comp acting odd

J

jc3777

New Member
Thread author
Verified
Apr 27, 2013
47
oh great keep getting malicious website blocked by mbam

can I scan again for malware please

i was an idiot and downloaded something p2p
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
When do you get the malicious website pop ups? Do you get them when you visit certain site? Or when you use P2P programs?
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
There's the source. Malwarebytes and many other security software vendors flag P2P sites and IPs because they are known for malware distribution and illegal software distribution. Although the P2P clients are clean, many of the files you download are not.

P2P files are often the source of malware attacks, so everytime you use it, you are risking your PC. No antivirus can detect 100% of the malware so eventually, one will bypass your security.
 
J

jc3777

New Member
Thread author
Verified
Apr 27, 2013
47
I scanned the files i downloaded again and they were clean and have now stopped p2p
can I scan to see if its clear please?
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
You can give a scan with Malwarebytes. Also, you would like, you can do another OTL scan just like before and attach the logs here
 
J

jc3777

New Member
Thread author
Verified
Apr 27, 2013
47
let me know if its clear please?

OTL logfile created on: 11/05/2013 21:29:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 44.20% Memory free
6.20 Gb Paging File | 4.03 Gb Available in Paging File | 64.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 170.06 Gb Free Space | 58.98% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 3.89 Gb Free Space | 39.81% Space Free | Partition Type: NTFS

Computer Name: DELL-530 | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Chris\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
PRC - C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
PRC - C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe (Bitdefender)
PRC - C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe (VSO Software SARL)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Bitdefender\Bitdefender 2013\ui\bdidntconp.ui ()
MOD - C:\Program Files\Bitdefender\Bitdefender 2013\bdidntconp.dll ()
MOD - C:\Program Files\VideoLAN\VLC\libvlccore.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\libvlc.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll ()
MOD - C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qgif4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qjpeg4.dll ()


========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
SRV - (BdDesktopParental) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (KSS) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (mbr) -- C:\Users\Chris\AppData\Local\Temp\mbr.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (gttap1) -- system32\DRIVERS\gttap1.sys File not found
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf_x86.sys (Secunia)
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (BDSandBox) -- C:\Windows\System32\drivers\bdsandbox.sys (BitDefender SRL)
DRV - (avchv) -- C:\Windows\System32\drivers\avchv.sys (BitDefender)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC)
DRV - (bdselfpr) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys (BitDefender LLC)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (bdftdif) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)
DRV - (MOSUMAC) -- C:\Windows\System32\drivers\MOSUMAC.SYS (--)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D7 F4 51 2E 49 4E CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/05/06 13:44:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/06 13:44:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/06 13:44:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/06 13:44:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013/05/06 17:41:26 | 000,000,000 | ---D | M]

[2012/07/03 05:03:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2013/05/08 22:35:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\fzo7gk9z.default-1368028199828\extensions
[2013/05/08 22:35:51 | 000,534,214 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\fzo7gk9z.default-1368028199828\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/05/08 21:48:49 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\fzo7gk9z.default-1368028199828\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/11 23:12:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/11 23:12:36 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/04/03 17:01:59 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/29 11:01:32 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2013/04/03 17:01:59 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Docs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealDownloader = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\
CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/05/08 22:12:56 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O4 - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71}: DhcpNameServer = 192.168.0.203
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/11 21:28:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013/05/11 12:02:56 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Chris\Desktop\dds.com
[2013/05/11 11:42:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/05/08 22:15:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\temp
[2013/05/08 16:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/05/08 16:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/05/08 16:50:03 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Old Firefox Data-1
[2013/05/07 18:43:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2013/05/07 18:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2013/05/06 18:12:12 | 000,072,704 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2013/05/06 17:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2013/05/06 17:41:26 | 000,078,144 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys
[2013/05/06 17:41:26 | 000,066,392 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys
[2013/05/06 17:41:14 | 000,486,536 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2013/05/06 17:41:13 | 000,633,344 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2013/05/06 17:36:35 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Bitdefender
[2013/05/06 17:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013/05/06 17:34:45 | 000,162,976 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2013/05/06 17:34:44 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2013/05/06 15:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013/05/06 15:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013/05/06 15:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013/05/06 14:26:29 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\VS Revo Group
[2013/05/06 14:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/05/06 14:26:19 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2013/05/06 14:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2013/05/06 00:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch
[2013/05/02 22:55:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2(16540)
[2013/05/02 22:53:17 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/05/02 22:29:47 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/05/02 12:44:54 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/04/28 11:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2013/04/26 21:44:24 | 000,000,000 | ---D | C] -- C:\Casino
[2013/04/16 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\cache
[2013/04/16 20:47:44 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\FullTiltPoker
[2013/04/16 20:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
[2013/04/16 20:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\Full Tilt Poker
[2013/04/16 13:17:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/04/15 16:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/04/15 16:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2013/04/15 16:40:40 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2013/04/15 16:40:40 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSSTDFMT.DLL
[2013/04/15 16:27:26 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Open Command Window Here (Administrator)
[2013/04/14 19:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/04/11 23:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/04/11 22:27:41 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Chris\Desktop\tdsskiller(1).exe
[2011/12/28 15:52:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Chris\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/05/11 21:30:40 | 000,040,448 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/11 21:28:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013/05/11 21:28:03 | 000,001,041 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
[2013/05/11 21:27:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/11 20:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/11 19:39:41 | 000,005,184 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/11 19:39:41 | 000,005,184 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/11 12:19:10 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/05/11 12:02:57 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Chris\Desktop\dds.com
[2013/05/11 11:46:08 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/11 11:46:08 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/11 11:42:10 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/11 11:39:57 | 003,610,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/11 11:38:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/08 22:12:56 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/08 16:20:45 | 000,000,706 | ---- | M] () -- C:\Users\Chris\Desktop\cleansilverlight.cmd
[2013/05/07 22:21:55 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2013/05/07 18:42:41 | 000,000,954 | ---- | M] () -- C:\Users\Chris\Desktop\Kaspersky Security Scan.lnk
[2013/05/06 18:12:12 | 000,072,704 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2013/05/06 17:43:15 | 000,253,404 | -H-- | M] () -- C:\bdr-ld02
[2013/05/06 17:43:15 | 000,009,216 | -H-- | M] () -- C:\bdr-ld02.mbr
[2013/05/06 17:43:15 | 000,000,308 | -H-- | M] () -- C:\bdr-cf02
[2013/05/06 17:41:56 | 000,001,957 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk
[2013/05/06 17:41:56 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/05/06 14:42:40 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2013/05/06 14:42:31 | 000,000,680 | ---- | M] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2013/05/06 14:26:22 | 000,001,089 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/05/06 14:26:22 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/05/06 14:13:38 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/05/06 14:13:38 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/05/02 13:19:20 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013/05/02 13:19:20 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013/05/02 13:19:20 | 000,000,308 | -H-- | M] () -- C:\bdr-cf01
[2013/05/02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/04/28 22:18:47 | 000,910,996 | ---- | M] () -- C:\Users\Chris\AppData\Local\census.cache
[2013/04/28 22:18:33 | 000,163,945 | ---- | M] () -- C:\Users\Chris\AppData\Local\ars.cache
[2013/04/24 12:56:34 | 003,459,204 | ---- | M] () -- C:\Users\Chris\Desktop\RacingPost(3).pdf
[2013/04/24 09:53:28 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/04/18 19:03:14 | 000,355,527 | ---- | M] () -- C:\Users\Chris\Desktop\X-Circle-Green-icon.png
[2013/04/17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2013/04/17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2013/04/16 20:47:08 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2013/04/16 13:25:20 | 000,001,995 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/04/16 13:17:59 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/15 16:52:55 | 000,000,899 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013/04/14 18:23:55 | 000,000,021 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS.MVP
[2013/04/14 16:53:34 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/04/11 22:27:44 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Chris\Desktop\tdsskiller(1).exe

========== Files Created - No Company Name ==========

[2013/05/11 00:01:32 | 000,001,041 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
[2013/05/08 16:20:45 | 000,000,706 | ---- | C] () -- C:\Users\Chris\Desktop\cleansilverlight.cmd
[2013/05/07 22:21:55 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2013/05/07 18:43:17 | 000,000,954 | ---- | C] () -- C:\Users\Chris\Desktop\Kaspersky Security Scan.lnk
[2013/05/06 17:43:15 | 000,000,308 | -H-- | C] () -- C:\bdr-cf02
[2013/05/06 17:41:56 | 000,001,957 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk
[2013/05/06 17:41:56 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/05/06 17:36:31 | 002,294,848 | -H-- | C] () -- C:\bdr-bz02
[2013/05/06 17:36:31 | 000,009,216 | -H-- | C] () -- C:\bdr-ld02.mbr
[2013/05/06 17:36:30 | 036,573,121 | -H-- | C] () -- C:\bdr-im02.gz
[2013/05/06 17:36:30 | 000,253,404 | -H-- | C] () -- C:\bdr-ld02
[2013/05/06 14:42:38 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2013/05/06 14:26:22 | 000,001,089 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/05/06 14:26:22 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/05/06 12:27:02 | 000,000,680 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2013/05/02 13:19:20 | 000,000,308 | -H-- | C] () -- C:\bdr-cf01
[2013/05/02 13:11:09 | 002,294,848 | -H-- | C] () -- C:\bdr-bz01
[2013/05/02 13:11:09 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013/05/02 13:11:08 | 036,573,121 | -H-- | C] () -- C:\bdr-im01.gz
[2013/05/02 13:11:08 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013/04/24 12:56:33 | 003,459,204 | ---- | C] () -- C:\Users\Chris\Desktop\RacingPost(3).pdf
[2013/04/18 19:03:07 | 000,355,527 | ---- | C] () -- C:\Users\Chris\Desktop\X-Circle-Green-icon.png
[2013/04/16 20:47:08 | 000,000,860 | ---- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2013/04/16 13:17:59 | 000,001,995 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/04/16 13:17:59 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/16 13:17:04 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/16 13:17:03 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/15 16:52:55 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013/04/15 16:52:55 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2013/04/14 13:57:16 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2013/02/05 18:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/01/13 18:03:01 | 003,610,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/16 15:09:21 | 000,711,240 | ---- | C] () -- C:\Windows\is-L5DGO.exe
[2012/06/03 09:55:32 | 000,040,448 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/11 11:10:35 | 000,000,258 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2012/03/18 21:07:14 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/01/13 09:10:03 | 000,910,996 | ---- | C] () -- C:\Users\Chris\AppData\Local\census.cache
[2012/01/13 09:09:35 | 000,163,945 | ---- | C] () -- C:\Users\Chris\AppData\Local\ars.cache
[2012/01/13 08:12:43 | 000,000,036 | ---- | C] () -- C:\Users\Chris\AppData\Local\housecall.guid.cache
[2011/12/28 15:52:30 | 000,007,887 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.cat
[2011/12/28 15:52:30 | 000,001,144 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.inf
[2011/12/23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/12/23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/12/23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/12/23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/05/06 17:36:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Bitdefender
[2012/03/30 08:47:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/03/18 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leawo
[2012/03/19 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2013/04/04 18:40:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Opera
[2013/04/08 22:04:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\QuickScan
[2012/09/12 14:33:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Samsung
[2012/06/16 00:21:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Temp
[2012/03/18 21:08:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\tiger-k
[2013/05/11 11:31:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent
[2013/05/11 21:28:02 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Vso
[2012/04/17 10:29:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Wondershare

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Chris\Desktop\VTS_01_1.VOB:TOC.WMV
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

OTL Extras logfile created on: 11/05/2013 21:29:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 44.20% Memory free
6.20 Gb Paging File | 4.03 Gb Available in Paging File | 64.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 170.06 Gb Free Space | 58.98% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 3.89 Gb Free Space | 39.81% Space Free | Partition Type: NTFS

Computer Name: DELL-530 | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- c:\program files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{95C5F95E-62D7-4526-9C15-BCE6ABA4F874}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{E666F7E6-14C7-46A7-AEBB-325E67946372}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1" = Leawo Video Converter version 5.1.0.0
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.5
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Bitdefender" = Bitdefender Internet Security 2013
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"EasyBCD" = EasyBCD 1.7
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow [rev 2180] [2008-10-04]
"FileHippo.com" = FileHippo.com Update Checker
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Standard)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero7Lite_is1" = Nero 7 Lite 7.10.1.2
"Opera 12.15.1748" = Opera 12.15
"RealPlayer 16.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.94
"Secunia PSI" = Secunia PSI (3.0.0.6005)
"Skitch 1.0.2.0" = Skitch
"VLC media player" = VLC media player 2.0.6
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"YouTube Downloader App" = YouTube Downloader App 3.00

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 08/05/2013 17:05:45 | Computer Name = DELL-530 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 08/05/2013 17:15:30 | Computer Name = DELL-530 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 08/05/2013 17:15:30 | Computer Name = DELL-530 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 10/05/2013 15:03:05 | Computer Name = DELL-530 | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: a38 Start Time: 01ce4c32b7d6560a Termination Time: 75

Error - 10/05/2013 15:03:33 | Computer Name = DELL-530 | Source = Application Hang | ID = 1002
Description = The program Explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 16f8 Start Time: 01ce4db100f45e2a Termination Time: 9

Error - 10/05/2013 15:17:02 | Computer Name = DELL-530 | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 834 Start Time: 01ce4db1992ff4ff Termination Time: 0

Error - 10/05/2013 15:18:54 | Computer Name = DELL-530 | Source = Application Hang | ID = 1002
Description = The program vlc.exe version 2.0.6.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 175c Start Time: 01ce4db26ffd65df Termination Time: 5

Error - 10/05/2013 15:37:23 | Computer Name = DELL-530 | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 20.0.1.4847 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 13c0 Start Time: 01ce4db36cecc56f Termination Time: 10

Error - 11/05/2013 06:43:07 | Computer Name = DELL-530 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/05/2013 06:43:07 | Computer Name = DELL-530 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 10/05/2013 15:47:58 | Computer Name = DELL-530 | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 10/05/2013 15:48:01 | Computer Name = DELL-530 | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 10/05/2013 15:48:04 | Computer Name = DELL-530 | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 10/05/2013 15:48:06 | Computer Name = DELL-530 | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 10/05/2013 15:50:32 | Computer Name = DELL-530 | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 10/05/2013 15:50:35 | Computer Name = DELL-530 | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 10/05/2013 15:50:37 | Computer Name = DELL-530 | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 10/05/2013 15:51:02 | Computer Name = DELL-530 | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 11/05/2013 06:36:00 | Computer Name = DELL-530 | Source = DCOM | ID = 10010
Description =

Error - 11/05/2013 06:36:40 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7011
Description =


< End of report >
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Could be a damaged driver or a physically damaged disk that requires cleaning.

http://techsnsecurity.blogspot.ca/2006/08/device-devicecdrom0-has-bad-block.html
 
J

jc3777

New Member
Thread author
Verified
Apr 27, 2013
47
yeah was going thru all my disks and a lot of them were scratched and wouldnt work
do i need a new drive or just to clean it?
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
You're welcome :)

I would try to clean it first. If that doesn't work, then I guess a new drive is needed if the error keeps popping out.
 

Similar threads

natem5212
    • Like
  • Locked
14 day battle with little sleep for control of my laptop.
Replies
4
Views
898
Windows Malware Removal Help & Support
nasdaq
nasdaq
snadge
Advice Request Infected Inbox, dodgy threat emails
Replies
7
Views
532
General Security Discussions
snadge
snadge
A
    • Like
    • Applause
Battle Need Help Choosing Between Three AVs
Replies
36
Views
3,262
Software Comparison
a090
A

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top