638D5733B} : DHCPNameServer = 192.168.2.1

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\mahesh\application data\mozilla\firefox\profiles\6ekfd2sp.default-1368554305140\

FF - prefs.js: browser.startup.homepage - about:blank

FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll

.

============= SERVICES / DRIVERS ===============

.

R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2013-5-18 633344]

R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2013-5-18 162976]

R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2011-7-13 13616]

R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2011-7-13 5632]

R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2011-7-13 13616]

R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2012-10-24 71152]

R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2013-4-29 61464]

R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-2-5 18544]

R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2013-5-18 72704]

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2013-4-29 188176]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2013-4-29 94480]

R2 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2013\bdparentalservice.exe [2013-5-18 62688]

R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2013-2-13 152576]

R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2013-2-13 49152]

R2 DUMeterSvc;DU Meter Service;c:\program files\du meter\DUMeterSvc.exe [2012-5-6 1382672]

R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2012-2-5 68136]

R2 SafeBox;SafeBox;c:\program files\bitdefender\bitdefender safebox\safeboxservice.exe [2013-5-18 82824]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2012-12-11 4150112]

R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2013\updatesrv.exe [2013-5-18 55984]

R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-10-11 721048]

R3 acfva;acfva;c:\windows\system32\drivers\ACFVA32.sys [2012-4-29 87040]

R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2013-5-18 242504]

R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2013-5-18 486536]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2013-5-18 116560]

R3 dgcfltr;DGC Filter Driver;c:\windows\system32\drivers\ACFDCP32.sys [2012-4-29 28928]

R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2012-2-5 65136]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-6-12 40776]

R3 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2013-2-13 246936]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2013-4-12 104720]

R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2013-4-12 115984]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-2-5 1691480]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\fxxandroidusb.sys [2012-8-14 25728]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2013-5-18 66392]

S3 HPFXBULKLEDM;HPFXBULKLEDM;c:\windows\system32\drivers\hppcbulkio.sys [2012-5-27 20792]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2013-1-15 18432]

S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer;c:\program files\sony\sound organizer\sony.earth\PACSPTISVR.exe [2010-11-19 157024]

S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\drivers\fxx\qcusbser.sys [2012-8-14 103424]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-06-12 18:04:38 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-06-12 17:41:46 -------- d-----w- c:\windows\ERUNT

2013-06-12 17:41:18 -------- d-----w- C:\JRT

2013-06-12 04:45:36 9089416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-06-11 03:34:36 388096 ----a-r- c:\documents and settings\mahesh\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2013-06-11 03:34:35 -------- d-----w- c:\program files\Trend Micro

2013-06-11 03:10:44 -------- d-----w- c:\windows\system32\wbem\repository\FS

2013-06-11 03:10:44 -------- d-----w- c:\windows\system32\wbem\Repository

2013-06-08 10:49:54 -------- d-sh--w- c:\documents and settings\mahesh\PrivacIE

2013-06-05 14:03:00 -------- d-----w- c:\program files\WinDirStat

2013-06-05 04:40:34 -------- d-----w- C:\StockLiveDF

2013-05-30 21:46:02 -------- d-----w- c:\documents and settings\mahesh\local settings\application data\bdch

2013-05-30 21:46:00 -------- d-----w- c:\documents and settings\all users\application data\bdch

2013-05-25 02:02:36 -------- d-----w- c:\program files\SubMagic

2013-05-18 04:22:40 376405 ----a-w- c:\documents and settings\all users\application data\1368850249.bdinstall.bin

2013-05-18 04:12:53 -------- d-----w- c:\documents and settings\all users\application data\BDLogging

2013-05-18 04:12:47 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys

2013-05-18 04:12:46 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys

2013-05-18 04:12:46 511328 ----a-w- c:\windows\capicom.dll

2013-05-18 04:12:46 113616 ----a-w- c:\windows\system32\drivers\bdfndisf.sys

2013-05-18 04:12:40 242504 ----a-w- c:\windows\system32\drivers\avchv.sys

2013-05-18 04:12:39 486536 ----a-w- c:\windows\system32\drivers\avckf.sys

2013-05-18 04:12:38 633344 ----a-w- c:\windows\system32\drivers\avc3.sys

2013-05-18 04:12:19 -------- d-----w- c:\documents and settings\mahesh\application data\Bitdefender

2013-05-18 04:12:18 -------- d-----w- c:\documents and settings\all users\application data\Bitdefender

2013-05-18 04:11:15 -------- d-----w- c:\documents and settings\mahesh\application data\QuickScan

2013-05-18 04:11:05 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys

2013-05-18 04:11:03 355744 ----a-w- c:\windows\system32\drivers\trufos.sys

2013-05-18 04:11:03 -------- d-----w- c:\program files\Bitdefender

2013-05-18 03:36:07 -------- d-----w- c:\program files\common files\Bitdefender

2013-05-14 17:41:53 -------- d-----w- c:\program files\Enigma Software Group

2013-05-14 17:41:12 -------- d-----w- c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP

2013-05-14 17:41:09 -------- d-----w- c:\program files\common files\Wise Installation Wizard

.

