Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

BRONTOK

Started by justme22 , Feb 19 2014 12:10 AM

  • Please log in to reply

#1
justme22
Posted 19 February 2014 - 12:10 AM

justme22

    New Member

  • Member
  • Pip
  • 9 posts
hi. I have a problem with a virus brontok .can't get rid of it. I even reinstalled windows because of it. but still I have it on d: . yesterday something strange happened. I was scanning with bitdefender free antivirus and when I opened files from quarantine, internet explorer opened a lot of windows crashing my pc.

OTL logfile created on: 2/19/2014 7:43:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\IONELA\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

895.30 Mb Total Physical Memory | 112.63 Mb Available Physical Memory | 12.58% Memory free
1.87 Gb Paging File | 0.36 Gb Available in Paging File | 19.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.29 Gb Total Space | 38.62 Gb Free Space | 75.29% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 31.61 Gb Free Space | 32.37% Space Free | Partition Type: NTFS
Drive F: | 14.69 Gb Total Space | 11.61 Gb Free Space | 79.02% Space Free | Partition Type: NTFS

Computer Name: IONELA-PC | User Name: IONELA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/19 07:42:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\IONELA\Downloads\OTL.exe
PRC - [2014/02/18 20:26:41 | 000,840,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_12_0_0_44_ActiveX.exe
PRC - [2014/02/17 15:09:49 | 004,415,328 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe
PRC - [2014/02/17 15:09:48 | 012,493,152 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/02/17 15:09:48 | 004,915,040 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/02/17 14:53:06 | 000,202,592 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2014/01/15 20:33:47 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2014/01/15 20:21:53 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2014/01/15 20:15:20 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/10/23 18:24:25 | 000,235,728 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
PRC - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
PRC - [2013/02/19 21:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/01/31 11:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/01/31 11:01:05 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2010/11/20 23:29:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010/11/20 23:29:06 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
PRC - [2009/12/04 15:48:54 | 001,728,512 | ---- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/18 19:27:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2014/02/18 19:26:57 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2014/02/18 19:26:04 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2014/02/18 19:25:29 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2014/02/18 19:21:51 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2014/02/18 19:19:54 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2014/02/18 19:19:31 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2014/02/18 19:19:22 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2014/02/18 19:19:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2014/02/18 19:18:51 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/03/19 12:07:15 | 000,508,136 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
MOD - [2009/11/03 11:11:50 | 047,628,288 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
MOD - [2009/05/07 16:53:18 | 000,106,496 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2009/05/07 16:50:46 | 000,073,728 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2008/02/14 13:57:00 | 000,094,208 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll


========== Services (SafeList) ==========

SRV - [2014/02/18 20:26:45 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/17 15:09:48 | 004,915,040 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/02/14 07:22:56 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/01/15 20:31:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/01/15 20:20:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014/01/15 20:20:11 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
SRV - [2013/02/19 21:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2014/01/15 20:30:22 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2014/01/15 20:30:22 | 000,026,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2014/01/15 20:23:33 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2014/01/15 20:23:33 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2013/07/16 15:06:06 | 000,135,472 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys -- (bdselfpr)
DRV - [2013/07/02 14:03:59 | 000,108,008 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys -- (bdfwfpf)
DRV - [2013/05/28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2013/04/22 13:20:34 | 000,164,952 | ---- | M] (BitDefender LLC) [File_System | System | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)
DRV - [2013/04/17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2013/04/17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2013/02/19 21:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/11/20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/11/25 21:02:46 | 001,108,480 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/07/14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC






IE - HKU\S-1-5-21-4242884351-395590125-1954816557-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4242884351-395590125-1954816557-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-4242884351-395590125-1954816557-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-4242884351-395590125-1954816557-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A6 3F F0 D3 CD 2C CF 01 [binary data]
IE - HKU\S-1-5-21-4242884351-395590125-1954816557-1001\..\SearchScopes,DefaultScope = {54ADA322-5A88-4E99-8C6C-7DBA066D63D9}
IE - HKU\S-1-5-21-4242884351-395590125-1954816557-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-4242884351-395590125-1954816557-1001\..\SearchScopes\{54ADA322-5A88-4E99-8C6C-7DBA066D63D9}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-4242884351-395590125-1954816557-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/02/18 21:17:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IONELA\AppData\Roaming\Mozilla\Extensions
[2014/02/18 21:16:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/02/18 21:16:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4242884351-395590125-1954816557-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F003CD8C-2415-4A90-B6AD-CE30B9D77198}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2014/02/17 19:09:39 | 000,000,043 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/19 07:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2014/02/19 05:12:58 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/02/19 05:10:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/02/19 05:10:13 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/02/19 05:08:16 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/02/18 21:23:11 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Roaming\vlc
[2014/02/18 21:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/02/18 21:21:44 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/02/18 21:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/02/18 21:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/02/18 21:17:04 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Roaming\Mozilla
[2014/02/18 21:17:04 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Local\Mozilla
[2014/02/18 21:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/02/18 21:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/02/18 21:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/02/18 21:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/02/18 21:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2014/02/18 21:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/02/18 21:08:45 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/02/18 21:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/02/18 21:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/02/18 20:27:04 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Roaming\Macromedia
[2014/02/18 20:26:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/02/18 20:07:35 | 000,242,504 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys
[2014/02/18 20:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
[2014/02/18 20:00:53 | 000,633,344 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2014/02/18 20:00:53 | 000,486,536 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2014/02/18 20:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/02/18 20:00:00 | 000,164,952 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2014/02/18 19:59:59 | 000,355,744 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2014/02/18 19:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014/02/18 19:54:43 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Roaming\QuickScan
[2014/02/18 19:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2014/02/18 19:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2014/02/18 19:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2014/02/18 19:49:38 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/02/18 19:43:00 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Roaming\uTorrent
[2014/02/18 19:38:49 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Local\ElevatedDiagnostics
[2014/02/18 19:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014/02/18 19:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/02/18 19:25:52 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2014/02/18 19:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/02/18 19:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/02/18 19:20:07 | 000,000,000 | R--D | C] -- C:\Users\IONELA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/02/18 19:20:07 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Searches
[2014/02/18 19:20:07 | 000,000,000 | R--D | C] -- C:\Users\IONELA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/02/18 19:20:07 | 000,000,000 | -H-D | C] -- C:\Users\IONELA\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/02/18 19:19:58 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Roaming\Identities
[2014/02/18 19:19:57 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Contacts
[2014/02/18 19:19:50 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Roaming\Adobe
[2014/02/18 19:19:47 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Local\VirtualStore
[2014/02/18 19:19:46 | 000,000,000 | --SD | C] -- C:\Users\IONELA\AppData\Roaming\Microsoft
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Videos
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Saved Games
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Pictures
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Music
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Links
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Favorites
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Downloads
