Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Error message..help needed [Solved]

Started by Jacks1 , Sep 19 2013 09:27 PM

  • This topic is locked This topic is locked

#1
Jacks1
Posted 19 September 2013 - 09:27 PM

Jacks1

    New Member

  • Member
  • Pip
  • 8 posts
comp was okay till firefox update I think
now comp freezes and get error message Logon process has failed to created the Security options Dialog in a box after the screen goes black



OTL logfile created on: 20/09/2013 04:17:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 38.27% Memory free
6.21 Gb Paging File | 4.20 Gb Available in Paging File | 67.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 161.89 Gb Free Space | 56.15% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 3.89 Gb Free Space | 39.81% Space Free | Partition Type: NTFS

Computer Name: DELL-530 | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/20 04:16:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2013/09/18 10:19:54 | 001,234,792 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
PRC - [2013/09/18 10:19:39 | 000,481,344 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
PRC - [2013/09/18 10:19:12 | 001,837,848 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
PRC - [2013/09/18 10:19:09 | 000,621,448 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
PRC - [2013/09/18 10:19:05 | 000,054,424 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
PRC - [2013/09/17 19:43:00 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/09/11 16:47:22 | 001,862,024 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
PRC - [2013/09/08 15:26:59 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/09/04 11:16:46 | 000,844,656 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013/09/04 11:16:42 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/09/04 11:16:40 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/17 08:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/18 10:19:50 | 000,095,088 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender\bdmetrics.dll
MOD - [2013/09/17 19:42:59 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/09/11 16:47:21 | 016,177,544 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_168.dll
MOD - [2013/09/10 15:48:47 | 014,972,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\f6442364070b29c3dd5f31bb88d2d932\Kies.Theme.ni.dll
MOD - [2013/09/10 15:48:46 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\46cf69a7c28e8350b009b24fa8311030\DummyStorePlugin.ni.dll
MOD - [2013/09/10 15:48:46 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\7fca06b9d7716a227b9401c98d2ed123\DeviceStoryAlbum.ni.dll
MOD - [2013/09/10 15:48:45 | 000,616,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\a080df3fd2eded81cd2ece4c2b4084c3\DevicePodcast.ni.dll
MOD - [2013/09/10 15:48:44 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\001acf6eb3093c2b78d81ec8de6846fb\DevicePhoto.ni.dll
MOD - [2013/09/10 15:48:44 | 000,301,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\1cb1cfe7653108fb33da4bab1c9cfd0b\DeviceVideo.ni.dll
MOD - [2013/09/10 15:48:43 | 000,308,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\f5acb6f13029f20cfb14554f9283482c\DeviceMusic.ni.dll
MOD - [2013/09/10 15:48:42 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\25b80e09fd7746cda017b4f81752a20f\VideoManager.ni.dll
MOD - [2013/09/10 15:48:41 | 000,807,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\3adf5bcb4435e4947876084de26ef5ec\PhotoManager.ni.dll
MOD - [2013/09/10 15:48:40 | 001,993,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\ac8499a773adb5f1fda530f457f512b7\Phonebook.ni.dll
MOD - [2013/09/10 15:48:38 | 000,207,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\fd601d00fe1410785297bca0a3198439\StoryAlbumManager.ni.dll
MOD - [2013/09/10 15:48:37 | 000,945,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\f6444ae45bff4a1493823c2213c8e9f5\MusicManager.ni.dll
MOD - [2013/09/10 15:48:36 | 000,404,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\9ab244bb7c4b74d2f92f5e5d6344739c\BATPlugin.ni.dll
MOD - [2013/09/10 15:48:36 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\2c973c5840a16d12fbfadfac97c3d9b5\Kies.Common.StoreManager.ni.dll
MOD - [2013/09/10 15:48:35 | 000,534,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\a95d875a2e1a9091eb741653205abb4f\Kies.Common.MediaDB.ni.dll
MOD - [2013/09/10 15:48:35 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\7f3ae97b9b6accd27689aa6ba1aeca6a\Kies.Common.AllShare.ni.dll
MOD - [2013/09/10 15:48:34 | 000,110,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\083625128eac035833d49510feea7463\Kies.Common.CRMManager.ni.dll
MOD - [2013/09/10 15:48:34 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\0aafc1ab7d719d1e8d6792ad23a9dec5\Kies.Common.DBManager.ni.dll
MOD - [2013/09/10 15:48:33 | 001,150,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\4323a3f1b2c3ec346b1a4c876c87addd\Podcaster.ni.dll
MOD - [2013/09/10 15:48:32 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ed6e792cf10dc0087b0555f45dd288d3\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013/09/10 15:48:31 | 000,581,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1f722a2025101d218fb4e6c591042eb\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013/09/10 15:48:31 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a089a7812c72bb43bc8266579a14436a\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013/09/10 15:48:30 | 001,221,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c5164c2055ddd8f00e56618c765b948d\Kies.Common.DeviceService.ni.dll
MOD - [2013/09/10 15:48:28 | 001,002,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\ffb1aaff1526752ddb4150fa28900159\DeviceCommonLib.ni.dll
MOD - [2013/09/10 15:48:27 | 000,750,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\3efcf4ec0119e3dad53113b8b4dae93d\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013/09/10 15:48:26 | 000,206,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\cccb8eb8a510b4783c0077efdafda5d9\Kies.Common.MainUI.ni.dll
MOD - [2013/09/10 15:48:21 | 000,940,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a0cb12fea01f5ad0f49b1fba119fa531\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013/09/10 15:48:21 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\086362a6f4a94b64807a4a46fab5ff56\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013/09/10 15:48:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\f750e15f47f7414bf892d0a3c33fce0d\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013/09/10 15:48:19 | 002,220,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\044346c35662d56e33dd6f88f07ca807\Kies.Common.Multimedia.ni.dll
MOD - [2013/09/10 15:48:17 | 000,640,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3d58e1f617e743178cfd6e16c748f6fa\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013/09/10 15:48:17 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\68d6de93f5c1fe703cf06942ec1633b6\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013/09/10 15:48:12 | 007,181,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\107668f25b6d54d834e46530a71c9a2b\DeviceHost.ni.dll
MOD - [2013/09/10 15:48:05 | 000,312,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\078364101874dbfca7ff2b69aedac6ca\Kies.Common.Util.ni.dll
MOD - [2013/09/10 15:48:04 | 001,709,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\1e26c45827b6d1aeb1f8b9b247698e3b\Kies.Locale.ni.dll
MOD - [2013/09/10 15:48:04 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\45091e987f06846686e3075de0a9cca9\Kies.MVVM.ni.dll
MOD - [2013/09/10 15:48:03 | 001,931,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\8d6c36c854df41c9685a0e3ce24124ec\Kies.UI.ni.dll
MOD - [2013/09/10 15:48:01 | 001,288,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\d9e175f851e44ddc4766aa60f1c13da6\Kies.Interface.ni.dll
MOD - [2013/09/10 15:47:59 | 002,182,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\57cdd577de1d750888d1f3e9ebcb33a7\Kies.ni.exe
MOD - [2013/09/08 00:39:32 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6a4bcf254a32a7a34c46cad07a50bd0a\ASF_cSharpAPI.ni.dll
MOD - [2013/09/08 00:39:23 | 000,178,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\0da68ca11e94cf38a8afdd62d8f4a859\Interop.DevFileServiceLib.ni.dll
MOD - [2013/09/08 00:38:43 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b87be734669f99e4fcca4bfe56ee363f\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013/09/08 00:38:43 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\38f544b89726d9c186ae97e9d9778563\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013/09/08 00:38:43 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\23c78dd6b5c41a1ecdf344b258047de9\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013/09/08 00:38:12 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\4a8f835dd54e0859d00bb22707fcd66f\CabLib.ni.dll
MOD - [2013/09/08 00:38:10 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\fbd0ff346320096aaeeaf1de3d0ae47f\Interop.DeviceSearchLib.ni.dll
MOD - [2013/09/08 00:38:03 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\1f5aa9af212ae33bec20cb38c3a851e5\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013/09/08 00:37:27 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\f7c799b2b0fd3cd2193b21b7d1f3cd39\System.Runtime.Remoting.ni.dll
MOD - [2013/08/14 03:12:16 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\f2f0e9a8703422ee27d0094e81170cca\System.ServiceProcess.ni.dll
MOD - [2013/08/14 03:10:15 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\876a6e3ad28ad8fb6303fd81630f4366\System.Xaml.ni.dll
MOD - [2013/08/14 03:07:02 | 018,022,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1bfc8df8dc2076bf8bcb90ce32f33c18\PresentationFramework.ni.dll
MOD - [2013/08/14 03:06:55 | 005,628,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\625ef7b392f799bdd0ebe0e364bc7b40\System.Xml.ni.dll
MOD - [2013/08/14 03:06:52 | 001,014,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ded1ce18badf565556806edd5572053e\System.Configuration.ni.dll
MOD - [2013/08/14 03:06:45 | 011,527,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\13181bc68824ceefac1f8bbfd58f33e4\PresentationCore.ni.dll
MOD - [2013/08/14 03:06:44 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e8092f13b7a38dfd4c57e262d02e5212\System.Core.ni.dll
MOD - [2013/08/14 03:06:35 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\1c8c245b408e8c12f73757f7e25c405b\WindowsBase.ni.dll
MOD - [2013/08/14 03:06:32 | 009,100,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\c0a67abed7df54004613628d9db92a68\System.ni.dll
MOD - [2013/07/11 21:09:33 | 014,419,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ddab8d958a389e0578db75ff35a5d772\mscorlib.ni.dll
MOD - [2013/06/19 12:44:37 | 000,204,280 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
MOD - [2011/10/28 17:13:24 | 006,034,229 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll
MOD - [2011/10/28 17:13:24 | 000,337,387 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll
MOD - [2011/10/28 17:13:24 | 000,221,581 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
MOD - [2008/10/04 10:22:36 | 002,494,464 | ---- | M] () -- C:\Program Files\ffdshow\ffdshow.ax