==================== Find3M ====================

.

2013-06-12 17:58:47 17488 ----a-w- c:\windows\gdrv.sys

2013-06-12 05:45:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-06-12 05:45:38 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll

2013-04-16 22:17:14 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-04-16 22:17:14 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-04-12 23:28:55 385024 ----a-w- c:\windows\system32\html.iec

2013-04-12 07:03:16 188176 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

2013-04-12 07:03:02 94480 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2013-04-12 07:03:02 104720 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys

2013-04-12 07:02:06 115984 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys

2013-04-12 07:02:04 174864 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll

2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys

2013-04-04 09:20:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-31 23:36:45 723230 ----a-w- c:\windows\unins000.exe

2013-02-17 03:27:32 2174976 ----a-w- c:\program files\common files\atimpenc.dll

.

============= FINISH: 23:44:56.25 ===============

[Maniac]

About uTorrent:

http://forums.malwarebytes.org/index.php?showtopic=97700

[maheshn1980]

Thanks again. I have uninstalled utorrent now. Let me know the next steps pls.

[Maniac]

Please generate a new fresh DDS log file.

[maheshn1980]

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Mahesh at 5:23:08 on 2013-06-14

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3036.1435 [GMT 5.5:30]

.

AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: Bitdefender Firewall *Disabled*

.

============== Running Processes ================

.

C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\EssentialFax\essfaxcontrol.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\DU Meter\DUMeterSvc.exe

C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\DFX\DFX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\WINDOWS\system32\vmnat.exe

C:\Program Files\TeamViewer\Version8\TeamViewer.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\Program Files\Bitdefender\Bitdefender 2013\BdParentalSysTray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\TeamViewer\Version8\tv_w32.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\AmiBroker\Broker.exe

C:\Program Files\DU Meter\DUMeter.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k bthsvcs

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = about:blank

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [DU Meter] c:\program files\du meter\DUMeter.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Essential Fax Print Controller] "c:\program files\essentialfax\essfaxcontrol.exe"

mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r

mRun: [P17Helper] Rundll32 P17.dll,P17Helper

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon

mRun: [HP CP1020 System Tray] "c:\program files\hp\hp laserjet professional cp1020 series\HPCP1020STRAY.EXE"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup

mRun: [iTSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /START

mRun: [bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-f400-7760-000000000003}\_SC_Acrobat.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dfx.lnk - c:\program files\dfx\DFX.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

LSP: c:\program files\bitdefender\bitdefender 2013\BdProvider.dll

LSP: %windir%\system32\vsocklib.dll

DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://www.filremoteaccess.in.fid-intl.com/dana-cached/sc/JuniperSetupClient.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{35B6FB71-F41F-48FA-8A04-0D6DE2C0DCB6} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

TCP: Interfaces\{3F44C06E-5112-4B82-B719-A855C677FC51} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

TCP: Interfaces\{71699057-6F90-4510-B68C-46C8D792C1B0} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

TCP: Interfaces\{8AE1EE23-D802-4C2F-A061-EE5638D5733B} : DHCPNameServer = 192.168.2.1

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\mahesh\application data\mozilla\firefox\profiles\6ekfd2sp.default-1368554305140\

FF - prefs.js: browser.startup.homepage - about:blank

FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll

.

============= SERVICES / DRIVERS ===============

.

R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2013-5-18 633344]

R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2013-5-18 162976]

R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2011-7-13 13616]

R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2011-7-13 5632]

R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2011-7-13 13616]

R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2012-10-24 71152]

R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2013-4-29 61464]

R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-2-5 18544]

R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2013-5-18 72704]

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2013-4-29 188176]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2013-4-29 94480]

R2 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2013\bdparentalservice.exe [2013-5-18 62688]

R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2013-2-13 152576]

R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2013-2-13 49152]

R2 DUMeterSvc;DU Meter Service;c:\program files\du meter\DUMeterSvc.exe [2012-5-6 1382672]

R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2012-2-5 68136]

R2 SafeBox;SafeBox;c:\program files\bitdefender\bitdefender safebox\safeboxservice.exe [2013-5-18 82824]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2012-12-11 4150112]

R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2013\updatesrv.exe [2013-5-18 55984]

R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-10-11 721048]

R3 acfva;acfva;c:\windows\system32\drivers\ACFVA32.sys [2012-4-29 87040]

R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2013-5-18 242504]

R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2013-5-18 486536]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2013-5-18 116560]

R3 dgcfltr;DGC Filter Driver;c:\windows\system32\drivers\ACFDCP32.sys [2012-4-29 28928]

R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2012-2-5 65136]

R3 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2013-2-13 246936]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2013-4-12 104720]

R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2013-4-12 115984]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-2-5 1691480]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\fxxandroidusb.sys [2012-8-14 25728]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2013-5-18 66392]

S3 HPFXBULKLEDM;HPFXBULKLEDM;c:\windows\system32\drivers\hppcbulkio.sys [2012-5-27 20792]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2013-1-15 18432]

S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer;c:\program files\sony\sound organizer\sony.earth\PACSPTISVR.exe [2010-11-19 157024]

S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\drivers\fxx\qcusbser.sys [2012-8-14 103424]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-06-12 17:41:46 -------- d-----w- c:\windows\ERUNT

2013-06-12 17:41:18 -------- d-----w- C:\JRT

2013-06-12 04:45:36 9089416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-06-11 03:34:36 388096 ----a-r- c:\documents and settings\mahesh\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2013-06-11 03:34:35 -------- d-----w- c:\program files\Trend Micro

2013-06-11 03:10:44 -------- d-----w- c:\windows\system32\wbem\repository\FS

2013-06-11 03:10:44 -------- d-----w- c:\windows\system32\wbem\Repository

2013-06-08 10:49:54 -------- d-sh--w- c:\documents and settings\mahesh\PrivacIE

2013-06-05 14:03:00 -------- d-----w- c:\program files\WinDirStat

2013-06-05 04:40:34 -------- d-----w- C:\StockLiveDF

2013-05-30 21:46:02 -------- d-----w- c:\documents and settings\mahesh\local settings\application data\bdch

2013-05-30 21:46:00 -------- d-----w- c:\documents and settings\all users\application data\bdch

2013-05-25 02:02:36 -------- d-----w- c:\program files\SubMagic

2013-05-18 04:22:40 376405 ----a-w- c:\documents and settings\all users\application data\1368850249.bdinstall.bin

2013-05-18 04:12:53 -------- d-----w- c:\documents and settings\all users\application data\BDLogging

2013-05-18 04:12:47 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys

2013-05-18 04:12:46 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys

2013-05-18 04:12:46 511328 ----a-w- c:\windows\capicom.dll

2013-05-18 04:12:46 113616 ----a-w- c:\windows\system32\drivers\bdfndisf.sys

2013-05-18 04:12:40 242504 ----a-w- c:\windows\system32\drivers\avchv.sys

2013-05-18 04:12:39 486536 ----a-w- c:\windows\system32\drivers\avckf.sys

2013-05-18 04:12:38 633344 ----a-w- c:\windows\system32\drivers\avc3.sys

2013-05-18 04:12:19 -------- d-----w- c:\documents and settings\mahesh\application data\Bitdefender

2013-05-18 04:12:18 -------- d-----w- c:\documents and settings\all users\application data\Bitdefender

2013-05-18 04:11:15 -------- d-----w- c:\documents and settings\mahesh\application data\QuickScan

2013-05-18 04:11:05 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys

2013-05-18 04:11:03 355744 ----a-w- c:\windows\system32\drivers\trufos.sys

2013-05-18 04:11:03 -------- d-----w- c:\program files\Bitdefender

2013-05-18 03:36:07 -------- d-----w- c:\program files\common files\Bitdefender

.

==================== Find3M ====================

.

2013-06-12 21:50:38 17488 ----a-w- c:\windows\gdrv.sys

2013-06-12 05:45:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-06-12 05:45:38 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-07 22:30:06 920064 ----a-w- c:\windows\system32\wininet.dll

2013-05-07 22:30:05 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-05-07 22:30:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-05-07 21:53:29 385024 ----a-w- c:\windows\system32\html.iec

2013-05-03 01:30:20 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-05-03 00:38:17 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-12 07:03:16 188176 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

2013-04-12 07:03:02 94480 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2013-04-12 07:03:02 104720 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys

2013-04-12 07:02:06 115984 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys

2013-04-12 07:02:04 174864 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll

2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys

2013-04-04 09:20:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-31 23:36:45 723230 ----a-w- c:\windows\unins000.exe

2013-02-17 03:27:32 2174976 ----a-w- c:\program files\common files\atimpenc.dll

.

============= FINISH: 5:23:51.31 ===============

[Maniac]

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!