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Documents
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\Desktop
[2014/02/18 19:19:46 | 000,000,000 | R--D | C] -- C:\Users\IONELA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\AppData\Local\Temporary Internet Files
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Templates
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Start Menu
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\SendTo
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Recent
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\PrintHood
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\NetHood
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Documents\My Videos
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Documents\My Pictures
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Documents\My Music
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\My Documents
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Local Settings
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\AppData\Local\History
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Cookies
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\Application Data
[2014/02/18 19:19:46 | 000,000,000 | -HSD | C] -- C:\Users\IONELA\AppData\Local\Application Data
[2014/02/18 19:19:46 | 000,000,000 | -H-D | C] -- C:\Users\IONELA\AppData
[2014/02/18 19:19:46 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Local\Temp
[2014/02/18 19:19:46 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Local\Microsoft
[2014/02/18 19:19:46 | 000,000,000 | ---D | C] -- C:\Users\IONELA\AppData\Roaming\Media Center Programs
[2014/02/18 19:18:06 | 000,000,000 | -HSD | C] -- C:\Recovery
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/19 07:32:45 | 000,016,864 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/19 07:32:45 | 000,016,864 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/19 07:14:12 | 000,615,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/02/19 07:14:12 | 000,103,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/02/19 07:10:38 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/02/19 07:09:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/19 07:09:01 | 704,094,208 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/19 06:58:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/19 05:14:14 | 000,116,385 | ---- | M] () -- C:\Windows\System32\license.rtf
[2014/02/19 05:12:21 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/02/18 22:16:48 | 000,282,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/02/18 21:22:47 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/02/18 21:20:07 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/18 21:16:45 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/02/18 21:11:56 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/02/18 20:07:35 | 000,242,504 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys
[2014/02/18 20:01:14 | 000,207,285 | ---- | M] () -- C:\ProgramData\1392746383.bdinstall.bin
[2014/02/18 20:01:05 | 000,002,172 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
[2014/02/18 19:50:37 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2014/02/18 19:44:05 | 000,000,853 | ---- | M] () -- C:\Users\IONELA\Desktop\µTorrent.lnk
[2014/02/18 19:44:05 | 000,000,833 | ---- | M] () -- C:\Users\IONELA\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2014/02/18 19:37:56 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014/02/18 19:20:39 | 000,001,407 | ---- | M] () -- C:\Users\IONELA\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/19 07:10:38 | 000,001,132 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/02/19 07:10:38 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/02/19 05:13:50 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/02/19 05:13:39 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/02/19 05:12:21 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/02/19 05:10:13 | 704,094,208 | -HS- | C] () -- C:\hiberfil.sys
[2014/02/18 21:22:47 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/02/18 21:20:07 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/18 21:16:44 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/02/18 21:16:44 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/02/18 21:11:56 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/02/18 20:26:47 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/18 20:01:14 | 000,207,285 | ---- | C] () -- C:\ProgramData\1392746383.bdinstall.bin
[2014/02/18 20:01:05 | 000,002,172 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
[2014/02/18 19:50:37 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2014/02/18 19:50:37 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2014/02/18 19:44:05 | 000,000,853 | ---- | C] () -- C:\Users\IONELA\Desktop\µTorrent.lnk
[2014/02/18 19:44:05 | 000,000,833 | ---- | C] () -- C:\Users\IONELA\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2014/02/18 19:37:56 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014/02/18 19:20:39 | 000,001,407 | ---- | C] () -- C:\Users\IONELA\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/18 19:19:50 | 000,001,413 | ---- | C] () -- C:\Users\IONELA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/02/18 19:19:46 | 000,000,290 | ---- | C] () -- C:\Users\IONELA\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/02/18 19:19:46 | 000,000,272 | ---- | C] () -- C:\Users\IONELA\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/01/15 20:33:22 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/02/18 20:00:16 | 000,000,000 | ---D | M] -- C:\Users\IONELA\AppData\Roaming\QuickScan
[2014/02/18 21:22:50 | 000,000,000 | ---D | M] -- C:\Users\IONELA\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >




OTL Extras logfile created on: 2/19/2014 7:43:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\IONELA\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

895.30 Mb Total Physical Memory | 112.63 Mb Available Physical Memory | 12.58% Memory free
1.87 Gb Paging File | 0.36 Gb Available in Paging File | 19.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.29 Gb Total Space | 38.62 Gb Free Space | 75.29% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 31.61 Gb Free Space | 32.37% Space Free | Partition Type: NTFS
Drive F: | 14.69 Gb Total Space | 11.61 Gb Free Space | 79.02% Space Free | Partition Type: NTFS

Computer Name: IONELA-PC | User Name: IONELA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B309C3D-8529-4359-8EBD-EBF879775C14}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0C8B6C91-149C-4165-BDC6-AD12A3C90610}" = lport=2869 | protocol=6 | dir=in | app=system |
"{167D226D-114A-4B53-A18D-17245DC25473}" = rport=445 | protocol=6 | dir=out | app=system |
"{1A75234A-D17A-42CB-888B-F338B310F701}" = rport=137 | protocol=17 | dir=out | app=system |
"{215078B0-9648-4185-B6E1-270E357B8497}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{369721CE-34CA-448E-BA1B-F8811516B620}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3732A7AB-412D-43B7-A70F-466B01794E57}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{447494C0-4902-479C-86CF-237D119FAD96}" = rport=139 | protocol=6 | dir=out | app=system |
"{5D12001A-FD74-4B22-AF2A-8FB8FB928044}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{68B3DEBD-CCA3-4A3D-92C0-026EE5BE8B53}" = lport=139 | protocol=6 | dir=in | app=system |
"{73F54571-ADAB-49D8-9A24-9D9050DBE5BC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{75ADB359-F7EC-461B-A2C2-EA5306D4C444}" = lport=445 | protocol=6 | dir=in | app=system |
"{8DCD10E7-2AC1-46F8-834A-7BC891FCB7A4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AD37D9E5-28B9-454A-98F7-7781AD77E191}" = rport=138 | protocol=17 | dir=out | app=system |
"{B71919C3-F3D3-4B2F-9D1A-B7A1C9E1F184}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB3AB213-FFBE-4FB6-9BCC-E0C1ABCFF8A3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CA2B12FA-C8C7-4124-B521-B480B8305136}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E0A6C6D6-B838-4D23-999A-8555AC383F96}" = lport=138 | protocol=17 | dir=in | app=system |
"{E7848E9E-BBF5-47BD-AB27-FCEB460930D6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E8B48965-CD40-4785-B1DA-335F14DEA798}" = lport=137 | protocol=17 | dir=in | app=system |
"{FAFCE8D3-CB82-4833-B089-AF80D3F85959}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B5015A6-F8B4-458B-B43C-AFBD5A7F23D6}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{1047E07A-1D7A-482D-B996-0C50C5C49CF8}" = protocol=58 | dir=out | [email protected],-28546 |
"{34F8F058-BCA1-44F4-B317-A38CDE9C6FC6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3CCBDC02-A538-4C51-987A-784340B70024}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4685D7BA-963B-4501-AD32-4C0DE416EFF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C660E19-7363-4512-BEBD-0CA54DDD2BEC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{53E90A73-7A65-4112-80CB-1B7E27C9192D}" = protocol=58 | dir=in | [email protected],-28545 |
"{6151F2C8-BA71-4888-9E71-C71B084D8404}" = protocol=6 | dir=in | app=c:\users\ionela\appdata\roaming\utorrent\utorrent.exe |
"{6FDC06AA-89FD-40EA-AE1E-22E336662ECB}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{7EFAB3B1-CC68-49DC-AAA2-5523CB22543B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83A88710-5B75-442B-ADDF-B66513C6A811}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{92A14DDC-55AF-4E32-A3C1-17CF231F5D27}" = protocol=6 | dir=out | app=system |
"{A3BC5AB8-037B-43A3-BF3A-844B91672C64}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{A6D2FA08-00B8-4570-B0E5-010C570BDC47}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9B4996F-CC3F-430F-9F22-6E6ADA770565}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2DC8E86-BCCE-4E42-B67E-9C4FFD96FA1E}" = protocol=1 | dir=out | [email protected],-28544 |
"{B3384A11-71B1-4460-8242-5B2E8AFDFF28}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C8F82105-847F-43EC-97F8-A2D58D689E08}" = protocol=1 | dir=in | [email protected],-28543 |
"{E971166F-FF0A-4648-A41C-9F187568DB57}" = protocol=17 | dir=in | app=c:\users\ionela\appdata\roaming\utorrent\utorrent.exe |
"{EADEDF0E-D2F2-4200-B834-1AC3892E4035}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE1BA7E2-F956-492D-BF8E-7FABCDC4EBC1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{F4027316-62EF-40E2-BE01-9EE605050824}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"BitDefender Gonzales" = Bitdefender Antivirus Free Edition
"CCleaner" = CCleaner
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Speccy" = Speccy
"TeamViewer 9" = TeamViewer 9
"VLC media player" = VLC media player 2.1.3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4242884351-395590125-1954816557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/18/2014 11:16:51 PM | Computer Name = IONELA-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/18/2014 1:55:06 PM | Computer Name = IONELA-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/18/2014 1:56:08 PM | Computer Name = IONELA-PC | Source = Application Error | ID = 1000
Description = Faulting application name: setupdownloader.exe, version: 17.11.0.383,
time stamp: 0x51937d88 Faulting module name: setupdownloader.exe, version: 17.11.0.383,
time stamp: 0x51937d88 Exception code: 0xc0000417 Fault offset: 0x00018e30 Faulting
process id: 0xdc4 Faulting application start time: 0x01cf2cd2b272075c Faulting application
path: C:\Program Files\Common Files\Bitdefender\setupinformation\setupdownloader.exe
Faulting
module path: C:\Program Files\Common Files\Bitdefender\setupinformation\setupdownloader.exe
Report
Id: f12e5f4a-98c5-11e3-b659-0025223cebbc