========== Services (SafeList) ==========

SRV - [2013/09/18 10:19:54 | 001,234,792 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\vsserv.exe -- (VSSERV)
SRV - [2013/09/18 10:19:05 | 000,054,424 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe -- (UPDATESRV)
SRV - [2013/09/17 19:43:00 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/13 19:47:11 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/07/05 12:33:47 | 000,068,344 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/09/08 16:30:38 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\84092256.sys -- (84092256)
DRV - [2013/07/26 11:53:51 | 000,135,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys -- (bdselfpr)
DRV - [2013/07/23 16:50:50 | 000,066,832 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdsandbox.sys -- (BDSandBox)
DRV - [2013/07/19 18:06:44 | 000,490,144 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2013/07/19 18:03:32 | 000,640,560 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2013/06/21 01:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/06/21 01:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/05/28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/02/22 19:46:48 | 000,078,144 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV - [2012/11/02 14:17:14 | 000,242,504 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avchv.sys -- (avchv)
DRV - [2012/10/04 14:30:05 | 000,162,976 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)
DRV - [2011/11/14 20:16:26 | 000,130,640 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2009/12/10 21:48:26 | 000,043,520 | ---- | M] (--) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MOSUMAC.SYS -- (MOSUMAC)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D7 F4 51 2E 49 4E CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Bitdefender.com/PasswordManager;version=17.8: C:\Program Files\Bitdefender\Bitdefender\pmbxnp.dll (Bitdefender)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/05/06 13:44:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/08 15:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender\ffpwdman\ [2013/08/19 12:51:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/08 15:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/09/17 19:42:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/17 19:42:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013/08/19 12:50:56 | 000,000,000 | ---D | M]

[2012/07/03 05:03:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2013/09/17 17:23:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\svaxrxhd.default-1378065894070\extensions
[2013/09/17 17:23:09 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\svaxrxhd.default-1378065894070\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/09/10 02:25:27 | 000,534,203 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\svaxrxhd.default-1378065894070\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/09/10 02:22:08 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\svaxrxhd.default-1378065894070\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/09/17 19:42:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/09/17 19:43:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/08 15:27:18 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/08/29 11:01:32 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealDownloader = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/30 23:59:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKCU..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKCU..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe (Bitdefender)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_74517427.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71}: DhcpNameServer = 192.168.0.203
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/20 04:16:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013/09/20 03:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2013/09/17 19:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/09/11 23:46:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/09/10 16:11:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013/09/08 15:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/09/08 15:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/09/08 15:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/09/08 15:12:44 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\84092256.sys
[2013/09/08 00:36:00 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2013/09/08 00:36:00 | 000,084,248 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2013/09/08 00:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013/09/08 00:30:33 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2013/09/08 00:30:33 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys
[2013/09/04 03:28:03 | 000,072,704 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2013/09/04 02:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
[2013/09/04 02:57:41 | 000,078,144 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys
[2013/09/04 02:57:41 | 000,066,832 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys
[2013/09/04 02:57:17 | 000,640,560 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2013/09/04 02:57:17 | 000,490,144 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2013/09/04 02:55:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Bitdefender
[2013/09/04 02:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013/09/04 02:49:55 | 000,162,976 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2013/09/04 02:49:53 | 000,355,744 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2013/09/04 02:49:53 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013/09/04 02:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013/08/31 00:02:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/08/31 00:02:01 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/08/31 00:02:01 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\temp
[2013/08/30 22:02:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\mbar
[2013/08/23 17:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/23 17:11:30 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/08/23 17:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/28 15:52:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Chris\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/09/20 04:16:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013/09/20 04:09:20 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/20 04:09:18 | 000,005,184 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/20 04:09:18 | 000,005,184 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/20 04:08:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/20 03:28:22 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
[2013/09/17 15:33:33 | 000,000,384 | ---- | M] () -- C:\Windows\System32\checkdnsid.xml
[2013/09/17 14:52:21 | 012,345,616 | ---- | M] () -- C:\Users\Chris\Desktop\CL.pdf
[2013/09/17 06:23:22 | 003,443,271 | ---- | M] () -- C:\Users\Chris\Desktop\RacingPost(7).pdf
[2013/09/15 22:34:00 | 000,072,236 | ---- | M] () -- C:\Users\Chris\Desktop\FS_12PM_NFL_033010_Raiders_QB.jpg
[2013/09/15 16:46:28 | 003,948,161 | ---- | M] () -- C:\Users\Chris\Desktop\sun.pdf
[2013/09/14 11:11:03 | 008,516,149 | ---- | M] () -- C:\Users\Chris\Desktop\14th.pdf
[2013/09/13 23:46:39 | 000,000,680 | ---- | M] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2013/09/13 23:46:39 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2013/09/13 03:23:19 | 003,610,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/09/10 15:43:16 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013/09/08 16:30:38 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\84092256.sys
[2013/09/08 15:34:09 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/09/08 15:29:03 | 000,000,803 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_74517427.lnk
[2013/09/08 15:27:02 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2013/09/08 00:47:15 | 000,001,941 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Story Album Viewer.lnk
[2013/09/08 00:36:24 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013/09/08 00:30:52 | 000,001,807 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013/09/08 00:30:51 | 000,001,797 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013/09/07 10:52:33 | 008,195,863 | ---- | M] () -- C:\Users\Chris\Desktop\sat.pdf
[2013/09/05 21:45:34 | 007,924,344 | ---- | M] () -- C:\Users\Chris\Desktop\RacingPost(9).pdf
[2013/09/05 16:59:31 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2013/09/04 03:28:03 | 000,072,704 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2013/09/04 03:01:17 | 000,722,279 | ---- | M] () -- C:\ProgramData\1378259387.bdinstall.bin
[2013/09/04 03:00:01 | 000,253,404 | -H-- | M] () -- C:\bdr-ld03
[2013/09/04 03:00:01 | 000,009,216 | -H-- | M] () -- C:\bdr-ld03.mbr
[2013/09/04 03:00:01 | 000,000,308 | -H-- | M] () -- C:\bdr-cf03
[2013/09/04 02:58:23 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
[2013/09/04 02:58:23 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/09/02 23:07:31 | 000,001,041 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
[2013/09/01 02:03:47 | 000,147,275 | ---- | M] () -- C:\Users\Chris\Documents\gooty.jpg
[2013/08/30 23:59:10 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/08/30 21:39:37 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/08/30 21:39:37 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/08/30 21:39:37 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/08/30 21:37:41 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/08/30 21:14:16 | 000,253,404 | -H-- | M] () -- C:\bdr-ld02
[2013/08/30 21:14:16 | 000,009,216 | -H-- | M] () -- C:\bdr-ld02.mbr
[2013/08/30 21:14:16 | 000,000,308 | -H-- | M] () -- C:\bdr-cf02
[2013/08/24 23:52:26 | 000,043,520 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/23 17:11:32 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/23 15:12:06 | 006,393,736 | ---- | M] () -- C:\Users\Chris\Desktop\BitdefenderSupportTool.exe

========== Files Created - No Company Name ==========

[2013/09/20 03:28:22 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
[2013/09/17 14:52:20 | 012,345,616 | ---- | C] () -- C:\Users\Chris\Desktop\CL.pdf
[2013/09/17 06:23:20 | 003,443,271 | ---- | C] () -- C:\Users\Chris\Desktop\RacingPost(7).pdf
[2013/09/16 14:18:33 | 000,000,384 | ---- | C] () -- C:\Windows\System32\checkdnsid.xml
[2013/09/15 22:33:59 | 000,072,236 | ---- | C] () -- C:\Users\Chris\Desktop\FS_12PM_NFL_033010_Raiders_QB.jpg
[2013/09/15 16:46:27 | 003,948,161 | ---- | C] () -- C:\Users\Chris\Desktop\sun.pdf
[2013/09/14 11:11:02 | 008,516,149 | ---- | C] () -- C:\Users\Chris\Desktop\14th.pdf
[2013/09/08 15:34:09 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/09/08 15:29:03 | 000,000,803 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_74517427.lnk
[2013/09/08 00:47:15 | 000,001,941 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Story Album Viewer.lnk
[2013/09/08 00:36:24 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013/09/08 00:36:24 | 000,001,773 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013/09/08 00:30:52 | 000,001,807 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013/09/08 00:30:51 | 000,001,797 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013/09/07 10:52:31 | 008,195,863 | ---- | C] () -- C:\Users\Chris\Desktop\sat.pdf
[2013/09/05 21:45:30 | 007,924,344 | ---- | C] () -- C:\Users\Chris\Desktop\RacingPost(9).pdf
[2013/09/05 16:59:31 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2013/09/04 03:01:17 | 000,722,279 | ---- | C] () -- C:\ProgramData\1378259387.bdinstall.bin
[2013/09/04 03:00:01 | 000,000,308 | -H-- | C] () -- C:\bdr-cf03
[2013/09/04 02:58:23 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
[2013/09/04 02:58:23 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/09/04 02:55:38 | 002,294,848 | -H-- | C] () -- C:\bdr-bz03
[2013/09/04 02:55:38 | 000,009,216 | -H-- | C] () -- C:\bdr-ld03.mbr
[2013/09/04 02:55:34 | 036,579,345 | -H-- | C] () -- C:\bdr-im03.gz
[2013/09/04 02:55:34 | 000,253,404 | -H-- | C] () -- C:\bdr-ld03
[2013/09/02 22:32:38 | 000,001,041 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
[2013/09/01 02:01:13 | 000,147,275 | ---- | C] () -- C:\Users\Chris\Documents\gooty.jpg
[2013/08/30 21:14:16 | 000,000,308 | -H-- | C] () -- C:\bdr-cf02
[2013/08/30 21:07:33 | 036,579,345 | -H-- | C] () -- C:\bdr-im02.gz
[2013/08/30 21:07:33 | 002,294,848 | -H-- | C] () -- C:\bdr-bz02
[2013/08/30 21:07:33 | 000,253,404 | -H-- | C] () -- C:\bdr-ld02
[2013/08/30 21:07:33 | 000,009,216 | -H-- | C] () -- C:\bdr-ld02.mbr
[2013/08/24 21:40:31 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/08/24 21:40:31 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/08/24 21:40:31 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/08/23 17:11:32 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/23 15:12:00 | 006,393,736 | ---- | C] () -- C:\Users\Chris\Desktop\BitdefenderSupportTool.exe
[2013/06/14 19:56:26 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/06/10 19:39:44 | 000,029,239 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\UserTile.png
[2013/06/02 12:53:21 | 000,015,616 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2013/05/06 14:42:38 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2013/05/06 12:27:02 | 000,000,680 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2013/01/13 18:03:01 | 003,610,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/16 15:09:21 | 000,711,240 | ---- | C] () -- C:\Windows\is-L5DGO.exe
[2012/06/03 09:55:32 | 000,043,520 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/11 11:10:35 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/03/18 21:07:14 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/01/13 09:10:03 | 000,910,996 | ---- | C] () -- C:\Users\Chris\AppData\Local\census.cache
[2012/01/13 09:09:35 | 000,163,945 | ---- | C] () -- C:\Users\Chris\AppData\Local\ars.cache
[2012/01/13 08:12:43 | 000,000,036 | ---- | C] () -- C:\Users\Chris\AppData\Local\housecall.guid.cache
[2011/12/28 15:52:30 | 000,007,887 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.cat
[2011/12/28 15:52:30 | 000,001,144 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.inf
[2011/12/23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/12/23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/12/23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/12/23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/09/04 02:55:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Bitdefender
[2012/03/30 08:47:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/03/18 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leawo
[2012/03/19 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2013/04/04 18:40:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Opera
[2013/04/08 22:04:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\QuickScan
[2013/09/08 00:37:03 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Samsung
[2012/06/16 00:21:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Temp
[2012/03/18 21:08:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\tiger-k
[2013/09/08 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Vso

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Chris\Desktop\VTS_01_1.VOB:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Chris\Desktop\20130328_151820.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Chris\Desktop\20130328_151644.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Chris\Desktop\20130328_151606.mp4:TOC.WMV
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >
  • 0

Advertisements

#2
emeraldnzl
Posted 24 September 2013 - 11:15 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Jacks1,

Welcome to Geekstogo.

I am not immediately seeing anything that suggests this problem is caused by malware.

Let's do a bit of a clean up which might help things and then carry out a scan that can give us some security program information.

Now

Download and run TFC.exe (Vista and above users right click and run as Administrator).

You may be asked to reboot when it is finished. Please do so.

After that

Go to this link and scroll down to the Answer from Joseph. Follow the instructions he gives to carry out chkdsk in Safe Mode.

Finally in this post

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
So when you return please post
  • checkup.txt
  • and tell me if there has been any change in your machines symptoms after those actions

  • 0

#3
Jacks1
Posted 26 September 2013 - 01:14 AM

Jacks1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Mozilla still freezing, was there any sign of malwre?

Results of screen317's Security Check version 0.99.73
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Bitdefender Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Panda Cloud Cleaner
Adobe Flash Player 11.8.800.168
Adobe Reader XI
Mozilla Firefox (24.0)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes' Anti-Malware mbamscheduler.exe
Bitdefender Bitdefender vsserv.exe
Bitdefender Bitdefender updatesrv.exe
Bitdefender Bitdefender bdagent.exe
Bitdefender Bitdefender pmbxag.exe
Bitdefender Bitdefender bdapppassmgr.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#4
emeraldnzl
Posted 26 September 2013 - 04:20 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Mozilla still freezing, was there any sign of malwre?


At this point I am not seeing malware. We will check further but it could be there is a non malware cause, maybe conflict or corruption.

Now

If you don't use Chrome go to Control Panel > Programs and uninstall Google Chrome.

Next

Please run OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
[2012/08/29 11:01:32 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

:Files
ipconfig /flushdns /c

:Commands
[ResetHosts]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply. The log is saved in the same location as OTL.
After that

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. The 32-bit will be the right version for your machine.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.
When you return please post
  • OTL fix txt
  • FRST.txt
  • Addittion.txt
  • 0

#5
Jacks1
Posted 27 September 2013 - 12:20 AM

Jacks1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
========== OTL ==========
C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Chris\Desktop\cmd.bat deleted successfully.
C:\Users\Chris\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 09272013_071549

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013
Ran by Chris (administrator) on DELL-530 on 27-09-2013 07:17:13
Running from C:\Users\Chris\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Andrea Electronics Corporation) C:\Windows\system32\AERTSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\update\realsched.exe
(OldTimer Tools) C:\Users\Chris\Desktop\OTL.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4907008 2008-01-17] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1837848 2013-09-18] (Bitdefender)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-08] (RealNetworks, Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Bitdefender Wallet Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [481344 2013-09-18] (Bitdefender)
HKCU\...\Run: [Bitdefender Wallet] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [903656 2013-09-18] (Bitdefender)
HKCU\...\Run: [Bitdefender Wallet Application Agent] - C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [621448 2013-09-18] (Bitdefender)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_74517427.lnk
ShortcutTarget: _uninst_74517427.lnk -> C:\Users\Chris\AppData\Local\temp\_uninst_74517427.bat (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD7F4512E494ECE01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\svaxrxhd.default-1378065894070
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\pmbxnp.dll (Bitdefender)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\svaxrxhd.default-1378065894070\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: No Name - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\svaxrxhd.default-1378065894070\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\svaxrxhd.default-1378065894070\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\ffpwdman\
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [68344 2013-07-05] (Bitdefender)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424 2013-09-18] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1234792 2013-09-18] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R0 84092256; C:\Windows\System32\DRIVERS\84092256.sys [133208 2013-09-08] (Kaspersky Lab ZAO)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [640560 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [490144 2013-07-19] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [78144 2013-02-22] (BitDefender LLC)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-07-23] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-09-26] (BitDefender LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MOSUMAC; C:\Windows\System32\DRIVERS\MOSUMAC.SYS [43520 2009-12-10] (--)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [360376 2013-09-26] (BitDefender S.R.L.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-27 07:17 - 2013-09-27 07:17 - 00000000 ____D C:\FRST
2013-09-27 07:16 - 2013-09-27 07:16 - 01086861 _____ (Farbar) C:\Users\Chris\Desktop\FRST.exe
2013-09-27 07:15 - 2013-09-27 07:15 - 00000000 ____D C:\_OTL
2013-09-26 08:11 - 2013-09-26 08:11 - 00891144 _____ C:\Users\Chris\Downloads\SecurityCheck.exe
2013-09-26 06:28 - 2013-09-26 06:28 - 00000000 _____ C:\Windows\setuperr.log
2013-09-26 06:28 - 2013-09-26 06:28 - 00000000 _____ C:\Windows\setupact.log
2013-09-26 06:26 - 2013-09-26 06:27 - 00001680 _____ C:\Users\Public\Desktop\32Red Casino.lnk
2013-09-26 06:26 - 2013-09-26 06:26 - 00798208 _____ C:\Users\Chris\Downloads\32Red(1).exe
2013-09-25 13:00 - 2013-09-25 13:00 - 00004288 ____N C:\bootex.log
2013-09-22 18:47 - 2013-09-22 18:47 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-09-20 04:26 - 2013-09-20 04:26 - 00097462 _____ C:\Users\Chris\Desktop\OTL.Txt
2013-09-20 04:26 - 2013-09-20 04:26 - 00031550 _____ C:\Users\Chris\Desktop\Extras.Txt
2013-09-20 04:16 - 2013-09-20 04:16 - 00602112 _____ (OldTimer Tools) C:\Users\Chris\Desktop\OTL.exe
2013-09-20 03:28 - 2013-09-20 03:28 - 00001075 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2013-09-17 19:42 - 2013-09-17 19:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-16 14:18 - 2013-09-20 14:22 - 00000384 _____ C:\Windows\system32\checkdnsid.xml
2013-09-14 22:47 - 2013-09-14 22:48 - 02748256 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Downloads\tdsskiller.exe
2013-09-13 03:02 - 2013-07-31 11:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 03:02 - 2013-07-31 11:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 03:02 - 2013-07-31 11:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 03:02 - 2013-07-31 10:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 03:02 - 2013-07-31 10:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-13 03:02 - 2013-07-31 10:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 03:02 - 2013-07-31 10:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-13 03:02 - 2013-07-31 10:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 03:02 - 2013-07-31 10:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 03:02 - 2013-07-31 10:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-13 03:02 - 2013-07-31 10:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-13 03:02 - 2013-07-31 10:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 03:02 - 2013-07-31 10:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 03:02 - 2013-07-31 10:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 03:02 - 2013-07-31 10:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-13 03:02 - 2013-07-31 10:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 02:42 - 2013-08-08 02:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 02:42 - 2013-07-16 05:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-11 23:46 - 2013-09-11 23:46 - 00000000 ____D C:\ProgramData\Oracle
2013-09-10 16:11 - 2013-09-10 16:11 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-09-08 15:34 - 2013-09-08 15:34 - 00000847 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2013-09-08 15:33 - 2013-09-08 15:33 - 00000000 ____D C:\ProgramData\RealNetworks
2013-09-08 15:33 - 2013-09-08 15:33 - 00000000 ____D C:\Program Files\RealNetworks
2013-09-08 15:28 - 2013-09-08 15:28 - 00000000 ____D C:\Program Files\Common Files\xing shared
2013-09-08 15:12 - 2013-09-08 16:30 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\84092256.sys
2013-09-08 00:36 - 2013-09-10 15:43 - 00001783 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-09-08 00:36 - 2013-09-08 00:36 - 00001773 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-09-08 00:36 - 2013-06-21 01:07 - 00181912 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-09-08 00:36 - 2013-06-21 01:07 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-09-08 00:30 - 2013-06-14 19:56 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2013-09-08 00:30 - 2013-06-14 19:56 - 00319456 _____ (Microsoft Corporation) C:\Windows\system32\DIFxAPI.dll
2013-09-08 00:30 - 2013-06-14 19:56 - 00020032 _____ (Devguru Co., Ltd) C:\Windows\system32\Drivers\dgderdrv.sys
2013-09-08 00:26 - 2013-09-08 00:28 - 69599992 _____ (Samsung Electronics Co., Ltd. ) C:\Users\Chris\Downloads\KiesSetup.exe
2013-09-05 16:59 - 2013-09-05 16:59 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-09-05 16:58 - 2013-09-25 13:02 - 00002600 _____ C:\Windows\system32\spsys.log
2013-09-04 03:28 - 2013-09-04 03:28 - 00072704 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2013-09-04 03:01 - 2013-09-04 03:01 - 00722279 _____ C:\ProgramData\1378259387.bdinstall.bin
2013-09-04 03:00 - 2013-09-04 03:00 - 00000308 ____H C:\bdr-cf03
2013-09-04 02:58 - 2013-09-04 02:58 - 00001902 _____ C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
2013-09-04 02:58 - 2013-09-04 02:58 - 00001854 _____ C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2013-09-04 02:57 - 2013-07-23 16:50 - 00066832 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-09-04 02:57 - 2013-07-19 18:06 - 00490144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-09-04 02:57 - 2013-07-19 18:03 - 00640560 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-09-04 02:57 - 2013-02-22 19:46 - 00078144 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2013-09-04 02:55 - 2013-09-04 03:00 - 00253404 ____H C:\bdr-ld03
2013-09-04 02:55 - 2013-09-04 03:00 - 00009216 ____H C:\bdr-ld03.mbr
2013-09-04 02:55 - 2013-09-04 02:55 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Bitdefender
2013-09-04 02:55 - 2013-06-25 18:20 - 36579345 ____H C:\bdr-im03.gz
2013-09-04 02:55 - 2012-08-15 15:28 - 02294848 ____H C:\bdr-bz03
2013-09-04 02:49 - 2013-09-26 13:35 - 00360376 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-09-04 02:49 - 2013-09-26 13:35 - 00000000 ____D C:\ProgramData\Bitdefender
2013-09-04 02:49 - 2013-09-26 13:34 - 00165744 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2013-09-04 02:49 - 2013-09-04 02:49 - 07170656 _____ C:\Users\Chris\Downloads\bitdefender_isecurity(1).exe
2013-09-04 02:49 - 2013-09-04 02:49 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-09-04 02:49 - 2013-09-04 02:49 - 00000000 ____D C:\Program Files\Bitdefender
2013-09-02 22:32 - 2013-09-02 23:07 - 00001041 _____ C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
2013-08-31 23:24 - 2013-08-31 23:24 - 00072165 _____ C:\Users\Chris\Downloads\image16.jpeg
2013-08-30 22:02 - 2013-08-30 22:43 - 00000000 ____D C:\Users\Chris\Desktop\mbar
2013-08-30 21:14 - 2013-08-30 21:14 - 00000308 ____H C:\bdr-cf02
2013-08-30 21:07 - 2013-08-30 21:14 - 00253404 ____H C:\bdr-ld02
2013-08-30 21:07 - 2013-08-30 21:14 - 00009216 ____H C:\bdr-ld02.mbr
2013-08-30 21:07 - 2013-06-25 18:20 - 36579345 ____H C:\bdr-im02.gz
2013-08-30 21:07 - 2012-08-15 15:28 - 02294848 ____H C:\bdr-bz02
2013-08-30 21:05 - 2013-08-30 21:05 - 05697728 _____ C:\Users\Chris\Downloads\bitdefender_isecurity.exe
2013-08-28 01:29 - 2013-08-02 05:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

==================== One Month Modified Files and Folders =======

2013-09-27 07:17 - 2013-09-27 07:17 - 00000000 ____D C:\FRST
2013-09-27 07:16 - 2013-09-27 07:16 - 01086861 _____ (Farbar) C:\Users\Chris\Desktop\FRST.exe
2013-09-27 07:15 - 2013-09-27 07:15 - 00000000 ____D C:\_OTL
2013-09-27 07:02 - 2006-11-02 13:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-27 07:02 - 2006-11-02 13:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-27 06:47 - 2012-12-13 20:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-27 03:00 - 2012-06-09 17:42 - 01773084 _____ C:\Windows\WindowsUpdate.log
2013-09-26 13:35 - 2013-09-04 02:49 - 00360376 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-09-26 13:35 - 2013-09-04 02:49 - 00000000 ____D C:\ProgramData\Bitdefender
2013-09-26 13:34 - 2013-09-04 02:49 - 00165744 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2013-09-26 08:11 - 2013-09-26 08:11 - 00891144 _____ C:\Users\Chris\Downloads\SecurityCheck.exe
2013-09-26 06:28 - 2013-09-26 06:28 - 00000000 _____ C:\Windows\setuperr.log
2013-09-26 06:28 - 2013-09-26 06:28 - 00000000 _____ C:\Windows\setupact.log
2013-09-26 06:27 - 2013-09-26 06:26 - 00001680 _____ C:\Users\Public\Desktop\32Red Casino.lnk
2013-09-26 06:26 - 2013-09-26 06:26 - 00798208 _____ C:\Users\Chris\Downloads\32Red(1).exe
2013-09-25 13:02 - 2013-09-05 16:58 - 00002600 _____ C:\Windows\system32\spsys.log
2013-09-25 13:02 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-25 13:00 - 2013-09-25 13:00 - 00004288 ____N C:\bootex.log
2013-09-25 11:46 - 2006-11-02 14:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-22 18:47 - 2013-09-22 18:47 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-09-22 18:47 - 2012-12-13 20:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-22 18:47 - 2012-12-13 20:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 14:22 - 2013-09-16 14:18 - 00000384 _____ C:\Windows\system32\checkdnsid.xml
2013-09-20 04:26 - 2013-09-20 04:26 - 00097462 _____ C:\Users\Chris\Desktop\OTL.Txt
2013-09-20 04:26 - 2013-09-20 04:26 - 00031550 _____ C:\Users\Chris\Desktop\Extras.Txt
2013-09-20 04:16 - 2013-09-20 04:16 - 00602112 _____ (OldTimer Tools) C:\Users\Chris\Desktop\OTL.exe
2013-09-20 04:05 - 2013-05-15 16:02 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-20 03:28 - 2013-09-20 03:28 - 00001075 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2013-09-18 03:12 - 2012-02-16 00:47 - 00000000 ____D C:\Users\Chris\Desktop\New Folder
2013-09-17 19:43 - 2013-09-17 19:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-14 22:48 - 2013-09-14 22:47 - 02748256 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Downloads\tdsskiller.exe
2013-09-13 23:46 - 2013-05-06 14:42 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-09-13 23:46 - 2013-05-06 12:27 - 00000680 _____ C:\Users\Chris\AppData\Local\d3d9caps.dat
2013-09-13 03:23 - 2013-01-13 18:03 - 03610720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 03:02 - 2013-08-14 03:08 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 03:00 - 2006-11-02 11:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-11 23:46 - 2013-09-11 23:46 - 00000000 ____D C:\ProgramData\Oracle
2013-09-11 23:45 - 2011-12-26 23:04 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-09-11 23:45 - 2011-12-26 23:00 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-09-10 18:04 - 2013-04-09 04:39 - 00000000 ____D C:\ProgramData\Dumps
2013-09-10 16:24 - 2011-02-04 13:24 - 00000000 ____D C:\Users\Chris
2013-09-10 16:11 - 2013-09-10 16:11 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-09-10 15:48 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-10 15:43 - 2013-09-08 00:36 - 00001783 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-09-10 12:45 - 2013-07-23 22:29 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2013-09-09 22:34 - 2013-01-13 21:28 - 00056088 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-08 21:21 - 2011-12-28 15:52 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Vso
2013-09-08 16:30 - 2013-09-08 15:12 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\84092256.sys
2013-09-08 15:38 - 2012-03-25 04:14 - 00000000 ____D C:\Users\Chris\AppData\Roaming\RealNetworks
2013-09-08 15:34 - 2013-09-08 15:34 - 00000847 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2013-09-08 15:33 - 2013-09-08 15:33 - 00000000 ____D C:\ProgramData\RealNetworks
2013-09-08 15:33 - 2013-09-08 15:33 - 00000000 ____D C:\Program Files\RealNetworks
2013-09-08 15:28 - 2013-09-08 15:28 - 00000000 ____D C:\Program Files\Common Files\xing shared
2013-09-08 15:28 - 2011-12-26 23:09 - 00000000 ____D C:\ProgramData\Real
2013-09-08 15:28 - 2008-10-23 13:52 - 00000000 ____D C:\Program Files\Real
2013-09-08 15:27 - 2013-03-03 20:50 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2013-09-08 15:27 - 2013-03-03 20:50 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2013-09-08 15:27 - 2013-03-03 20:50 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2013-09-08 15:27 - 2008-10-23 13:52 - 00272896 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll
2013-09-08 15:26 - 2008-10-23 13:05 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2013-09-08 15:26 - 2008-10-23 13:05 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2013-09-08 00:46 - 2012-01-22 19:58 - 00000000 ____D C:\Program Files\Samsung
2013-09-08 00:46 - 2012-01-22 19:57 - 00000000 ____D C:\Users\Chris\AppData\Local\Downloaded Installations
2013-09-08 00:46 - 2008-10-23 13:09 - 00000000 ____D C:\Program Files\InstallShield Installation Information
2013-09-08 00:37 - 2012-01-22 20:02 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Samsung
2013-09-08 00:37 - 2012-01-22 20:02 - 00000000 ____D C:\Users\Chris\AppData\Local\Samsung
2013-09-08 00:36 - 2013-09-08 00:36 - 00001773 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-09-08 00:30 - 2012-01-22 19:58 - 00000000 ____D C:\ProgramData\Samsung
2013-09-08 00:28 - 2013-09-08 00:26 - 69599992 _____ (Samsung Electronics Co., Ltd. ) C:\Users\Chris\Downloads\KiesSetup.exe
2013-09-05 16:59 - 2013-09-05 16:59 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-09-04 03:28 - 2013-09-04 03:28 - 00072704 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2013-09-04 03:01 - 2013-09-04 03:01 - 00722279 _____ C:\ProgramData\1378259387.bdinstall.bin
2013-09-04 03:00 - 2013-09-04 03:00 - 00000308 ____H C:\bdr-cf03
2013-09-04 03:00 - 2013-09-04 02:55 - 00253404 ____H C:\bdr-ld03
2013-09-04 03:00 - 2013-09-04 02:55 - 00009216 ____H C:\bdr-ld03.mbr
2013-09-04 02:58 - 2013-09-04 02:58 - 00001902 _____ C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
2013-09-04 02:58 - 2013-09-04 02:58 - 00001854 _____ C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2013-09-04 02:55 - 2013-09-04 02:55 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Bitdefender
2013-09-04 02:49 - 2013-09-04 02:49 - 07170656 _____ C:\Users\Chris\Downloads\bitdefender_isecurity(1).exe
2013-09-04 02:49 - 2013-09-04 02:49 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-09-04 02:49 - 2013-09-04 02:49 - 00000000 ____D C:\Program Files\Bitdefender
2013-09-04 02:45 - 2012-02-22 22:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-02 23:07 - 2013-09-02 22:32 - 00001041 _____ C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
2013-09-02 23:03 - 2011-12-28 15:53 - 00000000 ____D C:\Users\Chris\Documents\ConvertXToDVD
2013-09-02 17:16 - 2011-12-31 14:09 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2013-09-01 21:04 - 2013-03-29 00:45 - 00000000 ____D C:\Users\Chris\Desktop\Old Firefox Data
2013-08-31 23:24 - 2013-08-31 23:24 - 00072165 _____ C:\Users\Chris\Downloads\image16.jpeg
2013-08-31 00:16 - 2012-03-09 10:46 - 00000000 ____D C:\Program Files\Google
2013-08-30 23:59 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-08-30 23:49 - 2012-01-11 04:46 - 00000000 ____D C:\Windows\ERDNT
2013-08-30 22:43 - 2013-08-30 22:02 - 00000000 ____D C:\Users\Chris\Desktop\mbar
2013-08-30 22:43 - 2013-08-04 00:14 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-30 21:39 - 2013-08-24 21:40 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-30 21:39 - 2013-08-24 21:40 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-30 21:39 - 2013-08-24 21:40 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-30 21:37 - 2006-11-02 11:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-08-30 21:35 - 2012-02-22 22:55 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-30 21:14 - 2013-08-30 21:14 - 00000308 ____H C:\bdr-cf02
2013-08-30 21:14 - 2013-08-30 21:07 - 00253404 ____H C:\bdr-ld02
2013-08-30 21:14 - 2013-08-30 21:07 - 00009216 ____H C:\bdr-ld02.mbr
2013-08-30 21:05 - 2013-08-30 21:05 - 05697728 _____ C:\Users\Chris\Downloads\bitdefender_isecurity.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-27 01:25

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2013
Ran by Chris at 2013-09-27 07:18:04
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

==================== Installed Programs ======================

Leawo Video Converter version 5.1.0.0
32Red Casino (Version: 16.9.2.739)
Adobe AIR (Version: 3.8.0.870)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Reader XI (11.0.04) (Version: 11.0.04)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
Apple Application Support (Version: 2.3.4)
Apple Software Update (Version: 2.1.3.127)
Bitdefender Internet Security (Version: 17.16.0.729)
CCleaner (Version: 4.04)
ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322)
EasyBCD 1.7 (Version: 1.7)
ESET Online Scanner v3
ffdshow [rev 2180] [2008-10-04] (Version: 1.0)
Intel® Graphics Media Accelerator Driver
K-Lite Codec Pack 7.0.0 (Standard) (Version: 7.0.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Office Excel Viewer 2003 (Version: 11.0.8173.0)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MyFreeCodec
Nero 7 Lite 7.10.1.2 (Version: 7.10.1.2)
neroxml (Version: 1.0.0)
Opera 12.16 (Version: 12.16.1860)
Panda Cloud Cleaner (Version: 1.0.69)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
RealUpgrade 1.1 (Version: 1.1.0)
Safari (Version: 5.34.57.2)
Samsung Kies (Version: 2.6.0.13064_2)
Samsung Story Album Viewer (Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Skitch (Version: 2.2.0.4)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
VLC media player 2.0.8 (Version: 2.0.8)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
YouTube Downloader App 3.00 (Version: 3.00)

==================== Restore Points =========================

04-09-2013 23:00:01 Scheduled Checkpoint
05-09-2013 17:21:23 Scheduled Checkpoint
06-09-2013 02:00:11 Windows Update
06-09-2013 23:00:05 Scheduled Checkpoint
07-09-2013 23:29:15 Installed Samsung Kies
07-09-2013 23:46:20 Installed Samsung Story Album Viewer
08-09-2013 02:00:10 Windows Update
08-09-2013 21:35:31 Scheduled Checkpoint
09-09-2013 22:17:01 Scheduled Checkpoint
10-09-2013 15:15:16 Device Driver Package Install: SAMSUNG Electronics Co.,Ltd. Universal Serial Bus controllers
10-09-2013 15:15:40 Device Driver Package Install: SAMSUNG Electronics Co.,Ltd. Modems
10-09-2013 15:16:08 Device Driver Package Install: SAMSUNG Electronics Co.,Ltd. Ports (COM & LPT)
10-09-2013 15:16:27 Device Driver Package Install: SAMSUNG Electronics Co.,Ltd. Modems
10-09-2013 15:16:48 Device Driver Package Install: SAMSUNG Electronics Co.,Ltd. Universal Serial Bus controllers
10-09-2013 15:17:13 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Universal Serial Bus controllers
10-09-2013 15:17:38 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Ports (COM & LPT)
10-09-2013 15:17:58 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Modems
10-09-2013 15:18:20 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Universal Serial Bus controllers
10-09-2013 15:18:41 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Modems
10-09-2013 15:19:00 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Ports (COM & LPT)
10-09-2013 15:19:29 Device Driver Package Install: Samsung Electronics Co., LTD Universal Serial Bus controllers
10-09-2013 15:19:51 Device Driver Package Install: Samsung Electronics Co., LTD Modems
10-09-2013 15:20:12 Device Driver Package Install: Samsung Electronics Co., LTD Ports (COM & LPT)
10-09-2013 15:20:32 Device Driver Package Install: MobileTop Universal Serial Bus controllers
10-09-2013 15:20:54 Device Driver Package Install: Schunid Modems
10-09-2013 15:21:19 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Universal Serial Bus controllers
10-09-2013 15:21:37 Device Driver Package Install: SAMSUNG Electronics Co., Ltd.
10-09-2013 15:22:06 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Modems
10-09-2013 15:22:21 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Network adapters
10-09-2013 15:22:48 Device Driver Package Install: SAMSUNG Electronics Co., Ltd. Ports (COM & LPT)
10-09-2013 15:23:11 Device Driver Package Install: SAMSUNG Electronics Co.,Ltd. Universal Serial Bus controllers
10-09-2013 15:23:41 Device Driver Package Install: Intel Mobile Communications Universal Serial Bus controllers
11-09-2013 22:44:20 Installed Java 7 Update 40
11-09-2013 22:49:48 Removed Java 7 Update 40
12-09-2013 23:23:25 Scheduled Checkpoint
13-09-2013 02:00:12 Windows Update
13-09-2013 23:20:28 Scheduled Checkpoint
15-09-2013 01:51:22 Scheduled Checkpoint
16-09-2013 03:46:43 Scheduled Checkpoint
16-09-2013 23:36:58 Scheduled Checkpoint
19-09-2013 13:57:13 Windows Update
20-09-2013 04:18:34 Scheduled Checkpoint
20-09-2013 23:00:08 Scheduled Checkpoint
21-09-2013 23:29:12 Scheduled Checkpoint
23-09-2013 04:19:06 Scheduled Checkpoint
23-09-2013 23:00:06 Scheduled Checkpoint
24-09-2013 18:00:33 Windows Update
25-09-2013 10:28:49 Scheduled Checkpoint
25-09-2013 23:00:02 Scheduled Checkpoint
26-09-2013 23:00:11 Scheduled Checkpoint

==================== Hosts content: ==========================

2013-01-28 16:22 - 2013-09-27 07:15 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0945E1CB-16D0-411C-8521-E36129FC4CAD} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3299710142-3868310564-1978959094-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {55BCF811-A564-4112-86D0-CE9A15394CF0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3299710142-3868310564-1978959094-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6092D648-6209-4D6F-9B67-908F6DA777DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {677CD573-8156-4B83-8781-B7646D6B0415} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-22] (Adobe Systems Incorporated)
Task: {6AB10674-89F8-4900-9832-2CF880C72577} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3299710142-3868310564-1978959094-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6CF8EE34-6EE2-4E64-AA5A-E3899409B671} - System32\Tasks\User_Feed_Synchronization-{890E34AE-B7D2-4C9D-B64B-88DB364A18E6} => C:\Windows\system32\msfeedssync.exe [2011-12-26] (Microsoft Corporation)
Task: {709FD123-0434-4B25-9F09-F77D694C65B4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {745733FA-3BB1-409F-9D9C-36EC6FD46BDF} - \CreateChoiceProcessTask No Task File
Task: {8214B684-CA5F-4C69-89AA-C1D18ACA5CB0} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3299710142-3868310564-1978959094-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-04 02:57 - 2013-06-19 12:44 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-09-04 02:57 - 2013-09-18 10:19 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender\bdmetrics.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 01931264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\8d6c36c854df41c9685a0e3ce24124ec\Kies.UI.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\45091e987f06846686e3075de0a9cca9\Kies.MVVM.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 00189952 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\68d6de93f5c1fe703cf06942ec1633b6\Kies.Common.DeviceServiceLib.Interface.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 00367104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\001acf6eb3093c2b78d81ec8de6846fb\DevicePhoto.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 00301568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\1cb1cfe7653108fb33da4bab1c9cfd0b\DeviceVideo.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 00616448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\a080df3fd2eded81cd2ece4c2b4084c3\DevicePodcast.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 00307200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\46cf69a7c28e8350b009b24fa8311030\DummyStorePlugin.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 14972928 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\f6442364070b29c3dd5f31bb88d2d932\Kies.Theme.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 00581632 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1f722a2025101d218fb4e6c591042eb\Kies.Common.DeviceServiceLib.FileService.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 00046592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\086362a6f4a94b64807a4a46fab5ff56\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2013-09-10 15:48 - 2013-09-10 15:48 - 01002496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\ffb1aaff1526752ddb4150fa28900159\DeviceCommonLib.ni.dll
2013-09-08 00:39 - 2013-09-08 00:39 - 00232960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6a4bcf254a32a7a34c46cad07a50bd0a\ASF_cSharpAPI.ni.dll
2013-09-17 19:42 - 2013-09-17 19:42 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll
2013-09-11 16:47 - 2013-09-11 16:47 - 16177544 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\Users\Chris\Desktop\20130328_151606.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Desktop\20130328_151644.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Desktop\20130328_151820.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Desktop\BitdefenderSupportTool.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\FRST.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\OTL.exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\QuickTimeInstaller(2).exe:BDU
AlternateDataStreams: C:\Users\Chris\Desktop\VTS_01_1.VOB:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\(Movie) The Gambler (1974) (PeRfEcTo).avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\20120317_142032-trim-03-17-trim-03-18-00-17-38.3gp:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\32Red(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\a.3gp:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\ccsetup404.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\classic emmerdale 2006.01.09.tvrip.xvid.(4254).robinhood99.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\emandme.MPG:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\f3ac02847353e87bc1a33d61b5d09fa9(1).MOV:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\f3ac02847353e87bc1a33d61b5d09fa9.MOV:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\FHSetup(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\jxpiinstall(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\KiesSetup.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E02.HDTV.XviD-2HD.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E03.HDTV.XviD-FQM.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E04.HDTV.XviD-ASAP.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E05.HDTV.x264-ASAP.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E06.HDTV.XviD-FQM.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E07.HDTV.XviD-FQM.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E08.HDTV.x264-ASAP.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E09.HDTV.x264-ASAP.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\mbam-setup-1.75.0.1300(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\mbam-setup-1.75.0.1300.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\McKenzie_Lee_-_Cumshot_Compilation.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\MOV00687.MP4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\PSISetup.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\QuickTimeInstaller(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\QuickTimeInstaller(2).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\QuickTimeInstaller(3).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\SafariSetup.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\SecurityCheck.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\setup_11.0.0.1245.x01_2013_08_01_11_29(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\setup_11.0.0.1245.x01_2013_08_14_23_13.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\Shockwave_Installer_Full.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\SizableSend.com-Upload-01-26-2013-1453018---George-Orwell-1984-DVD-RIP.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\spywareblastersetup50.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\tdsskiller.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\TFC(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\vid2.3gp:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\vlc-2.0.7-win32.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\vlc-2.0.8-win32(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\vlc-2.0.8-win32.exe:BDU
AlternateDataStreams: C:\Users\Chris\Downloads\wlsetup-web(1).exe:BDU
AlternateDataStreams: C:\Users\Chris\Documents\Firefox Setup 21.0.exe:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Faulty Device Manager Devices =============

Name: GoTrusted TAP Adapter
Description: GoTrusted TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: GoTrusted TAP Provider
Service: gttap1
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/25/2013 10:44:00 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\9> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:44:00 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\9> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:44:00 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:44:00 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\7> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\7> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\6> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\6> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\5> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\5> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (09/26/2013 04:31:25 PM) (Source: Service Control Manager) (User: )
Description: Bitdefender Virus Shield1

Error: (09/25/2013 10:41:12 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:39:57 on 25/09/2013 was unexpected.

Error: (09/24/2013 07:09:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Definition Update for Windows Defender - KB915597 (Definition 1.159.552.0){6D587B8B-50CA-4400-AB8A-04181715EFDD}200

Error: (09/24/2013 06:54:11 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 18:52:42 on 24/09/2013 was unexpected.

Error: (09/24/2013 04:54:26 PM) (Source: BROWSER) (User: )
Description: The browser was unable to update the service status bits. The data is the error.

Error: (09/24/2013 04:39:26 PM) (Source: BROWSER) (User: )
Description: The browser was unable to update the service status bits. The data is the error.

Error: (09/24/2013 02:24:27 PM) (Source: BROWSER) (User: )
Description: The browser was unable to update the service status bits. The data is the error.

Error: (09/24/2013 02:09:27 PM) (Source: BROWSER) (User: )
Description: The browser was unable to update the service status bits. The data is the error.

Error: (09/24/2013 11:54:27 AM) (Source: BROWSER) (User: )
Description: The browser was unable to update the service status bits. The data is the error.

Error: (09/24/2013 11:39:27 AM) (Source: BROWSER) (User: )
Description: The browser was unable to update the service status bits. The data is the error.


Microsoft Office Sessions:
=========================
Error: (09/25/2013 10:44:00 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\9

Error: (09/25/2013 10:44:00 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\9

Error: (09/25/2013 10:44:00 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\8

Error: (09/25/2013 10:44:00 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\8

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\7

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\7

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\6

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\6

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\5

Error: (09/25/2013 10:43:59 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SVAXRXHD.DEFAULT-1378065894070\CACHE\5


CodeIntegrity Errors:
===================================
Date: 2013-09-20 10:02:08.033
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:07.912
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:07.796
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:07.681
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:07.521
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:07.368
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:05.924
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:05.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:05.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-09-20 10:02:05.514
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 63%
Total physical RAM: 3060.45 MB
Available physical RAM: 1113.39 MB
Total Pagefile: 6357.89 MB
Available Pagefile: 4178.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:288.32 GB) (Free:161.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:9.77 GB) (Free:3.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 5ED7C68A)
Partition 1: (Active) - (Size=288 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#6
emeraldnzl
Posted 27 September 2013 - 02:54 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Jacks1,

Do you use Chrome? I see it in your logs but not in the programs. Tell me when you come back.

For now

Download Auslogics Disk Defrag and save it to your Desktop.

Double click and follow the prompts to install it. Note: only install the defrag utility. Some versions come with Askbar toolbars... do not install those or any other foistware that might be there.

Once installed, run the defrag utility.

At the end the utility may tell you that it has found Junk Files and recommend that you run a scan to remove. Disregard that suggestion, it is a promotion of a tool you don't need. All we are interested in here is the defrag. process.

Note: Do not download Windows Registry Cleaner which is promoted at the same site.

Next

Reinstall Firefox.

Please go to Uninstall Firefox and follow the instructions for uninstalling Firefox but don't tick the box to Remove my Firefox personal data and customizations.

After that reinstall Firefox.

Note: If you do not have the Firefox Installer on your machine you will need to download it from here.

Come back and tell me if that has made a difference to your Firefox performance.
  • 0

#7
Jacks1
Posted 27 September 2013 - 04:01 PM

Jacks1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
HI dont use chrome
did what you asked seems a bit better, is my comp clean of malware?
  • 0

#8
emeraldnzl
Posted 27 September 2013 - 05:00 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

is my comp clean of malware?


I am not seeing malware in your logs.

The reason I asked about the Chrome one was because it shows with policy restrictions there and I thought perhaps it might be an issue if you were using it. Chrome can be foisted on your machine without your knowledge. If it were me, I would uninstall it, however if it doesn't show in your Programs list you will have to install it over the top of what is there and then uninstall it.

Go here to download Chrome.

After that go to Control Panel > Programs and uninstall it..

Now

We have a couple of last steps to perform and then you're all set.Posted Image

  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
Any other tools remaining may be deleted.

Next, we need to clean your restore points and set a new one:

Please go here for directions on how to do this. You need to turn System Protection off to delete all old restore points, reboot and then turn System Protection back on to create a new restore point.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 0

#9
Jacks1
Posted 28 September 2013 - 05:33 AM

Jacks1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
100% CLEAR OF MALWARE? If so thanks very much :)
  • 0

#10
emeraldnzl
Posted 28 September 2013 - 12:16 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

100% CLEAR OF MALWARE?


No one can guarantee that a particular machine is 100% clean but I am not seeing any malware on yours. :thumbsup:

If so thanks very much


You are welcome. :happy:

I will keep this topic open for a day or two in case any issues arise.
  • 0

#11
Jacks1
Posted 28 September 2013 - 12:20 PM

Jacks1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
so if i had been hacked or any viruses you'd have picked on something?
  • 0

#12
emeraldnzl
Posted 28 September 2013 - 12:23 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

so if i had been hacked or any viruses you'd have picked on something?


Likely would but do you have a reason to think you have been hacked?
  • 0

#13
Jacks1
Posted 28 September 2013 - 04:51 PM

Jacks1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
no just paranoid I guess

thamks for your help :)
  • 0

#14
emeraldnzl
Posted 28 September 2013 - 09:21 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Well, as I said I will leave this topic open for a few days. If anything develops come back and tell me. :)
  • 0

#15
emeraldnzl
Posted 09 October 2013 - 12:01 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP