Jump to content

All downloads show as infected


Recommended Posts

For future reference, I need some decent details besides "same results". Words & details will do. No graphic snapshots needed.

Let's have you remove again MSE and now this time, get & install Avira free antivirus ( a very capable a-v)

See this Microsoft article http://support.microsoft.com/kb/2483120

To remove MS Security Essentials, click on the Fix it button for Fix it # 50692

You will see it just under the title "Fix It for me".

When all completed, then logoff and restart the system fresh

Download and SAVE Avira Free Antivirus to a unique folder.

Then run the Setup for Avira and follow the prompts.

Link to post
Share on other sites

OK, very well.

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

  • Close all open windows on the Task Bar. Click the otlDesktopIcon.png icon (for Vista, or Windows 7 or 8 Right click the icon and Run as Administrator) to start the program.
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  • Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
  • It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
  • Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
  • Exit OTL by clicking the X at top right.

Download Security Check by screen317 and save it to your Desktop: here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Then copy/paste the following into your post (in order):
  • the contents of OTL.txt;
  • the contents of Extras.txt ; and
  • the contents of checkup.txt

Be sure to do a Preview prior to pressing Add Reply because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

OTL logfile created on: 6/7/2013 3:50:38 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mills\Desktop

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16576)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

12.00 Gb Total Physical Memory | 10.17 Gb Available Physical Memory | 84.78% Memory free

23.99 Gb Paging File | 20.92 Gb Available in Paging File | 87.18% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 931.42 Gb Total Space | 719.80 Gb Free Space | 77.28% Space Free | Partition Type: NTFS

Drive F: | 465.76 Gb Total Space | 121.17 Gb Free Space | 26.02% Space Free | Partition Type: NTFS

Computer Name: MILLS7 | User Name: Mills | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/07 15:49:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mills\Desktop\OTL.exe

PRC - [2013/06/06 21:31:28 | 000,291,088 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe

PRC - [2013/05/30 19:12:53 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2013/05/30 19:11:56 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2013/05/30 19:11:54 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2013/05/29 00:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2013/04/10 17:48:34 | 003,497,552 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe

PRC - [2012/11/01 17:45:00 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2012/10/23 17:58:52 | 000,120,728 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe

PRC - [2012/10/23 17:58:40 | 000,694,168 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe

PRC - [2012/09/29 13:51:02 | 002,223,464 | ---- | M] (FSPro Labs) -- C:\Program Files\My Lockbox\mylbx.exe

PRC - [2012/09/07 21:36:46 | 000,087,992 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

PRC - [2012/03/27 09:20:36 | 001,013,696 | ---- | M] (Cyber Power Systems, Inc.) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe

PRC - [2012/03/27 09:20:14 | 000,350,144 | ---- | M] (Cyber Power Systems, Inc.) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe

PRC - [2011/10/17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2011/10/17 16:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

PRC - [2011/09/02 17:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe

PRC - [2011/02/11 10:41:29 | 000,603,896 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

PRC - [2010/07/07 16:39:10 | 009,936,000 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe

PRC - [2010/06/24 14:19:50 | 000,109,056 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe

PRC - [2010/03/25 11:02:16 | 000,611,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe

PRC - [2009/12/28 21:35:30 | 000,629,888 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AASP\1.01.02\aaCenter.exe

PRC - [2009/11/02 10:27:30 | 002,164,864 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe

PRC - [2009/10/20 15:52:32 | 004,010,496 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\T Probe\TProbe.exe

PRC - [2009/06/04 01:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe

PRC - [2009/06/04 01:49:56 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe

PRC - [2009/02/23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/05/16 03:33:48 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll

MOD - [2013/05/16 03:33:25 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll

MOD - [2013/05/16 03:33:15 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll

MOD - [2013/04/10 17:48:36 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dll

MOD - [2013/02/13 04:44:52 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll

MOD - [2013/01/09 04:50:30 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c4fa75aed82f50d4a7831755a0c4f7b2\IAStorUtil.ni.dll

MOD - [2013/01/09 04:50:30 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\521a6a2a0bdc82ad5f0ec5aecb6b8c82\IAStorCommon.ni.dll

MOD - [2013/01/09 04:48:16 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll

MOD - [2013/01/09 04:47:48 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll

MOD - [2013/01/09 04:47:29 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll

MOD - [2013/01/09 04:47:25 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll

MOD - [2013/01/09 04:47:21 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll

MOD - [2012/10/23 17:58:40 | 000,694,168 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe

MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2010/06/30 15:03:14 | 000,051,512 | ---- | M] () -- C:\Program Files\My Lockbox\FSPFlt.dll

MOD - [2010/06/01 10:38:40 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll

MOD - [2009/07/29 10:38:30 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\T Probe\pngio.dll

MOD - [2009/06/04 01:55:20 | 000,002,560 | ---- | M] () -- C:\Windows\SysWOW64\CTXFIRES.DLL

MOD - [2009/04/13 10:37:34 | 000,188,928 | ---- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.01.02\aasp.dll

MOD - [2009/04/07 09:25:44 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\vvc.dll

MOD - [2009/03/26 15:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL

MOD - [2008/01/17 16:46:20 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\cpuutil.dll

MOD - [2008/01/17 16:46:20 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.01.02\cpuutil.dll

MOD - [2006/01/10 03:50:20 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll

MOD - [2005/06/22 17:39:56 | 000,204,851 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\PowerDll.dll

MOD - [2005/06/22 17:39:56 | 000,204,851 | ---- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.01.02\PowerDll.dll

MOD - [2004/12/14 10:08:44 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\AsHtmlEngine.dll

MOD - [2004/02/05 17:44:58 | 000,373,760 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\SoundPlay.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2013/05/29 16:04:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2011/10/25 21:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2013/06/06 21:31:28 | 000,291,088 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)

SRV - [2013/05/30 19:12:53 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2013/05/30 19:11:56 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2013/05/14 17:54:00 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/05/11 17:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/11/01 17:45:00 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2012/10/23 17:58:52 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)

SRV - [2012/09/07 21:36:46 | 000,087,992 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)

SRV - [2012/03/27 09:20:36 | 001,013,696 | ---- | M] (Cyber Power Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)

SRV - [2011/10/17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2011/09/02 17:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)

SRV - [2011/02/11 10:41:29 | 000,603,896 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)

SRV - [2010/06/24 14:19:50 | 000,109,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/12 17:41:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010/03/12 17:29:49 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/02/23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/05/30 19:13:23 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2013/05/30 19:13:23 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2013/05/30 19:13:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/11/29 14:54:54 | 000,052,320 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)

DRV:64bit: - [2012/09/26 14:40:34 | 000,031,328 | ---- | M] (System Level Solutions (India) Pvt. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\slsusb.sys -- (slsusb)

DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/01/04 09:28:36 | 000,016,640 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtkdrv.sys -- (TrojanKillerDriver)

DRV:64bit: - [2011/10/25 22:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011/10/25 20:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011/10/17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2011/06/06 17:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2011/03/21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/02/11 10:27:37 | 000,022,752 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)

DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/07/22 18:13:28 | 000,054,848 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd.sys -- (FSProFilter)

DRV:64bit: - [2010/03/09 05:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009/07/18 00:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)

DRV:64bit: - [2009/07/15 22:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/10 14:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/04 03:49:58 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)

DRV:64bit: - [2009/06/04 03:49:42 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)

DRV:64bit: - [2009/06/04 03:49:34 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV:64bit: - [2009/06/04 03:49:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV:64bit: - [2009/06/04 03:49:18 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)

DRV:64bit: - [2009/06/04 03:49:08 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)

DRV:64bit: - [2009/06/04 03:49:00 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)

DRV:64bit: - [2009/06/04 03:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)

DRV:64bit: - [2009/06/04 03:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV:64bit: - [2009/06/04 03:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)

DRV:64bit: - [2009/06/04 03:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV:64bit: - [2009/06/04 03:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)

DRV:64bit: - [2009/06/04 03:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)

DRV:64bit: - [2008/11/11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)

DRV:64bit: - [2008/11/11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)

DRV:64bit: - [2008/11/11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)

DRV:64bit: - [2008/09/24 16:03:22 | 000,092,160 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)

DRV - [2011/06/02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)

DRV - [2010/04/13 20:31:19 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- C:\real temp\WinRing0x64.sys -- (WinRing0_1_2_0)

DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [1999/10/21 09:12:52 | 000,020,400 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Entech.sys -- (ENTECH)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 45 9E AC 5F 61 CE 01 [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {6ABD749D-3843-4056-9674-F9B4D965DCE4}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR

IE - HKCU\..\SearchScopes\{6ABD749D-3843-4056-9674-F9B4D965DCE4}: "URL" = http://www.google.co...utputEncoding?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mills\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mills\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/29 22:21:28 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/28 16:35:48 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/01 16:08:22 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/29 22:21:28 | 000,000,000 | ---D | M]

[2010/03/12 17:47:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mills\AppData\Roaming\Mozilla\Extensions

[2013/05/29 18:03:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mills\AppData\Roaming\Mozilla\Firefox\Profiles\nh1h2bwk.default\extensions

[2013/05/28 16:35:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[2013/05/28 16:35:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}

CHR - homepage:

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

O1 HOSTS File: ([2013/05/29 17:26:25 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()

O4 - HKLM..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe (Cyber Power Systems, Inc.)

O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [T Probe] C:\Program Files (x86)\ASUS\T Probe\TProbe.exe (ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)

O4 - HKCU..\Run: [44225B1786A2EBF23F237EC921537BA85BF6512C._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)

O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.syste...ri_4.1.71.0.cab (SysInfo Class)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {22CF8705-058B-4C21-9F44-09FEC1175BEB} http://192.168.0.7/camclictrl.cab (Camera Noitification Class)

O16 - DPF: {3528A58B-595D-4AFD-A5F6-B914BD306DC3} http://dishconnectiv...SlingHealth.cab (SlingHealth Class)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.3.cab (DLM Control)

O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://216.176.64.9...ries/vpnweb.cab (Cisco AnyConnect VPN Client Web Control)

O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} http://192.168.0.7/camclictrl.cab (Camera Stream Client Control Object)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)

O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefi...er_4.0.53.0.cab (Battlefield Heroes Updater)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {89A32C64-6176-4D10-BCA3-10B0079818FA} https://exchange2010...bComponents.cab (SCDeviceMonitor Class)

O16 - DPF: {B80CD4E6-5B02-4B6C-99BE-68F1511E9549} http://plugin.slingb...SlingPlayer.cab (WebSlingPlayer)

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...tel_4.5.2.0.cab (SysInfo Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15111/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.168.12 97.64.183.165

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D74E2728-5585-4876-966D-79A66B088B6E}: DhcpNameServer = 97.64.168.12 97.64.183.165

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2013/05/20 16:10:33 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/07 15:48:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mills\Desktop\OTL.exe

[2013/06/03 15:39:26 | 000,000,000 | ---D | C] -- C:\Users\Mills\Desktop\Truck Music

[2013/05/30 19:19:57 | 000,000,000 | ---D | C] -- C:\Users\Mills\AppData\Roaming\Avira

[2013/05/30 19:16:23 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys

[2013/05/30 19:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2013/05/30 19:14:17 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys

[2013/05/30 19:14:17 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2013/05/30 19:14:17 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys

[2013/05/30 19:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2013/05/30 19:14:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2013/05/29 17:34:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2

[2013/05/29 17:32:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2013/05/29 17:30:43 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2013/05/29 17:05:28 | 000,000,000 | ---D | C] -- C:\RegBackup

[2013/05/29 16:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

[2013/05/29 16:17:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com

[2013/05/29 16:15:16 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2013/05/29 16:15:04 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs

[2013/05/28 17:27:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group

[2013/05/28 16:34:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

[2013/05/27 21:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

[2013/05/27 21:16:46 | 000,000,000 | ---D | C] -- C:\Users\Mills\Desktop\anti root kit

[2013/05/27 20:17:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013/05/27 19:38:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013/05/27 19:38:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013/05/27 19:38:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013/05/27 19:38:28 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013/05/27 19:37:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2013/05/27 19:37:00 | 005,073,915 | R--- | C] (Swearware) -- C:\Users\Mills\Desktop\ComboFix.exe

[2013/05/22 20:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2013/05/22 17:42:17 | 000,000,000 | ---D | C] -- C:\Users\Mills\Desktop\fixers

[2013/05/22 17:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

[2013/05/22 17:39:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT

[2013/05/21 18:09:01 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Mills\Desktop\dds (1).com

[2013/05/20 17:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer

[2013/05/20 16:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group

[2013/05/16 22:22:34 | 000,000,000 | ---D | C] -- C:\Users\Mills\Desktop\RK_Quarantine

[2013/05/16 03:01:40 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013/05/16 03:01:40 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013/05/16 03:01:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2013/05/16 03:01:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2013/05/16 03:01:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2013/05/16 03:01:38 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013/05/16 03:01:38 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2013/05/16 03:01:38 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2013/05/16 03:01:38 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2013/05/16 03:01:38 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2013/05/16 03:01:38 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2013/05/16 03:01:38 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2013/05/16 03:01:36 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013/05/16 03:01:36 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013/05/16 03:01:35 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013/05/15 17:35:27 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys

[2013/05/15 17:35:26 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll

[2013/05/15 17:35:11 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll

[2013/05/15 17:35:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll

[2013/05/15 17:35:10 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll

[2013/05/15 17:35:10 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe

[2013/05/15 17:35:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/07 15:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/06/07 15:49:34 | 000,890,839 | ---- | M] () -- C:\Users\Mills\Desktop\SecurityCheck.exe

[2013/06/07 15:49:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mills\Desktop\OTL.exe

[2013/06/07 15:40:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/06/07 15:38:55 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2250279306-3369638872-2566183304-1001Core.job

[2013/06/07 15:38:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/06/07 15:38:54 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2250279306-3369638872-2566183304-1001UA.job

[2013/06/07 01:18:37 | 000,060,992 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000007-00000000-00000002-00001102-00000005-00311102}.rfx

[2013/06/07 01:18:37 | 000,060,992 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000007-00000000-00000002-00001102-00000005-00311102}.rfx

[2013/06/07 01:18:37 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000007-00000000-00000002-00001102-00000005-00311102}.rfx

[2013/06/06 21:31:28 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2013/06/06 21:31:28 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2013/06/06 21:31:19 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2013/06/06 17:40:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/06/05 18:59:35 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013/06/03 16:06:35 | 000,797,414 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/06/03 16:06:35 | 000,672,392 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/06/03 16:06:35 | 000,126,414 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/05/30 19:16:22 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys

[2013/05/30 19:14:30 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2013/05/30 19:13:23 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys

[2013/05/30 19:13:23 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2013/05/30 19:13:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys

[2013/05/29 18:22:21 | 000,015,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/05/29 18:22:21 | 000,015,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/05/29 18:16:14 | 1072,181,246 | -HS- | M] () -- C:\hiberfil.sys

[2013/05/29 17:59:29 | 000,002,150 | ---- | M] () -- C:\Windows\epplauncher.mif

[2013/05/29 17:30:52 | 000,413,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/05/29 17:28:50 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2013/05/29 17:26:25 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2013/05/29 17:25:01 | 000,797,414 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013/05/29 17:06:30 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-MILLS7-Microsoft-Windows-7-Professional-(64-bit).dat

[2013/05/29 16:01:22 | 000,000,302 | ---- | M] () -- C:\FixitRegBackup.reg

[2013/05/28 17:33:29 | 000,042,689 | ---- | M] () -- C:\Users\Mills\Desktop\mssefail.JPG

[2013/05/28 16:35:50 | 000,002,048 | ---- | M] () -- C:\Users\Mills\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013/05/28 16:35:50 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013/05/27 19:54:36 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_628

[2013/05/27 19:37:05 | 005,073,915 | R--- | M] (Swearware) -- C:\Users\Mills\Desktop\ComboFix.exe

[2013/05/22 20:16:05 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx

[2013/05/22 17:47:12 | 000,816,128 | ---- | M] () -- C:\Users\Mills\Desktop\RogueKiller (1).exe

[2013/05/22 17:39:19 | 000,000,928 | ---- | M] () -- C:\Users\Mills\Desktop\NTREGOPT.lnk

[2013/05/22 17:39:19 | 000,000,909 | ---- | M] () -- C:\Users\Mills\Desktop\ERUNT.lnk

[2013/05/21 18:08:58 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Mills\Desktop\dds (1).com

[2013/05/21 18:03:44 | 000,106,120 | ---- | M] () -- C:\Users\Mills\Desktop\servicefail.JPG

[2013/05/21 18:02:30 | 000,170,035 | ---- | M] () -- C:\Users\Mills\Desktop\denied.JPG

[2013/05/21 18:01:25 | 000,215,642 | ---- | M] () -- C:\Users\Mills\Desktop\deleted.JPG

[2013/05/20 23:10:04 | 000,002,306 | ---- | M] () -- C:\Users\Mills\Documents\Default.rdp

[2013/05/20 17:08:16 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk

[2013/05/20 16:10:33 | 000,000,000 | ---- | M] () -- C:\autoexec.bat

[2013/05/20 15:57:06 | 000,000,502 | ---- | M] () -- C:\Users\Mills\Documents\registry backup2.reg

[2013/05/20 15:56:26 | 000,000,502 | ---- | M] () -- C:\Users\Mills\Documents\registry backup.reg

[2013/05/14 17:54:00 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013/05/14 17:54:00 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/05/14 17:53:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/07 15:49:33 | 000,890,839 | ---- | C] () -- C:\Users\Mills\Desktop\SecurityCheck.exe

[2013/05/30 19:14:30 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2013/05/29 17:06:30 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-MILLS7-Microsoft-Windows-7-Professional-(64-bit).dat

[2013/05/28 17:33:28 | 000,042,689 | ---- | C] () -- C:\Users\Mills\Desktop\mssefail.JPG

[2013/05/28 16:49:38 | 000,000,302 | ---- | C] () -- C:\FixitRegBackup.reg

[2013/05/28 16:35:50 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013/05/27 19:38:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013/05/27 19:38:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013/05/27 19:38:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013/05/27 19:38:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013/05/27 19:38:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013/05/22 17:47:32 | 000,816,128 | ---- | C] () -- C:\Users\Mills\Desktop\RogueKiller (1).exe

[2013/05/22 17:39:19 | 000,000,928 | ---- | C] () -- C:\Users\Mills\Desktop\NTREGOPT.lnk

[2013/05/22 17:39:19 | 000,000,909 | ---- | C] () -- C:\Users\Mills\Desktop\ERUNT.lnk

[2013/05/21 18:03:44 | 000,106,120 | ---- | C] () -- C:\Users\Mills\Desktop\servicefail.JPG

[2013/05/21 18:02:30 | 000,170,035 | ---- | C] () -- C:\Users\Mills\Desktop\denied.JPG

[2013/05/21 18:01:24 | 000,215,642 | ---- | C] () -- C:\Users\Mills\Desktop\deleted.JPG

[2013/05/20 16:10:33 | 000,000,000 | ---- | C] () -- C:\autoexec.bat

[2013/05/20 15:57:06 | 000,000,502 | ---- | C] () -- C:\Users\Mills\Documents\registry backup2.reg

[2013/05/20 15:56:26 | 000,000,502 | ---- | C] () -- C:\Users\Mills\Documents\registry backup.reg

[2013/01/08 16:34:16 | 000,000,660 | ---- | C] () -- C:\Windows\SysWow64\sys32dlkb.dll

[2012/11/26 22:22:56 | 000,000,600 | ---- | C] () -- C:\Users\Mills\AppData\Local\PUTTY.RND

[2011/12/29 22:16:35 | 000,163,317 | ---- | C] () -- C:\Windows\hpoins37.dat.temp

[2011/12/29 22:16:35 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat.temp

[2011/12/01 17:00:24 | 000,007,597 | ---- | C] () -- C:\Users\Mills\AppData\Local\resmon.resmoncfg

[2011/11/29 16:40:07 | 000,000,312 | ---- | C] () -- C:\ProgramData\~B0Xp6Vta5dYk3W

[2011/11/29 16:40:07 | 000,000,216 | ---- | C] () -- C:\ProgramData\~B0Xp6Vta5dYk3Wr

[2011/11/29 16:40:01 | 000,000,448 | ---- | C] () -- C:\ProgramData\B0Xp6Vta5dYk3W

[2011/10/25 22:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll

[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll

[2011/10/25 20:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2011/10/25 20:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2011/10/25 18:44:04 | 000,187,816 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2011/09/30 15:30:15 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011/09/29 20:33:54 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys

[2011/09/29 20:33:54 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys

[2011/09/14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010/11/08 16:09:58 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 00:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 23:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010/10/19 15:24:15 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\AVG10

[2011/11/26 17:35:23 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\BF3CC

[2010/12/29 16:27:40 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\BFBC2CC

[2011/03/16 14:58:49 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\Cisco

[2011/09/28 18:52:53 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\com.amazon.music.uploader

[2013/04/29 22:04:28 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\DlinkViewCam

[2011/02/28 22:12:54 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\FinalMediaPlayer

[2011/03/03 17:14:35 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\GetRightToGo

[2013/03/21 21:10:58 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\JawboneUpdater

[2010/09/29 18:27:06 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\LaCie

[2012/11/07 17:18:14 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\MotoCast

[2012/03/13 15:41:55 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\Motorola

[2012/07/11 16:58:44 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\Motorola Mobility

[2011/12/10 00:12:01 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\Mumble

[2012/12/03 19:38:01 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\Origin

[2012/01/26 16:51:38 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\PrimoPDF

[2010/12/23 17:25:22 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\Sling Media

[2013/06/05 18:58:26 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\TeamViewer

[2013/06/06 22:18:16 | 000,000,000 | ---D | M] -- C:\Users\Mills\AppData\Roaming\TS3Client

========== Purity Check ==========

< End of report >

`

Link to post
Share on other sites

OTL Extras logfile created on: 6/7/2013 3:50:38 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mills\Desktop

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16576)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

12.00 Gb Total Physical Memory | 10.17 Gb Available Physical Memory | 84.78% Memory free

23.99 Gb Paging File | 20.92 Gb Available in Paging File | 87.18% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 931.42 Gb Total Space | 719.80 Gb Free Space | 77.28% Space Free | Partition Type: NTFS

Drive F: | 465.76 Gb Total Space | 121.17 Gb Free Space | 26.02% Space Free | Partition Type: NTFS

Computer Name: MILLS7 | User Name: Mills | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{473800E1-E5C2-4696-90A0-BADF5A9BD3EC}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |

"{5BDB3DB6-CB9C-4F52-A8A6-ACBCCA0F35FA}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |

"TCP Query User{4CC02FDA-895B-4904-BB4F-DAD999BE81B6}C:\program files (x86)\jawbone\jawboneupdater.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jawbone\jawboneupdater.exe |

"TCP Query User{95C8467E-52C7-4A46-BF23-A22889490A6D}C:\program files (x86)\jawbone\jawboneupdater.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jawbone\jawboneupdater.exe |

"TCP Query User{A9688BFC-A4DA-480D-BE99-7888CB96B9B8}C:\program files (x86)\electronic arts\battlefield 3\bf3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 3\bf3.exe |

"TCP Query User{C82FBE05-B36E-4CF1-B303-741F1951A929}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"UDP Query User{0280979D-3EA6-4F63-8420-317F508FA951}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"UDP Query User{6F68324C-27B6-4F4A-AAC3-F1F90074FCC4}C:\program files (x86)\jawbone\jawboneupdater.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jawbone\jawboneupdater.exe |

"UDP Query User{73482D1F-CB46-466C-97C0-21DC628389DF}C:\program files (x86)\electronic arts\battlefield 3\bf3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 3\bf3.exe |

"UDP Query User{BABE1041-BE6B-445F-88F7-10493E202F44}C:\program files (x86)\jawbone\jawboneupdater.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jawbone\jawboneupdater.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes

"{2677AAE2-D8F8-40AE-9149-67618ED43EFD}_is1" = Trinity USB Drivers 1.1.1.1

"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4BE9F0B8-FF3D-5CAA-9BF2-CB6F3DF75D3B}" = ccc-utility64

"{4E7CCB76-687B-4C53-9A5E-08780AF3A551}" = Motorola Mobile Drivers Installation 5.9.0

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{52FB2985-F3AD-DAA7-7645-4E38A5B96E17}" = AMD Catalyst Install Manager

"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{A800FCC9-8E1E-4D84-9CED-47870701FDE1}" = HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding

"{FA54C4B1-98E3-AEFA-7254-C4038DC739AF}" = AMD Media Foundation Decoders

"HP Imaging Device Functions" = HP Imaging Device Functions 14.0

"HP Print Projects" = HP Print Projects 1.0

"HP Smart Web Printing" = HP Smart Web Printing 4.60

"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0

"HPExtendedCapabilities" = HP Customer Participation Program 14.0

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"My Lockbox_is1" = My Lockbox 2.9

"Shop for HP Supplies" = Shop for HP Supplies

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{067F36D7-A47F-15A9-6163-425ACC2F59F3}" = Amazon MP3 Uploader

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller

"{08067AFD-4ECE-4454-80B4-31C859D4EDC1}" = F4400

"{0A50A09C-6081-4A64-B831-71FDA9D5E9E0}" = Fusion

"{1040143F-FEFB-4B90-8E51-E47D40E14C4E}" = Medal of Honor™ Warfighter

"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery

"{14C76057-E495-47E1-BDF0-1A1CC1752ADF}" = ExtraPutty 0.22

"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding

"{1BF82343-8EE6-8B76-90CF-31059B9D1842}" = CCC Help English

"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager

"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox

"{29A47E79-7287-4C52-9667-B4CDEEE14B58}" = T.Probe

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status

"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)

"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite

"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK

"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver

"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor ™

"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support

"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta

"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth

"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO

"{4E404F43-5C2C-4DEC-BE6E-A4651375F163}" = MyStyle

"{5401CEE8-3C2D-4835-A802-213306537FF4}" = MotoCast

"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine

"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate

"{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}" = LaCie Backup Software v1.5.2378

"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™

"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit

"{70C3CC75-9E14-D215-8FAD-5ABEAE3125D9}" = Catalyst Control Center

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update

"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{81DE15C9-5390-4533-81DF-2DC936C1A40C}" = Motorola Device Software Update

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.1

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver

"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2

"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes

"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg

"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{904CD0E4-4B72-4CF7-9828-267C6678A22E}" = System Requirements Lab for Intel

"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules

"{972F23F4-F293-4074-853D-125A59EB356D}" = CyberPower PowerPanel Personal Edition 1.3.3

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab

"{A835C187-691C-4827-BCEA-1611179C96B9}" = DJ_AIO_05_F4400_Software_Min

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply

"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2

"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime

"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3

"{B9932399-5955-45B5-A792-25FAAAA1EA70}" = Fusion

"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo

"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5

"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver

"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage

"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects

"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp

"{D0C13455-F533-4AE5-9257-2E169956BA01}" = BlackBerry Device Communication Components

"{D17C4B85-A12C-442F-81A6-21EAB64F014A}" = Cabela's Trophy Bucks

"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch

"{D5AED751-CD8F-43EF-8720-AD970CBEA741}" = Medal of Honor™ MP Open Beta

"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Try And Buy

"{E6BF9670-C9E9-461A-9B14-B5ADAC3176CF}" = Cisco AnyConnect VPN Client

"{E9A1960E-7756-2299-C700-DC7CA6EDD6E4}" = Catalyst Control Center InstallProxy

"{E9D98510-A8B6-E39C-B8BA-BA9A511E040C}" = Catalyst Control Center Graphics Previews Common

"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Advanced IP Scanner v1.5" = Advanced IP Scanner v1.5

"ALchemy" = Creative ALchemy

"AudioCS" = Creative Audio Control Panel

"Avira AntiVir Desktop" = Avira Free Antivirus

"Battlelog Web Plugins" = Battlelog Web Plugins

"com.amazon.music.uploader" = Amazon MP3 Uploader

"Console Launcher" = Creative Console Launcher

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition

"Data Viewer_is1" = Data Viewer 3.3.0.8

"ERUNT_is1" = ERUNT 1.1j

"ESET Online Scanner" = ESET Online Scanner v3

"ESN Sonar-0.70.0" = ESN Sonar

"ESN Sonar-0.70.4" = ESN Sonar

"FinalMediaPlayer_is1" = Final Media Player 2011

"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1

"Google Chrome" = Google Chrome

"GridinSoft Trojan Killer" = Trojan Killer

"HP Photo Creations" = HP Photo Creations

"Jawbone Updater" = Jawbone Updater

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Origin" = Origin

"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software

"PROPLUS" = Microsoft Office Professional Plus 2007

"PunkBusterSvc" = PunkBuster Services

"SlingHealth ActiveX" = SlingHealth ActiveX

"TeamViewer 7" = TeamViewer 7

"Trusted Software Assistant_is1" = File Type Assistant

"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)

"VLC media player" = VLC media player 1.0.5

"WaveStudio 7" = Creative WaveStudio 7

"WebSlingPlayer ActiveX" = WebSlingPlayer ActiveX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"7d0ab3f03a657c8f" = BC2CC

"af8063ee51cc0619" = BF3CC

"MusicManager" = Music Manager

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 11/23/2012 2:18:21 PM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/24/2012 2:30:39 AM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/25/2012 1:01:07 PM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/26/2012 12:12:20 PM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/27/2012 2:30:51 AM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/27/2012 10:29:04 PM | Computer Name = Mills7 | Source = Application Error | ID = 1000

Description = Faulting application name: bf3.exe, version: 1.4.0.0, time stamp:

0x500530ad Faulting module name: bf3.exe, version: 1.4.0.0, time stamp: 0x500530ad

Exception

code: 0xc0000005 Fault offset: 0x005c3824 Faulting process id: 0x40c Faulting application

start time: 0x01cdcd100b5b8af2 Faulting application path: C:\Program Files (x86)\Electronic

Arts\Battlefield 3\bf3.exe Faulting module path: C:\Program Files (x86)\Electronic

Arts\Battlefield 3\bf3.exe Report Id: 6016b7f0-3903-11e2-adc2-e0cb4e5d119c

Error - 11/28/2012 5:36:37 PM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/29/2012 6:14:46 PM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/30/2012 2:30:14 AM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 12/1/2012 2:30:27 AM | Computer Name = Mills7 | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\program files\diablosport\trinity

drivers\DPInst\DPInst_MultiLin_ia64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

[ Cisco AnyConnect VPN Client Events ]

Error - 5/29/2013 5:26:09 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

591 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:

ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available

Error - 5/29/2013 5:26:09 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

591 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:

ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available

Error - 5/29/2013 6:31:47 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

606 Invoked Function: AddRoute Return Code: -33095667 (0xFE07000D) Description: ROUTETABLE_ERROR_CREATEIPFORWARDENTRY_FAILED

the

interface appears to be available

Error - 5/29/2013 6:31:47 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

606 Invoked Function: AddRoute Return Code: -33095667 (0xFE07000D) Description: ROUTETABLE_ERROR_CREATEIPFORWARDENTRY_FAILED

the

interface appears to be available

Error - 5/29/2013 6:31:47 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

591 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:

ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available

Error - 5/29/2013 6:31:47 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

591 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:

ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available

Error - 5/29/2013 7:16:33 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

606 Invoked Function: AddRoute Return Code: -33095667 (0xFE07000D) Description: ROUTETABLE_ERROR_CREATEIPFORWARDENTRY_FAILED

the

interface appears to be available

Error - 5/29/2013 7:16:33 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

606 Invoked Function: AddRoute Return Code: -33095667 (0xFE07000D) Description: ROUTETABLE_ERROR_CREATEIPFORWARDENTRY_FAILED

the

interface appears to be available

Error - 5/29/2013 7:16:33 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

591 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:

ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available

Error - 5/29/2013 7:16:33 PM | Computer Name = Mills7 | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

591 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:

ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available

[ System Events ]

Error - 5/29/2013 7:16:59 PM | Computer Name = Mills7 | Source = Service Control Manager | ID = 7003

Description = The Net.Msmq Listener Adapter service depends the following service:

msmq. This service might not be installed.

Error - 5/29/2013 7:16:59 PM | Computer Name = Mills7 | Source = Service Control Manager | ID = 7003

Description = The Net.Pipe Listener Adapter service depends the following service:

was. This service might not be installed.

Error - 5/29/2013 7:16:59 PM | Computer Name = Mills7 | Source = Service Control Manager | ID = 7001

Description = The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing

Service service which failed to start because of the following error: %%1058

Error - 5/29/2013 7:17:02 PM | Computer Name = Mills7 | Source = Service Control Manager | ID = 7000

Description = The TeamViewer 8 service failed to start due to the following error:

%%2

Error - 5/29/2013 7:17:30 PM | Computer Name = Mills7 | Source = WMPNetworkSvc | ID = 866300

Description = Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder)

encountered error '0x80004005'. Verify that the UPnPHost service is running and

that the UPnPHost component of Windows is installed properly.

Error - 5/29/2013 7:17:31 PM | Computer Name = Mills7 | Source = Service Control Manager | ID = 7023

Description = The WinDefend service terminated with the following error: %%5

Error - 5/29/2013 7:19:32 PM | Computer Name = Mills7 | Source = Service Control Manager | ID = 7023

Description = The WinDefend service terminated with the following error: %%5

Error - 5/30/2013 5:01:12 PM | Computer Name = Mills7 | Source = bowser | ID = 8003

Description = The master browser has received a server announcement from the computer

LENOVO that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D74E2728-5585-4876-966D-79A66B088B6E}.

The

master browser is stopping or an election is being forced.

Error - 6/5/2013 7:56:51 PM | Computer Name = Mills7 | Source = Service Control Manager | ID = 7034

Description = The Google Update Service (gupdate) service terminated unexpectedly.

It has done this 1 time(s).

Error - 6/5/2013 7:57:21 PM | Computer Name = Mills7 | Source = DCOM | ID = 10010

Description =

< End of report >

Results of screen317's Security Check version 0.99.64

Windows 7 Service Pack 1 x64 (UAC is disabled!)

Internet Explorer 10

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Avira Desktop

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.75.0.1300

Adobe Flash Player 11.7.700.202

Adobe Reader 9 Adobe Reader out of Date!

Mozilla Firefox (21.0)

Google Chrome 27.0.1453.110

Google Chrome 27.0.1453.94

````````Process Check: objlist.exe by Laurent````````

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log`````````````````````

Link to post
Share on other sites

Your system has an old version (also insecure) of Adobe Reader. You need to uninstall Adobe Reader.

Consider getting an alternate tool like Sumatra PDF as mentioned by Corrine on her Security Garden blog.

http://securitygarden.blogspot.com/2013/02/replacing-adobe-reader-with-sumatra-pdf.html

We can wrap this up now. I see that you are clear of your original issues.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used. Advise me after you have completed the cleanups.

We have to remove Combofix and all its associated folders. By whichever name you named it, ( you had named it ComboFix

put that name in the RUN box stated just below.

The "/uninstall" in the Run line below is to start Combofix for it's cleanup & removal function.

Note the space before the slash mark.

The utility must be removed to prevent any un-intentional or accidental usage, PLUS, to free up much space on your hard disk.

  • Highlight the line in this CODEBOX.
    Select & Copy the entire line within this codebox (so that it is in Windows clipboard memory)
    C:\Users\Mills\Desktop\ComboFix.exe /uninstall


  • Start >> type in cmd >> press the Ctrl+Shift+Enter keyboard combination and cmd.exe will be launched as if you selected Run as Administrator. You will then see a User Account Control prompt asking if you would like to allow the Command Prompt to be able to make changes on your computer. Click on the Yes button and you will now be at the Elevated Command Prompt.
    Do a Right click within the command prompt window and select Paste. This must show the line from Codebox above.
    Then tap Enter

IF in the case Combofix un-install has an issue, skip that step.

NEXT

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

ERUNT you should keep and use periodically to backup Windows registry.

Delete the following if still present:

adwcleaner.exe

tdsskiller.exe

roguekiller.exe

securitycheck.exe

mbar.exe

fss.exe

You may use Control Panel >> Programs and Features and uninstall ESET Online scan.

You should create a "system repair disc" for your Windows 7 either to a CD, DVD, or new USB-flash-thumb drive {if your hardware can boot from USB}.

The following is a reference page at Microsoft and also has a link to a how-to-video.

Create a Windows 7 system repair disc

This "repair disc" is a very handy tool that one may use when and IF you are not able to start Windows 7 normally.

This "repair disc" or "rescue disc" is not intended as a replacement for having the Windows 7 operating system DVD.

Make a rescue disc, put a label on it, store it away for a "rainy day".

Safer practices & malware prevention

We are finished here. Best regards. cool.gif

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.