Error - 2/18/2014 1:56:17 PM | Computer Name = IONELA-PC | Source = Application Error | ID = 1000
Description = Faulting application name: setupdownloader.exe, version: 17.11.0.383,
time stamp: 0x51937d88 Faulting module name: setupdownloader.exe, version: 17.11.0.383,
time stamp: 0x51937d88 Exception code: 0xc0000417 Fault offset: 0x00018e30 Faulting
process id: 0x454 Faulting application start time: 0x01cf2cd2b8d59488 Faulting application
path: C:\Program Files\Common Files\Bitdefender\setupinformation\setupdownloader.exe
Faulting
module path: C:\Program Files\Common Files\Bitdefender\setupinformation\setupdownloader.exe
Report
Id: f69ebc9a-98c5-11e3-b659-0025223cebbc

Error - 2/18/2014 1:56:34 PM | Computer Name = IONELA-PC | Source = Application Error | ID = 1000
Description = Faulting application name: setupdownloader.exe, version: 17.11.0.383,
time stamp: 0x51937d88 Faulting module name: setupdownloader.exe, version: 17.11.0.383,
time stamp: 0x51937d88 Exception code: 0xc0000417 Fault offset: 0x00018e30 Faulting
process id: 0x8c8 Faulting application start time: 0x01cf2cd2c30f6a8c Faulting application
path: C:\Program Files\Common Files\Bitdefender\setupinformation\setupdownloader.exe
Faulting
module path: C:\Program Files\Common Files\Bitdefender\setupinformation\setupdownloader.exe
Report
Id: 00d16b90-98c6-11e3-b659-0025223cebbc

Error - 2/18/2014 2:06:43 PM | Computer Name = IONELA-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/18/2014 3:07:34 PM | Computer Name = IONELA-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 11.0.9600.16428 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: acc Start
Time: 01cf2cd55f513d89 Termination Time: 2924 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

Error - 2/18/2014 4:18:14 PM | Computer Name = IONELA-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/19/2014 1:10:54 AM | Computer Name = IONELA-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2/18/2014 11:10:04 PM | Computer Name = 37L4247F27-08 | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 2/18/2014 2:01:08 PM | Computer Name = IONELA-PC | Source = Service Control Manager | ID = 7000
Description = The bdfwfpf service failed to start due to the following error: %%2

Error - 2/18/2014 2:02:23 PM | Computer Name = IONELA-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error - 2/18/2014 2:02:23 PM | Computer Name = IONELA-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed
to start due to the following error: %%1053

Error - 2/18/2014 2:03:47 PM | Computer Name = IONELA-PC | Source = DCOM | ID = 10010
Description =

Error - 2/18/2014 4:16:47 PM | Computer Name = IONELA-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:15:56 PM on ?2/?18/?2014 was unexpected.


< End of report >

Edited by justme22, 19 February 2014 - 08:15 AM.

  • 0

Advertisements

#2
justme22
Posted 19 February 2014 - 08:16 AM

justme22

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
ups, forgot to post the main one.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP