Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Network problems following removal of Windows Recovery


  • This topic is locked This topic is locked

#1
charles.actuary

charles.actuary

    Member

  • Member
  • PipPipPip
  • 112 posts
Hello again

My computer became infected with Windows Recovery. Following the link from your forum, I used Malwarebytes MBAM to remove the malware, and after this, most things are back to normal. However at some stage during the infection the computer became unable to link to the internet. Using Windows Network Diagnostics, I get two messages:
"Local Area Connection" doesn't have a valid IP configuration, and
The default gatewat is not available

These aren't issues that I have ever had before, so I guess that they must be connected to the malware in some way. Any ideas?

The computer is running Windows 7 64 bit. Connection to the internet is wired, via a Netgear router. Other computers in the house are having no problems with the connection.

I have run an OTL scan and the results are below.

Thank you very much for your help.

Charles



OTL logfile created on: 6/4/2011 10:11:28 AM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Charles Young\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

6.00 Gb Total Physical Memory | 4.45 Gb Available Physical Memory | 74.23% Memory free
12.00 Gb Paging File | 9.59 Gb Available in Paging File | 79.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.46 Gb Total Space | 733.30 Gb Free Space | 79.67% Space Free | Partition Type: NTFS
Drive E: | 3.76 Gb Total Space | 3.75 Gb Free Space | 99.74% Space Free | Partition Type: FAT32

Computer Name: STUDY-DELL | User Name: Charles Young | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
PRC - [2011/01/13 20:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 20:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011/01/13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/02 10:26:02 | 000,672,632 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/27 14:27:00 | 000,280,960 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2010/07/20 11:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/05/11 11:16:34 | 000,140,288 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/12/29 15:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/11/13 15:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


========== Modules (SafeList) ==========

MOD - [2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 22:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/29 18:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2011/01/13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/10/20 19:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/28 15:25:04 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/10/20 19:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/31 04:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/20 19:27:34 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 16:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2008/10/24 19:55:28 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.2)
DRV:64bit: - [2008/10/24 19:55:28 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.2)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/12/03 19:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2)
DRV:64bit: - [2007/12/03 19:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/02/03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64) Logitech QuickCam Pro 3000(PID_08B0)
DRV:64bit: - [2006/11/01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2001/02/28 10:42:44 | 000,034,712 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 E5 01 FB E5 6B CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..keyword.URL: "http://uk.search.yah...h?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/06/03 22:20:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/03 22:19:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/06/03 22:19:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/03 22:20:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/03 22:22:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/06/03 22:20:03 | 000,000,000 | ---D | M]

[2010/07/29 16:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Extensions
[2010/07/29 16:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/06/09 07:39:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Firefox\Profiles\187tzb3q.default\extensions
[2011/06/03 22:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/03 22:20:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/03 22:19:57 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/05/08 07:20:25 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20110511170131.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20110511170131.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Freecause Toolbar BHO) - {B7C2F0D8-2209-4693-A15D-5A537211D48B} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Nectar Search Toolbar) - {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Nectar Search Toolbar) - {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] File not found
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TomTomHOME.exe] File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Charles Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photob...?20101221064513 (PhotoboxPhotowaysUploader5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8190650e-6fed-11df-893a-00256487dcaa}\Shell - "" = AutoRun
O33 - MountPoints2\{8190650e-6fed-11df-893a-00256487dcaa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/04 10:11:07 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
[2011/06/04 07:40:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{DB72A417-BD19-45C1-944E-43C2816027AB}
[2011/06/04 07:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/03 18:14:29 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4C3CE342-9EEC-4A79-A722-EE2E65DA50F4}
[2011/06/03 00:12:15 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{91D5A293-B957-48B0-8DEF-C9E38D5DA648}
[2011/06/02 23:32:22 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{8C4AC921-824D-42EF-A6C8-3507892D286B}
[2011/06/02 23:11:50 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Roaming\Malwarebytes
[2011/06/02 23:11:22 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/02 23:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/02 23:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/02 23:11:07 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/02 23:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/02 23:09:46 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Charles Young\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/02 22:52:22 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{75C4DB64-1B01-40FA-9C4B-AC477DA77BB9}
[2011/06/02 22:34:25 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{607B62AA-3BBA-454E-A77B-26E3FF79506E}
[2011/06/02 07:26:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{ADD3680B-66B7-40D9-AF8C-B770113FD0AE}
[2011/06/01 21:46:33 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{0869EE7F-8A89-49E2-997A-150CC319B3AA}
[2011/06/01 09:56:40 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/06/01 09:33:43 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4CB7017A-5AA4-4BF5-B3F8-29BD4F4F746C}
[2011/05/31 14:01:08 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4C78F803-30AB-45D0-A492-BE77B2E8AE09}
[2011/05/30 19:46:28 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{265B000F-EF52-438A-9E42-C0E43163E64F}
[2011/05/30 19:42:24 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011/05/28 00:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/05/27 08:15:02 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{1A0BC86A-BF5A-48F9-95FD-5B3492A7A2BF}
[2011/05/25 08:09:13 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{35ED749F-8EEC-4A8E-A5D4-B525C54CB63F}
[2011/05/24 08:25:57 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{DD79A5AE-E9FF-4A93-AC83-35D0FEAC5B51}
[2011/05/23 20:25:33 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{97D271EB-8DC2-41CC-9115-AD358AC984C1}
[2011/05/23 08:25:10 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{31358479-DB87-49FB-A81D-810CAEA20521}
[2011/05/20 19:39:29 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{860BA626-CE9D-4541-8FB7-0DC99BE0FDEB}
[2011/05/19 19:06:45 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{CA1FDF15-AB2A-4A48-A116-4DEBB2262452}
[2011/05/19 07:06:21 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{92EF38F3-D30E-4D6E-833E-F2A2FFE80E9E}
[2011/05/17 00:53:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{A8504942-41C8-451E-B0FB-F38F1D2A1554}
[2011/05/15 12:53:09 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{15835900-72A7-46B2-B65A-BCD8C4892392}
[2011/05/13 09:01:08 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{A534960F-E6AC-4098-99BF-7BFE6B9E1D92}
[2011/05/12 21:00:44 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{D87BB867-F337-4B89-B1F5-7B7C4DC9E5A5}
[2011/05/12 09:00:21 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{68F0B4FA-2F9A-4694-8520-718ED7E9848C}
[2011/05/06 07:50:18 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{1592021B-3FB7-4188-A698-7F78780F81BE}

========== Files - Modified Within 30 Days ==========

[2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
[2011/06/04 09:45:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/04 07:47:28 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/04 07:47:28 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/04 07:38:52 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/04 07:38:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/04 07:38:23 | 536,072,191 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/03 22:00:10 | 000,606,105 | ---- | M] () -- C:\Users\Charles Young\Desktop\unhide.exe
[2011/06/02 23:12:37 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/02 23:12:37 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/02 23:12:37 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/02 23:11:23 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/02 23:06:52 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Charles Young\Desktop\mbam-setup-1.51.0.1200.exe
[2011/05/30 22:07:07 | 239,346,081 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/30 19:43:12 | 000,000,040 | ---- | M] () -- C:\ProgramData\~39182072
[2011/05/30 19:42:30 | 000,000,637 | ---- | M] () -- C:\Users\Charles Young\Desktop\Windows 7 Recovery.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/28 00:14:45 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/05/08 07:20:35 | 000,002,054 | ---- | M] () -- C:\Users\Charles Young\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2011/06/03 22:14:41 | 000,002,618 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - dell.lnk
[2011/06/03 22:14:41 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2011/06/03 22:14:41 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/06/03 22:14:41 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2011/06/03 22:14:41 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/03 22:14:41 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2011/06/03 22:14:40 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Media Impression.lnk
[2011/06/03 22:14:40 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/06/03 22:14:40 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2011/06/03 22:14:40 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Panorama Maker 4.lnk
[2011/06/03 22:14:40 | 000,002,065 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011/06/03 22:14:40 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\PHOTOfunSTUDIO -viewer-.lnk
[2011/06/03 22:14:40 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Quicken 2002.lnk
[2011/06/03 22:14:40 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/03 22:14:40 | 000,001,752 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2011/06/03 22:14:40 | 000,001,323 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2011/06/03 22:14:40 | 000,001,317 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/06/03 22:14:40 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/03 22:14:40 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/06/03 22:14:40 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Family Historian 4.1.lnk
[2011/06/03 22:14:40 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2011/06/03 22:14:40 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2011/06/03 22:14:40 | 000,000,195 | ---- | C] () -- C:\Users\Public\Desktop\Motley Fool.URL
[2011/06/03 22:14:39 | 000,002,325 | ---- | C] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2011/06/03 22:14:39 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2011/06/03 22:14:39 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/03 22:01:00 | 000,606,105 | ---- | C] () -- C:\Users\Charles Young\Desktop\unhide.exe
[2011/06/02 23:11:23 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 19:42:41 | 000,000,040 | ---- | C] () -- C:\ProgramData\~39182072
[2011/05/30 19:42:30 | 000,000,637 | ---- | C] () -- C:\Users\Charles Young\Desktop\Windows 7 Recovery.lnk
[2010/10/16 12:43:30 | 000,206,138 | ---- | C] () -- C:\Windows\hpoins35.dat.temp
[2010/10/16 12:43:30 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat.temp
[2010/10/11 22:57:49 | 000,220,673 | ---- | C] () -- C:\Windows\hpoins35.dat
[2010/09/22 00:22:28 | 000,037,888 | ---- | C] () -- C:\Users\Charles Young\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/10 15:55:23 | 000,000,837 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2010/07/10 15:55:23 | 000,000,052 | ---- | C] () -- C:\Windows\intuprof.ini
[2010/07/10 15:55:22 | 000,007,406 | ---- | C] () -- C:\Windows\ICOADB32.DAT
[2010/06/18 20:27:46 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/05 17:53:34 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/06/05 17:53:34 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/06/05 17:53:34 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/06/05 17:53:34 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/06/05 17:53:34 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/06/05 17:53:34 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/06/05 17:53:34 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/06/05 17:53:34 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/06/05 17:53:34 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/06/05 17:53:34 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/06/05 17:53:34 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/06/05 17:53:34 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/06/05 17:53:34 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/06/05 17:53:34 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/06/05 17:53:34 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/06/05 17:53:34 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2009/10/20 19:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/24 11:01:10 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2010/06/04 12:36:29 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Acronis
[2010/12/25 13:14:58 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Amazon
[2011/01/15 09:09:12 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\calibre
[2010/07/20 00:56:27 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\FileZilla
[2010/09/14 00:06:02 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\GARMIN
[2011/06/03 22:20:34 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Mp3tag
[2010/10/01 17:36:14 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Nokia
[2010/06/06 15:09:14 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Panasonic
[2010/09/21 22:04:49 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PC Suite
[2011/06/03 22:04:57 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PCDr
[2011/06/03 22:20:34 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PDF Writer
[2011/04/30 19:17:59 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Softland
[2011/06/03 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\TomTom
[2010/06/23 10:50:21 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Windows Live Writer
[2011/03/26 07:56:49 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:0FD841FF

< End of report >



OTL Extras logfile created on: 6/4/2011 10:11:28 AM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Charles Young\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

6.00 Gb Total Physical Memory | 4.45 Gb Available Physical Memory | 74.23% Memory free
12.00 Gb Paging File | 9.59 Gb Available in Paging File | 79.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.46 Gb Total Space | 733.30 Gb Free Space | 79.67% Space Free | Partition Type: NTFS
Drive E: | 3.76 Gb Total Space | 3.75 Gb Free Space | 99.74% Space Free | Partition Type: FAT32

Computer Name: STUDY-DELL | User Name: Charles Young | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java™ 6 Update 25 (64-bit)
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{71C4F928-136A-4222-A191-310E081FB96B}" = HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 5
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1195
"Family Historian PDF File_is1" = Family Historian PDF File (novaPDF 6.1 printer)
"Family Historian PDF_is1" = Family Historian PDF (novaPDF 7.0 printer)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 21
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E44523-0F0F-4454-9F37-E951BBA55B84}" = C309a
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.6
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer-
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF3A54ED-F649-43D7-BA36-31CE553FAFCC}" = Garmin City Navigator Europe NT 2011.20 Update
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D8AD43B5-36EB-4E14-A44F-0E40AFFC4932}" = calibre
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{FA0E7183-6B11-4899-B25F-2C490543967E}" = PS_AIO_05_C309_Software_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"Belkin Range Extender" = Belkin Range Extender
"Dell Dock" = Dell Dock
"Digital Editions" = Adobe Digital Editions
"D-Link Powerline AV Utility" = D-Link Powerline AV Utility
"ENTERPRISER" = Microsoft Office Enterprise 2007
"family_historian_is1" = Family Historian 4.1
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.5.0
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"Mp3tag" = Mp3tag v2.46a
"MSC" = McAfee Security Center
"Nectar Search Toolbar" = Nectar Search Toolbar
"Nokia Ovi Suite" = Nokia Ovi Suite
"Picasa 3" = Picasa 3
"Quicken 2002" = Quicken 2002
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle For PC" = Amazon Kindle For PC

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/23/2011 3:25:05 AM | Computer Name = Study-Dell | Source = OviSuite | ID = 1
Description =

Error - 5/23/2011 3:25:05 AM | Computer Name = Study-Dell | Source = OviSuite | ID = 1
Description =

Error - 5/23/2011 3:25:05 AM | Computer Name = Study-Dell | Source = OviSuite | ID = 1
Description =

Error - 5/23/2011 3:25:07 AM | Computer Name = Study-Dell | Source = OviSuite | ID = 1
Description =

Error - 5/23/2011 3:25:11 AM | Computer Name = Study-Dell | Source = OviSuite | ID = 1
Description =

Error - 5/23/2011 3:25:11 AM | Computer Name = Study-Dell | Source = OviSuite | ID = 1
Description =

Error - 5/23/2011 3:25:36 AM | Computer Name = Study-Dell | Source = OviSuite | ID = 1
Description =

Error - 5/23/2011 3:25:36 AM | Computer Name = Study-Dell | Source = OviSuite | ID = 1
Description =

Error - 5/23/2011 3:25:39 AM | Computer Name = Study-Dell | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f74 Start
Time: 01cc191a79020ad1 Termination Time: 24 Application Path: C:\Windows\Explorer.EXE

Report
Id: d1aa3f29-850d-11e0-bcde-00256487dcaa

Error - 5/23/2011 3:25:48 AM | Computer Name = Study-Dell | Source = Application Hang | ID = 1002
Description = The program SUPERANTISPYWARE.EXE version 4.52.0.1000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1084 Start
Time: 01cc191a7c9b5e9d Termination Time: 32 Application Path: C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

Report
Id: dce85f1e-850d-11e0-bcde-00256487dcaa

[ Dell Events ]
Error - 3/5/2011 9:47:13 AM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/5/2011 9:55:01 AM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/5/2011 9:55:01 AM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/12/2011 9:54:48 AM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/12/2011 9:54:48 AM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/23/2011 6:32:48 PM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 3/23/2011 6:32:48 PM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/11/2011 6:14:12 PM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/11/2011 6:14:12 PM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 4/24/2011 4:25:36 AM | Computer Name = Study-Dell | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ Media Center Events ]
Error - 6/3/2011 1:16:59 PM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 18:16:59 - Error connecting to the internet. 18:16:59 - Unable
to contact server..

Error - 6/3/2011 1:17:31 PM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 18:17:28 - Error connecting to the internet. 18:17:28 - Unable
to contact server..

Error - 6/3/2011 2:18:25 PM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 19:18:25 - Error connecting to the internet. 19:18:25 - Unable
to contact server..

Error - 6/3/2011 2:18:58 PM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 19:18:54 - Error connecting to the internet. 19:18:54 - Unable
to contact server..

Error - 6/3/2011 3:19:40 PM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 20:19:40 - Error connecting to the internet. 20:19:40 - Unable
to contact server..

Error - 6/3/2011 3:20:12 PM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 20:20:09 - Error connecting to the internet. 20:20:09 - Unable
to contact server..

Error - 6/3/2011 4:20:59 PM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 21:20:59 - Error connecting to the internet. 21:20:59 - Unable
to contact server..

Error - 6/3/2011 4:22:58 PM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 21:22:58 - Error connecting to the internet. 21:22:58 - Unable
to contact server..

Error - 6/4/2011 2:48:27 AM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 07:48:27 - Error connecting to the internet. 07:48:27 - Unable
to contact server..

Error - 6/4/2011 2:49:14 AM | Computer Name = Study-Dell | Source = MCUpdate | ID = 0
Description = 07:48:56 - Error connecting to the internet. 07:48:56 - Unable
to contact server..

[ OSession Events ]
Error - 11/15/2010 7:05:15 PM | Computer Name = Study-Dell | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 36601
seconds with 240 seconds of active time. This session ended with a crash.

Error - 11/25/2010 6:42:42 PM | Computer Name = Study-Dell | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16320
seconds with 240 seconds of active time. This session ended with a crash.

Error - 3/5/2011 5:48:53 AM | Computer Name = Study-Dell | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 306959
seconds with 5760 seconds of active time. This session ended with a crash.

Error - 3/5/2011 5:49:05 AM | Computer Name = Study-Dell | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/5/2011 5:59:25 AM | Computer Name = Study-Dell | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6/2/2011 7:10:27 PM | Computer Name = Study-Dell | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\mrtRate.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 6/2/2011 7:10:27 PM | Computer Name = Study-Dell | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%1275

Error - 6/3/2011 1:13:21 PM | Computer Name = Study-Dell | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\mrtRate.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 6/3/2011 1:13:21 PM | Computer Name = Study-Dell | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%1275

Error - 6/3/2011 1:13:25 PM | Computer Name = Study-Dell | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 6/3/2011 5:43:22 PM | Computer Name = Study-Dell | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 6/4/2011 2:38:41 AM | Computer Name = Study-Dell | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\mrtRate.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 6/4/2011 2:38:41 AM | Computer Name = Study-Dell | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%1275

Error - 6/4/2011 2:39:08 AM | Computer Name = Study-Dell | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 6/4/2011 2:39:08 AM | Computer Name = Study-Dell | Source = VDS Basic Provider | ID = 33554433
Description =


< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi lets try to get the connection back first


  • To open a command prompt, click Start > All Programs > Accessories and then right click command prompt and select run as administrator.
  • Copy and paste (or type) the following command in the command box box and then press ENTER:
    netsh winsock reset c:\resetlog.txt
  • Reboot the computer.
  • In next reply please post content of the file c:\resetlog.txt

THEN

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    [2011/05/30 19:43:12 | 000,000,040 | ---- | M] () -- C:\ProgramData\~39182072
    [2011/05/30 19:42:30 | 000,000,637 | ---- | M] () -- C:\Users\Charles Young\Desktop\Windows 7 Recovery.lnk

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Hi

I'm afraid that the command didn't succeed in getting the network back, and I couldn't find a file resetlog.txt anywhere on the C: drive.

After running OTL as requested, here is the log.

I hope that helps.

Charles




OTL logfile created on: 6/4/2011 11:59:55 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Charles Young\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

6.00 Gb Total Physical Memory | 4.18 Gb Available Physical Memory | 69.64% Memory free
12.00 Gb Paging File | 9.87 Gb Available in Paging File | 82.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.46 Gb Total Space | 740.60 Gb Free Space | 80.46% Space Free | Partition Type: NTFS
Drive E: | 3.76 Gb Total Space | 3.75 Gb Free Space | 99.73% Space Free | Partition Type: FAT32

Computer Name: STUDY-DELL | User Name: Charles Young | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
PRC - [2011/01/13 20:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 20:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011/01/13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/02 10:26:02 | 000,672,632 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/27 14:27:00 | 000,280,960 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2010/07/20 11:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/12/29 15:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/11/13 15:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


========== Modules (SafeList) ==========

MOD - [2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 22:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/29 18:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2011/01/13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/10/20 19:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/28 15:25:04 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/10/20 19:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/31 04:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/20 19:27:34 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 16:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2008/10/24 19:55:28 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.2)
DRV:64bit: - [2008/10/24 19:55:28 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.2)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/12/03 19:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2)
DRV:64bit: - [2007/12/03 19:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/02/03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64) Logitech QuickCam Pro 3000(PID_08B0)
DRV:64bit: - [2006/11/01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2001/02/28 10:42:44 | 000,034,712 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 E5 01 FB E5 6B CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..keyword.URL: "http://uk.search.yah...h?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/06/03 22:20:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/03 22:19:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/06/03 22:19:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/03 22:20:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/03 22:22:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/06/03 22:20:03 | 000,000,000 | ---D | M]

[2010/07/29 16:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Extensions
[2010/07/29 16:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/06/09 07:39:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Firefox\Profiles\187tzb3q.default\extensions
[2011/06/03 22:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/03 22:20:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/03 22:19:57 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/05/08 07:20:25 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/04 23:55:15 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20110511170131.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20110511170131.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Freecause Toolbar BHO) - {B7C2F0D8-2209-4693-A15D-5A537211D48B} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Nectar Search Toolbar) - {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Nectar Search Toolbar) - {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] File not found
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TomTomHOME.exe] File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Charles Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photob...?20101221064513 (PhotoboxPhotowaysUploader5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8190650e-6fed-11df-893a-00256487dcaa}\Shell - "" = AutoRun
O33 - MountPoints2\{8190650e-6fed-11df-893a-00256487dcaa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/04 23:58:03 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{A2B53FD8-5674-4C07-9419-0EE3F5F4CA66}
[2011/06/04 23:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/04 23:55:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/04 23:48:17 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{26BD4195-22A4-46A9-80A7-AF08988495F1}
[2011/06/04 23:35:55 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{EFD1005D-87B3-4B8B-A1D6-9C58283173EB}
[2011/06/04 10:11:07 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
[2011/06/04 07:40:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{DB72A417-BD19-45C1-944E-43C2816027AB}
[2011/06/03 18:14:29 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4C3CE342-9EEC-4A79-A722-EE2E65DA50F4}
[2011/06/03 00:12:15 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{91D5A293-B957-48B0-8DEF-C9E38D5DA648}
[2011/06/02 23:32:22 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{8C4AC921-824D-42EF-A6C8-3507892D286B}
[2011/06/02 23:11:50 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Roaming\Malwarebytes
[2011/06/02 23:11:22 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/02 23:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/02 23:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/02 23:11:07 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/02 23:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/02 23:09:46 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Charles Young\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/02 22:52:22 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{75C4DB64-1B01-40FA-9C4B-AC477DA77BB9}
[2011/06/02 22:34:25 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{607B62AA-3BBA-454E-A77B-26E3FF79506E}
[2011/06/02 07:26:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{ADD3680B-66B7-40D9-AF8C-B770113FD0AE}
[2011/06/01 21:46:33 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{0869EE7F-8A89-49E2-997A-150CC319B3AA}
[2011/06/01 09:56:40 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/06/01 09:33:43 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4CB7017A-5AA4-4BF5-B3F8-29BD4F4F746C}
[2011/05/31 14:01:08 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4C78F803-30AB-45D0-A492-BE77B2E8AE09}
[2011/05/30 19:46:28 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{265B000F-EF52-438A-9E42-C0E43163E64F}
[2011/05/30 19:42:24 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011/05/28 00:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/05/27 08:15:02 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{1A0BC86A-BF5A-48F9-95FD-5B3492A7A2BF}
[2011/05/25 08:09:13 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{35ED749F-8EEC-4A8E-A5D4-B525C54CB63F}
[2011/05/24 08:25:57 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{DD79A5AE-E9FF-4A93-AC83-35D0FEAC5B51}
[2011/05/23 20:25:33 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{97D271EB-8DC2-41CC-9115-AD358AC984C1}
[2011/05/23 08:25:10 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{31358479-DB87-49FB-A81D-810CAEA20521}
[2011/05/20 19:39:29 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{860BA626-CE9D-4541-8FB7-0DC99BE0FDEB}
[2011/05/19 19:06:45 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{CA1FDF15-AB2A-4A48-A116-4DEBB2262452}
[2011/05/19 07:06:21 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{92EF38F3-D30E-4D6E-833E-F2A2FFE80E9E}
[2011/05/17 00:53:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{A8504942-41C8-451E-B0FB-F38F1D2A1554}
[2011/05/15 12:53:09 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{15835900-72A7-46B2-B65A-BCD8C4892392}
[2011/05/13 09:01:08 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{A534960F-E6AC-4098-99BF-7BFE6B9E1D92}
[2011/05/12 21:00:44 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{D87BB867-F337-4B89-B1F5-7B7C4DC9E5A5}
[2011/05/12 09:00:21 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{68F0B4FA-2F9A-4694-8520-718ED7E9848C}
[2011/05/06 07:50:18 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{1592021B-3FB7-4188-A698-7F78780F81BE}

========== Files - Modified Within 30 Days ==========

[2011/06/05 00:04:16 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/05 00:04:16 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/04 23:57:15 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/04 23:56:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/04 23:56:48 | 536,072,191 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/04 23:55:15 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/06/04 23:44:44 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
[2011/06/03 22:00:10 | 000,606,105 | ---- | M] () -- C:\Users\Charles Young\Desktop\unhide.exe
[2011/06/02 23:12:37 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/02 23:12:37 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/02 23:12:37 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/02 23:11:23 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/02 23:06:52 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Charles Young\Desktop\mbam-setup-1.51.0.1200.exe
[2011/05/30 22:07:07 | 239,346,081 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/28 00:14:45 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/05/08 07:20:35 | 000,002,054 | ---- | M] () -- C:\Users\Charles Young\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2011/06/03 22:14:41 | 000,002,618 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - dell.lnk
[2011/06/03 22:14:41 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2011/06/03 22:14:41 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/06/03 22:14:41 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2011/06/03 22:14:41 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/03 22:14:41 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2011/06/03 22:14:40 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Media Impression.lnk
[2011/06/03 22:14:40 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/06/03 22:14:40 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2011/06/03 22:14:40 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Panorama Maker 4.lnk
[2011/06/03 22:14:40 | 000,002,065 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011/06/03 22:14:40 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\PHOTOfunSTUDIO -viewer-.lnk
[2011/06/03 22:14:40 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Quicken 2002.lnk
[2011/06/03 22:14:40 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/03 22:14:40 | 000,001,752 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2011/06/03 22:14:40 | 000,001,323 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2011/06/03 22:14:40 | 000,001,317 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/06/03 22:14:40 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/03 22:14:40 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/06/03 22:14:40 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Family Historian 4.1.lnk
[2011/06/03 22:14:40 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2011/06/03 22:14:40 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2011/06/03 22:14:40 | 000,000,195 | ---- | C] () -- C:\Users\Public\Desktop\Motley Fool.URL
[2011/06/03 22:14:39 | 000,002,325 | ---- | C] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2011/06/03 22:14:39 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2011/06/03 22:14:39 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/03 22:01:00 | 000,606,105 | ---- | C] () -- C:\Users\Charles Young\Desktop\unhide.exe
[2011/06/02 23:11:23 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/16 12:43:30 | 000,206,138 | ---- | C] () -- C:\Windows\hpoins35.dat.temp
[2010/10/16 12:43:30 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat.temp
[2010/10/11 22:57:49 | 000,220,673 | ---- | C] () -- C:\Windows\hpoins35.dat
[2010/09/22 00:22:28 | 000,037,888 | ---- | C] () -- C:\Users\Charles Young\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/10 15:55:23 | 000,000,837 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2010/07/10 15:55:23 | 000,000,052 | ---- | C] () -- C:\Windows\intuprof.ini
[2010/07/10 15:55:22 | 000,007,406 | ---- | C] () -- C:\Windows\ICOADB32.DAT
[2010/06/18 20:27:46 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/05 17:53:34 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/06/05 17:53:34 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/06/05 17:53:34 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/06/05 17:53:34 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/06/05 17:53:34 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/06/05 17:53:34 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/06/05 17:53:34 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/06/05 17:53:34 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/06/05 17:53:34 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/06/05 17:53:34 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/06/05 17:53:34 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/06/05 17:53:34 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/06/05 17:53:34 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/06/05 17:53:34 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/06/05 17:53:34 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/06/05 17:53:34 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2009/10/20 19:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/24 11:01:10 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2010/06/04 12:36:29 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Acronis
[2010/12/25 13:14:58 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Amazon
[2011/01/15 09:09:12 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\calibre
[2010/07/20 00:56:27 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\FileZilla
[2010/09/14 00:06:02 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\GARMIN
[2011/06/03 22:20:34 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Mp3tag
[2010/10/01 17:36:14 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Nokia
[2010/06/06 15:09:14 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Panasonic
[2010/09/21 22:04:49 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PC Suite
[2011/06/03 22:04:57 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PCDr
[2011/06/03 22:20:34 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PDF Writer
[2011/04/30 19:17:59 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Softland
[2011/06/03 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\TomTom
[2010/06/23 10:50:21 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Windows Live Writer
[2011/03/26 07:56:49 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:0FD841FF

< End of report >
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Whoops missed one ..

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    [2011/05/30 19:42:24 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#5
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Here are the two logs.


OTL logfile created on: 6/5/2011 6:28:32 PM - Run 3
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Charles Young\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

6.00 Gb Total Physical Memory | 4.26 Gb Available Physical Memory | 71.03% Memory free
12.00 Gb Paging File | 9.93 Gb Available in Paging File | 82.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.46 Gb Total Space | 740.27 Gb Free Space | 80.42% Space Free | Partition Type: NTFS
Drive E: | 3.76 Gb Total Space | 3.75 Gb Free Space | 99.73% Space Free | Partition Type: FAT32

Computer Name: STUDY-DELL | User Name: Charles Young | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
PRC - [2011/01/13 20:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 20:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011/01/13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/11/20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/02 10:26:02 | 000,672,632 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/27 14:27:00 | 000,280,960 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2010/07/20 11:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/12/29 15:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/11/13 15:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


========== Modules (SafeList) ==========

MOD - [2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 22:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/29 18:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2011/01/13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/10/20 19:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/28 15:25:04 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/10/20 19:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/31 04:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/20 19:27:34 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 16:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2008/10/24 19:55:28 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.2)
DRV:64bit: - [2008/10/24 19:55:28 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.2)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/12/03 19:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2)
DRV:64bit: - [2007/12/03 19:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/02/03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64) Logitech QuickCam Pro 3000(PID_08B0)
DRV:64bit: - [2006/11/01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2001/02/28 10:42:44 | 000,034,712 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 E5 01 FB E5 6B CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..keyword.URL: "http://uk.search.yah...h?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/06/03 22:20:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/03 22:19:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/06/03 22:19:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/03 22:20:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/03 22:22:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/06/03 22:20:03 | 000,000,000 | ---D | M]

[2010/07/29 16:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Extensions
[2010/07/29 16:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/06/09 07:39:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles Young\AppData\Roaming\Mozilla\Firefox\Profiles\187tzb3q.default\extensions
[2011/06/03 22:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/03 22:20:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/03 22:19:57 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/05/08 07:20:25 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/05 18:25:13 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20110511170131.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20110511170131.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Freecause Toolbar BHO) - {B7C2F0D8-2209-4693-A15D-5A537211D48B} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Nectar Search Toolbar) - {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Nectar Search Toolbar) - {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] File not found
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TomTomHOME.exe] File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Charles Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photob...?20101221064513 (PhotoboxPhotowaysUploader5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8190650e-6fed-11df-893a-00256487dcaa}\Shell - "" = AutoRun
O33 - MountPoints2\{8190650e-6fed-11df-893a-00256487dcaa}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/05 18:27:27 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{0F905B18-E1C3-4DAE-B24A-1EC72254E9D0}
[2011/06/05 18:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/04 23:58:03 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{A2B53FD8-5674-4C07-9419-0EE3F5F4CA66}
[2011/06/04 23:55:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/04 23:48:17 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{26BD4195-22A4-46A9-80A7-AF08988495F1}
[2011/06/04 23:35:55 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{EFD1005D-87B3-4B8B-A1D6-9C58283173EB}
[2011/06/04 10:11:07 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
[2011/06/04 07:40:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{DB72A417-BD19-45C1-944E-43C2816027AB}
[2011/06/03 18:14:29 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4C3CE342-9EEC-4A79-A722-EE2E65DA50F4}
[2011/06/03 00:12:15 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{91D5A293-B957-48B0-8DEF-C9E38D5DA648}
[2011/06/02 23:32:22 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{8C4AC921-824D-42EF-A6C8-3507892D286B}
[2011/06/02 23:11:50 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Roaming\Malwarebytes
[2011/06/02 23:11:22 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/02 23:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/02 23:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/02 23:11:07 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/02 23:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/02 23:09:46 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Charles Young\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/02 22:52:22 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{75C4DB64-1B01-40FA-9C4B-AC477DA77BB9}
[2011/06/02 22:34:25 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{607B62AA-3BBA-454E-A77B-26E3FF79506E}
[2011/06/02 07:26:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{ADD3680B-66B7-40D9-AF8C-B770113FD0AE}
[2011/06/01 21:46:33 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{0869EE7F-8A89-49E2-997A-150CC319B3AA}
[2011/06/01 09:56:40 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/06/01 09:33:43 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4CB7017A-5AA4-4BF5-B3F8-29BD4F4F746C}
[2011/05/31 14:01:08 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{4C78F803-30AB-45D0-A492-BE77B2E8AE09}
[2011/05/30 19:46:28 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{265B000F-EF52-438A-9E42-C0E43163E64F}
[2011/05/28 00:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/05/27 08:15:02 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{1A0BC86A-BF5A-48F9-95FD-5B3492A7A2BF}
[2011/05/25 08:09:13 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{35ED749F-8EEC-4A8E-A5D4-B525C54CB63F}
[2011/05/24 08:25:57 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{DD79A5AE-E9FF-4A93-AC83-35D0FEAC5B51}
[2011/05/23 20:25:33 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{97D271EB-8DC2-41CC-9115-AD358AC984C1}
[2011/05/23 08:25:10 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{31358479-DB87-49FB-A81D-810CAEA20521}
[2011/05/20 19:39:29 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{860BA626-CE9D-4541-8FB7-0DC99BE0FDEB}
[2011/05/19 19:06:45 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{CA1FDF15-AB2A-4A48-A116-4DEBB2262452}
[2011/05/19 07:06:21 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{92EF38F3-D30E-4D6E-833E-F2A2FFE80E9E}
[2011/05/17 00:53:54 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{A8504942-41C8-451E-B0FB-F38F1D2A1554}
[2011/05/15 12:53:09 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{15835900-72A7-46B2-B65A-BCD8C4892392}
[2011/05/13 09:01:08 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{A534960F-E6AC-4098-99BF-7BFE6B9E1D92}
[2011/05/12 21:00:44 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{D87BB867-F337-4B89-B1F5-7B7C4DC9E5A5}
[2011/05/12 09:00:21 | 000,000,000 | ---D | C] -- C:\Users\Charles Young\AppData\Local\{68F0B4FA-2F9A-4694-8520-718ED7E9848C}

========== Files - Modified Within 30 Days ==========

[2011/06/05 18:33:39 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/05 18:33:39 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/05 18:26:47 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/05 18:26:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/05 18:26:15 | 536,072,191 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/05 18:25:13 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/06/05 18:21:39 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/04 10:06:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Charles Young\Desktop\OTL.exe
[2011/06/03 22:00:10 | 000,606,105 | ---- | M] () -- C:\Users\Charles Young\Desktop\unhide.exe
[2011/06/02 23:12:37 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/02 23:12:37 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/02 23:12:37 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/02 23:11:23 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/02 23:06:52 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Charles Young\Desktop\mbam-setup-1.51.0.1200.exe
[2011/05/30 22:07:07 | 239,346,081 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/28 00:14:45 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/05/08 07:20:35 | 000,002,054 | ---- | M] () -- C:\Users\Charles Young\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2011/06/03 22:14:41 | 000,002,618 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - dell.lnk
[2011/06/03 22:14:41 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2011/06/03 22:14:41 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/06/03 22:14:41 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2011/06/03 22:14:41 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/03 22:14:41 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2011/06/03 22:14:40 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Media Impression.lnk
[2011/06/03 22:14:40 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/06/03 22:14:40 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2011/06/03 22:14:40 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Panorama Maker 4.lnk
[2011/06/03 22:14:40 | 000,002,065 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011/06/03 22:14:40 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\PHOTOfunSTUDIO -viewer-.lnk
[2011/06/03 22:14:40 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Quicken 2002.lnk
[2011/06/03 22:14:40 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/03 22:14:40 | 000,001,752 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2011/06/03 22:14:40 | 000,001,323 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2011/06/03 22:14:40 | 000,001,317 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/06/03 22:14:40 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/03 22:14:40 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/06/03 22:14:40 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Family Historian 4.1.lnk
[2011/06/03 22:14:40 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2011/06/03 22:14:40 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2011/06/03 22:14:40 | 000,000,195 | ---- | C] () -- C:\Users\Public\Desktop\Motley Fool.URL
[2011/06/03 22:14:39 | 000,002,325 | ---- | C] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2011/06/03 22:14:39 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2011/06/03 22:14:39 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/03 22:01:00 | 000,606,105 | ---- | C] () -- C:\Users\Charles Young\Desktop\unhide.exe
[2011/06/02 23:11:23 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/16 12:43:30 | 000,206,138 | ---- | C] () -- C:\Windows\hpoins35.dat.temp
[2010/10/16 12:43:30 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat.temp
[2010/10/11 22:57:49 | 000,220,673 | ---- | C] () -- C:\Windows\hpoins35.dat
[2010/09/22 00:22:28 | 000,037,888 | ---- | C] () -- C:\Users\Charles Young\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/10 15:55:23 | 000,000,837 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2010/07/10 15:55:23 | 000,000,052 | ---- | C] () -- C:\Windows\intuprof.ini
[2010/07/10 15:55:22 | 000,007,406 | ---- | C] () -- C:\Windows\ICOADB32.DAT
[2010/06/18 20:27:46 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/05 17:53:34 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/06/05 17:53:34 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/06/05 17:53:34 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/06/05 17:53:34 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/06/05 17:53:34 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/06/05 17:53:34 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/06/05 17:53:34 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/06/05 17:53:34 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/06/05 17:53:34 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/06/05 17:53:34 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/06/05 17:53:34 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/06/05 17:53:34 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/06/05 17:53:34 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/06/05 17:53:34 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/06/05 17:53:34 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/06/05 17:53:34 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2009/10/20 19:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/24 11:01:10 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2010/06/04 12:36:29 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Acronis
[2010/12/25 13:14:58 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Amazon
[2011/01/15 09:09:12 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\calibre
[2010/07/20 00:56:27 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\FileZilla
[2010/09/14 00:06:02 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\GARMIN
[2011/06/03 22:20:34 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Mp3tag
[2010/10/01 17:36:14 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Nokia
[2010/06/06 15:09:14 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Panasonic
[2010/09/21 22:04:49 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PC Suite
[2011/06/03 22:04:57 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PCDr
[2011/06/03 22:20:34 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\PDF Writer
[2011/04/30 19:17:59 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Softland
[2011/06/03 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\TomTom
[2010/06/23 10:50:21 | 000,000,000 | ---D | M] -- C:\Users\Charles Young\AppData\Roaming\Windows Live Writer
[2011/03/26 07:56:49 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:0FD841FF

< End of report >





ComboFix 11-06-03.02 - Charles Young 05/06/2011 18:42:19.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6143.4645 [GMT 1:00]
Running from: c:\users\Charles Young\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Charles Young\Documents\DPE.DUS
.
.
((((((((((((((((((((((((( Files Created from 2011-05-05 to 2011-06-05 )))))))))))))))))))))))))))))))
.
.
2011-06-05 17:49 . 2011-06-05 17:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-05 17:27 . 2011-06-05 17:27 -------- d-----w- c:\users\Charles Young\AppData\Local\{0F905B18-E1C3-4DAE-B24A-1EC72254E9D0}
2011-06-04 22:58 . 2011-06-04 22:58 -------- d-----w- c:\users\Charles Young\AppData\Local\{A2B53FD8-5674-4C07-9419-0EE3F5F4CA66}
2011-06-04 22:55 . 2011-06-04 22:55 -------- d-----w- C:\_OTL
2011-06-04 22:48 . 2011-06-04 22:48 -------- d-----w- c:\users\Charles Young\AppData\Local\{26BD4195-22A4-46A9-80A7-AF08988495F1}
2011-06-04 22:35 . 2011-06-04 22:35 -------- d-----w- c:\users\Charles Young\AppData\Local\{EFD1005D-87B3-4B8B-A1D6-9C58283173EB}
2011-06-04 06:40 . 2011-06-04 06:40 -------- d-----w- c:\users\Charles Young\AppData\Local\{DB72A417-BD19-45C1-944E-43C2816027AB}
2011-06-03 17:14 . 2011-06-03 17:14 -------- d-----w- c:\users\Charles Young\AppData\Local\{4C3CE342-9EEC-4A79-A722-EE2E65DA50F4}
2011-06-02 23:12 . 2011-06-02 23:12 -------- d-----w- c:\users\Charles Young\AppData\Local\{91D5A293-B957-48B0-8DEF-C9E38D5DA648}
2011-06-02 22:32 . 2011-06-02 22:32 -------- d-----w- c:\users\Charles Young\AppData\Local\{8C4AC921-824D-42EF-A6C8-3507892D286B}
2011-06-02 22:11 . 2011-06-02 22:11 -------- d-----w- c:\users\Charles Young\AppData\Roaming\Malwarebytes
2011-06-02 22:11 . 2011-06-03 21:02 -------- d-----w- c:\programdata\Malwarebytes
2011-06-02 22:11 . 2011-05-29 08:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-02 22:11 . 2011-05-29 08:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-02 22:11 . 2011-06-03 21:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-02 21:52 . 2011-06-02 21:52 -------- d-----w- c:\users\Charles Young\AppData\Local\{75C4DB64-1B01-40FA-9C4B-AC477DA77BB9}
2011-06-02 21:34 . 2011-06-02 21:34 -------- d-----w- c:\users\Charles Young\AppData\Local\{607B62AA-3BBA-454E-A77B-26E3FF79506E}
2011-06-02 06:26 . 2011-06-02 06:26 -------- d-----w- c:\users\Charles Young\AppData\Local\{ADD3680B-66B7-40D9-AF8C-B770113FD0AE}
2011-06-01 20:46 . 2011-06-01 20:46 -------- d-----w- c:\users\Charles Young\AppData\Local\{0869EE7F-8A89-49E2-997A-150CC319B3AA}
2011-06-01 08:56 . 2011-06-01 08:56 -------- d-----w- C:\found.000
2011-06-01 08:33 . 2011-06-01 08:33 -------- d-----w- c:\users\Charles Young\AppData\Local\{4CB7017A-5AA4-4BF5-B3F8-29BD4F4F746C}
2011-05-31 13:01 . 2011-05-31 13:01 -------- d-----w- c:\users\Charles Young\AppData\Local\{4C78F803-30AB-45D0-A492-BE77B2E8AE09}
2011-05-30 18:46 . 2011-05-30 18:46 -------- d-----w- c:\users\Charles Young\AppData\Local\{265B000F-EF52-438A-9E42-C0E43163E64F}
2011-05-27 07:15 . 2011-05-28 21:31 -------- d-----w- c:\users\Charles Young\AppData\Local\{1A0BC86A-BF5A-48F9-95FD-5B3492A7A2BF}
2011-05-25 07:13 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-25 07:09 . 2011-05-26 19:14 -------- d-----w- c:\users\Charles Young\AppData\Local\{35ED749F-8EEC-4A8E-A5D4-B525C54CB63F}
2011-05-24 13:27 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-24 13:27 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-24 07:25 . 2011-05-24 07:26 -------- d-----w- c:\users\Charles Young\AppData\Local\{DD79A5AE-E9FF-4A93-AC83-35D0FEAC5B51}
2011-05-23 19:25 . 2011-05-23 19:25 -------- d-----w- c:\users\Charles Young\AppData\Local\{97D271EB-8DC2-41CC-9115-AD358AC984C1}
2011-05-23 07:25 . 2011-05-23 07:25 -------- d-----w- c:\users\Charles Young\AppData\Local\{31358479-DB87-49FB-A81D-810CAEA20521}
2011-05-20 18:39 . 2011-05-22 19:14 -------- d-----w- c:\users\Charles Young\AppData\Local\{860BA626-CE9D-4541-8FB7-0DC99BE0FDEB}
2011-05-19 18:06 . 2011-05-20 06:26 -------- d-----w- c:\users\Charles Young\AppData\Local\{CA1FDF15-AB2A-4A48-A116-4DEBB2262452}
2011-05-19 06:06 . 2011-05-19 06:06 -------- d-----w- c:\users\Charles Young\AppData\Local\{92EF38F3-D30E-4D6E-833E-F2A2FFE80E9E}
2011-05-16 23:53 . 2011-05-18 16:33 -------- d-----w- c:\users\Charles Young\AppData\Local\{A8504942-41C8-451E-B0FB-F38F1D2A1554}
2011-05-15 11:53 . 2011-05-16 11:53 -------- d-----w- c:\users\Charles Young\AppData\Local\{15835900-72A7-46B2-B65A-BCD8C4892392}
2011-05-14 07:04 . 2011-05-27 23:10 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-13 08:01 . 2011-05-13 20:01 -------- d-----w- c:\users\Charles Young\AppData\Local\{A534960F-E6AC-4098-99BF-7BFE6B9E1D92}
2011-05-12 20:00 . 2011-05-12 20:00 -------- d-----w- c:\users\Charles Young\AppData\Local\{D87BB867-F337-4B89-B1F5-7B7C4DC9E5A5}
2011-05-12 08:00 . 2011-05-12 08:00 -------- d-----w- c:\users\Charles Young\AppData\Local\{68F0B4FA-2F9A-4694-8520-718ED7E9848C}
2011-05-11 18:21 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 18:21 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 18:21 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 18:20 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 18:20 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 18:20 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 18:20 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 18:20 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 18:20 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-01 11:20 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-01 11:20 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-04-27 03:54 . 2010-06-14 19:11 710976 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-04-25 11:39 . 2010-10-17 23:12 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-14 13:01 . 2010-06-01 09:29 9984 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 13:01 . 2010-01-05 16:04 94992 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-04-14 13:01 . 2010-01-05 16:04 75160 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-04-14 13:01 . 2010-01-05 16:04 63056 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-04-14 13:01 . 2010-01-05 16:04 530304 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-04-14 13:01 . 2010-01-05 16:04 441840 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-04-14 13:01 . 2010-01-05 16:04 283744 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-04-14 13:01 . 2010-01-05 16:04 190520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 13:01 . 2010-01-05 16:04 121376 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-06 15:26 . 2011-04-06 15:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 15:26 . 2011-04-06 15:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 15:20 . 2011-04-06 15:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 15:20 . 2011-04-06 15:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-04-01 13:58 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-31 03:01 . 2011-03-31 03:01 2594584 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-7\markup.dll
2011-03-31 03:00 . 2010-06-14 19:11 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-03-30 03:35 . 2011-03-29 04:57 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-03-12 12:08 . 2011-04-27 07:53 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-12 11:23 . 2011-04-27 07:53 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-11 06:41 . 2011-04-27 07:52 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-03-11 06:41 . 2011-04-27 07:52 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-03-11 06:41 . 2011-04-27 07:52 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-03-11 06:41 . 2011-04-27 07:52 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-03-11 06:41 . 2011-04-27 07:52 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-03-11 06:41 . 2011-04-27 07:52 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-03-11 06:41 . 2011-04-27 07:52 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-03-11 06:34 . 2011-04-14 09:44 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-14 09:44 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:33 . 2011-04-27 07:52 2565632 ----a-w- c:\windows\system32\esent.dll
2011-03-11 06:30 . 2011-04-27 07:52 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-03-11 05:33 . 2011-04-14 09:44 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:33 . 2011-04-14 09:44 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-27 07:52 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-03-11 05:31 . 2011-04-27 07:52 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-03-08 06:29 . 2011-04-14 09:44 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-14 09:44 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B7C2F0D8-2209-4693-A15D-5A537211D48B}]
2010-07-09 20:06 1502208 ----a-w- c:\program files (x86)\Nectar Search Toolbar\Toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{8020143D-5926-4394-A04D-DD0B649DA121}"= "c:\program files (x86)\Nectar Search Toolbar\Toolbar.dll" [2010-07-09 1502208]
.
[HKEY_CLASSES_ROOT\clsid\{8020143d-5926-4394-a04d-dd0b649da121}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{22466F1F-0B10-41B0-A971-3A28599AA7C7}]
[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-04-18 15146376]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-05-27 2988928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-04-05 1486392]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-12-15 498160]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-14 421160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2010-10-01 560128]
.
c:\users\Charles Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Billminder.lnk - c:\program files (x86)\QUICKENW\BILLMIND.EXE [2010-7-10 36864]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
PHOTOfunSTUDIO -viewer-.lnk - c:\program files (x86)\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [2010-6-5 40960]
Quicken Startup.lnk - c:\program files (x86)\QUICKENW\QWDLLS.EXE [2010-7-10 36864]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-05 136176]
R2 mrtRate;mrtRate; [x]
R3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);c:\windows\system32\DRIVERS\CamDrL64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-05 136176]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-04-14 149032]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-05 00:38]
.
2011-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-05 00:38]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.co.uk
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.0.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20101221064513
FF - ProfilePath - c:\users\Charles Young\AppData\Roaming\Mozilla\Firefox\Profiles\187tzb3q.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-TomTomHOME.exe - c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
Toolbar-Locked - (no file)
WebBrowser-{8020143D-5926-4394-A04D-DD0B649DA121} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-06-05 18:51:43
ComboFix-quarantined-files.txt 2011-06-05 17:51
.
Pre-Run: 801,479,561,216 bytes free
Post-Run: 806,689,878,016 bytes free
.
- - End Of File - - BC6468A8C71C71361FAF6C5F8627128D
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
When you try to connect to the network what errors do you get ?

Have you tried the windows trouble shooter to determine the problem
  • 0

#7
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Essexboy

Sorry for the delay. The quick answer is, yes, I have tried the troubleshooter. I'll come back tonight with full details of errors.

Charles
  • 0

#8
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Hello again Essexboy

Sorry for the delay.

I have pdf'ed the detailed error message that came out from the Windows troubleshooter. Copy attached.

Any ideas?

Charles

Attached Files


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A network adapter problem for sure. Lets get some data and I will ask the techs if they know a resolution

Please download SINO by Artellos.

  • Save SINO to a place you can remember and run SINO.exe. (If you downloaded the ZIP version you will need to extract it first)
  • Then please check the following checkboxes:
    System Info
    Services
    Boot Check
    Tasklist
    Startup Items
    Event Log
    Ipconfig
    Ping
    Netstat
    Hosts file
    Shares
    Routing Table
  • Once checked, hit the Run Scan! button and wait for the program to finish the scan.
  • A notepad window will pop up. Please copy all of the content into your next reply.
Note: If you try to interact with the program once it’s started scanning it might appear to hang. The scan however will continue.
  • 0

#10
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Unfortunately the computer doesn't seem to like SINO. When I run it, it first warns me that it can't update itself (obviously,no internet connection) so will run the current version. Then I tick all the boxes that you requested. When I click Run Scan, it opens a second small window and in a 3rd window, it says that I haven't made a selection and I should select one or more boxes to proceed. I have attached a small screnshot so you can see what I mean.

By the way, McAfee warned me about a potentially unwanted program today, Tool-NirCmd. From what I have seen elsewhere on the web, it is something used by Combofix. Are you happy for me to tell McAfee to trust it.

Charles

Attached Thumbnails

  • screenshot.jpg

  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you retry but right click and select run as administrator please

Yes allow nircmd for now but once we remove combofix then put it on the no list

Also within device manager do you have any yellow marks ?
  • 0

#12
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Well, after a couple of tries, I got SINO working, mostly. Before I post the log, I also had a look at device manager as requested. No yellow problem marks. I did have a look at the network adapter settings. There are two listed:

Realtek PCIe GBE Family Controller - this adapter is enabled
Realtek Virtual Miniport Driver for VLAN (NDIS 6.2) - this is DISABLED

Does that sound right? (I have never had anything to do with network adapters before, so have no idea what's normal.)


Anyway, I got SINO running, I think by clicking the second blank box that came up with the message about being unable to update the program. Even here, things haven't been quite right: the program seems to hang on the Boot check.

So I'm sending two logs;
- the first is the incomplete one that came out when I closed the program when it had hung on the boot check
- the second is from a run with the boot check unchecked.
I have left the computer trying to do a run where only the Boot check is checked. It has had 20 minutes already,so I suspect that there will be nothing further to add.

Here's the first log

Exception in Tkinter callback
Traceback (most recent call last):
File "Tkinter.pyc", line 1414, in __call__
File "SINO.py", line 934, in runScan
File "SINO.py", line 350, in startScan
IOError: [Errno 2] No such file or directory: u'C:\\boot.ini'
Exception in Tkinter callback
Traceback (most recent call last):
File "Tkinter.pyc", line 1414, in __call__
File "SINO.py", line 934, in runScan
File "SINO.py", line 350, in startScan
IOError: [Errno 2] No such file or directory: u'C:\\boot.ini'

And here's the second one

System Investigator by Olrik
Log Created On: 1547_11-06-2011
SINO Version: 3.1.0.0

Total RAM: 6142 MB | Free RAM: 4650 MB | Pagefile Size: 6142 MB
C: | 769035 MB out of 942546 MB Free | Local Fixed Disk
D: | None | CD-ROM Disc
E: | 3845 MB out of 3848 MB Free | Removable Disk
F: | None | Removable Disk
G: | None | Removable Disk
H: | None | Removable Disk
I: | None | Removable Disk

<<<< System Information >>>>

Computer Name: STUDY-DELL
Username: Charles Young
Language Setting: ENG
Windows Directory: C:\Windows
Windows Version: Windows XP Service Pack 2
Windows Mode: Normal

<<<< Tasklist >>>>

[System Idle Process] - Process ID: 0
[System] - Process ID: 4
[smss.exe] - Process ID: 328
[C:\Windows\system32\csrss.exe] - Process ID: 576
[C:\Windows\system32\wininit.exe] - Process ID: 636
[C:\Windows\system32\csrss.exe] - Process ID: 656
[C:\Windows\system32\services.exe] - Process ID: 700
[C:\Windows\system32\lsass.exe] - Process ID: 716
[C:\Windows\system32\lsm.exe] - Process ID: 724
[C:\Windows\system32\svchost.exe] - Process ID: 832
[C:\Windows\system32\winlogon.exe] - Process ID: 900
[C:\Windows\system32\nvvsvc.exe] - Process ID: 936
[C:\Windows\system32\svchost.exe] - Process ID: 976
[C:\Windows\System32\svchost.exe] - Process ID: 352
[C:\Windows\System32\svchost.exe] - Process ID: 584
[C:\Windows\system32\svchost.exe] - Process ID: 384
[C:\Windows\system32\svchost.exe] - Process ID: 1128
[C:\Windows\system32\nvvsvc.exe] - Process ID: 1184
[C:\Program Files\Dell\DellDock\DockLogin.exe] - Process ID: 1212
[C:\Windows\system32\svchost.exe] - Process ID: 1324
[C:\Windows\System32\spoolsv.exe] - Process ID: 1468
[C:\Windows\system32\svchost.exe] - Process ID: 1496
[C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE] - Process ID: 1628
[C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe] - Process ID: 1668
[C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe] - Process ID: 1688
[C:\Program Files (x86)\Bonjour\mDNSResponder.exe] - Process ID: 1716
[C:\Windows\system32\svchost.exe] - Process ID: 1768
[C:\Windows\SysWOW64\svchost.exe] - Process ID: 1800
[C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe] - Process ID: 1836
[C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe] - Process ID: 1880
[C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe] - Process ID: 2024
[C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE] - Process ID: 1228
[C:\Windows\system32\rundll32.exe] - Process ID: 1428
[C:\Windows\SysWOW64\rundll32.exe] - Process ID: 380
[C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE] - Process ID: 2056
[C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe] - Process ID: 2120
[C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe] - Process ID: 2264
[C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe] - Process ID: 2348
[C:\Windows\system32\svchost.exe] - Process ID: 2820
[C:\Windows\system32\svchost.exe] - Process ID: 1552
[C:\Windows\system32\WUDFHost.exe] - Process ID: 3152
[C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe] - Process ID: 3092
[C:\Windows\system32\svchost.exe] - Process ID: 3676
[C:\Windows\system32\SearchIndexer.exe] - Process ID: 2216
[C:\Program Files\Windows Media Player\wmpnetwk.exe] - Process ID: 3048
[C:\Windows\system32\taskhost.exe] - Process ID: 4028
[C:\Windows\system32\Dwm.exe] - Process ID: 1640
[C:\Windows\Explorer.EXE] - Process ID: 3752
[C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] - Process ID: 4236
[C:\Windows\WindowsMobile\wmdc.exe] - Process ID: 4244
[C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe] - Process ID: 4252
[C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe] - Process ID: 4276
[C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe] - Process ID: 4292
[C:\Program Files (x86)\Skype\Phone\Skype.exe] - Process ID: 4312
[C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE] - Process ID: 4324
[C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe] - Process ID: 4456
[C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe] - Process ID: 4464
[C:\Program Files (x86)\QUICKENW\QWDLLS.EXE] - Process ID: 4516
[C:\Program Files\Dell\DellDock\DellDock.exe] - Process ID: 4680
[C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE] - Process ID: 4696
[C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe] - Process ID: 4716
[C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe] - Process ID: 4732
[C:\Program Files\mcafee.com\agent\mcagent.exe] - Process ID: 4744
[C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe] - Process ID: 4764
[C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe] - Process ID: 4772
[C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe] - Process ID: 4808
[C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe] - Process ID: 4916
[C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac] - Process ID: 4944
[C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe] - Process ID: 5052
[C:\Windows\system32\svchost.exe] - Process ID: 5092
[C:\Program Files (x86)\iTunes\iTunesHelper.exe] - Process ID: 5164
[C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe] - Process ID: 5864
[C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE] - Process ID: 5888
[C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe] - Process ID: 5356
[C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe] - Process ID: 5384
[C:\Program Files\iPod\bin\iPodService.exe] - Process ID: 6372
[C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe] - Process ID: 6660
[C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe] - Process ID: 6704
[C:\Windows\system32\wuauclt.exe] - Process ID: 7056
[C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe] - Process ID: 4208
[C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe] - Process ID: 2620
[C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe] - Process ID: 6288
[C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe] - Process ID: 4536
[C:\Windows\sysWOW64\wbem\wmiprvse.exe] - Process ID: 796
[C:\Windows\system32\mmc.exe] - Process ID: 4004
[audiodg.exe] - Process ID: 2880
[C:\Windows\system32\wbem\wmiprvse.exe] - Process ID: 4940
[C:\Windows\System32\msdt.exe] - Process ID: 3920
[C:\Windows\System32\sdiagnhost.exe] - Process ID: 5400
[C:\Windows\system32\conhost.exe] - Process ID: 3220
[C:\Windows\system32\taskeng.exe] - Process ID: 2852
[C:\Users\CHARLE~1\AppData\Local\Temp\SINO\SINO.exe] - Process ID: 772

<<<< Startup Items >>>>

[Dell Dock.lnk] - <Startup> - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
[OneNote 2007 Screen Clipper and Launcher.lnk] - <Startup> - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[Billminder.lnk] - <Common Startup> - C:\Program Files (x86)\QUICKENW\BILLMIND.EXE
[HP Digital Imaging Monitor.lnk] - <Common Startup> - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[PHOTOfunSTUDIO -viewer-.lnk] - <Common Startup> - C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
[Quicken Startup.lnk] - <Common Startup> - C:\Program Files (x86)\QUICKENW\QWDLLS.EXE
[RtHDVCpl] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[Windows Mobile Device Center] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - %windir%\WindowsMobile\wmdc.exe
[msnmsgr] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
[NokiaOviSuite2] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
[FileHippo.com] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
[Skype] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
[SUPERAntiSpyware] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

<<<< MS Services >>>>

Windows Audio (AudioSrv) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Background Intelligent Transfer Service (BITS) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Computer Browser (Browser) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Cryptographic Services (CryptSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k NetworkService
DCOM Server Process Launcher (DcomLaunch) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k DcomLaunch
DHCP Client (Dhcp) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
DNS Client (Dnscache) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k NetworkService
Windows Event Log (eventlog) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
COM+ Event System (EventSystem) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Human Interface Device Access (hidserv) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Server (LanmanServer) - Running [Auto | Stoppable | Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Workstation (LanmanWorkstation) - Running [Auto | Stoppable | Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
TCP/IP NetBIOS Helper (lmhosts) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Network Connections (Netman) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Plug and Play (PlugPlay) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k DcomLaunch
IPsec Policy Agent (PolicyAgent) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Protected Storage (ProtectedStorage) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\lsass.exe
Remote Access Connection Manager (RasMan) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Remote Procedure Call (RPC) (RpcSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k rpcss
Security Accounts Manager (SamSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\lsass.exe
Task Scheduler (Schedule) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Secondary Logon (seclogon) - Running [Auto | Stoppable | Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
System Event Notification Service (SENS) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Shell Hardware Detection (ShellHWDetection) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Print Spooler (Spooler) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\spoolsv.exe
SSDP Discovery (SSDPSRV) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Windows Image Acquisition (WIA) (stisvc) - Running [Auto | Stoppable | Pausable] - C:\Windows\system32\svchost.exe -k imgsvc
Telephony (TapiSrv) - Running [Manual | Stoppable | Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
Themes (Themes) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Distributed Link Tracking Client (TrkWks) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
UPnP Device Host (upnphost) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Windows Time (W32Time) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Windows Management Instrumentation (Winmgmt) - Running [Auto | Stoppable | Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Media Player Network Sharing Service (WMPNetworkSvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
Security Center (wscsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Windows Update (wuauserv) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Driver Foundation - User-mode Driver Framework (wudfsvc) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Application Layer Gateway Service (ALG) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\alg.exe
Bluetooth Support Service (bthserv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k bthsvcs
Microsoft .NET Framework NGEN v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
COM+ System Application (COMSysApp) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Wired AutoConfig (dot3svc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Extensible Authentication Protocol (EapHost) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Windows Media Center Receiver Service (ehRecvr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\ehome\ehRecvr.exe
Windows Media Center Scheduler Service (ehSched) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\ehome\ehsched.exe
Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
Health Key and Certificate Management (hkmsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Windows CardSpace (idsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
Microsoft Office Groove Audit Service (Microsoft Office Groove Audit Service) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe"
Distributed Transaction Coordinator (MSDTC) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\msdtc.exe
Windows Installer (msiserver) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\msiexec.exe /V
Network Access Protection Agent (napagent) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
Netlogon (Netlogon) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\lsass.exe
Net.Tcp Port Sharing Service (NetTcpPortSharing) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Microsoft Office Diagnostics Service (odserv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Office Source Engine (ose) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Pml Driver HPZ12 (Pml Driver HPZ12) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k HPZ12
Remote Access Auto Connection Manager (RasAuto) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Routing and Remote Access (RemoteAccess) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Remote Registry (RemoteRegistry) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k regsvc
Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini"
Remote Procedure Call (RPC) Locator (RpcLocator) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\locator.exe
Smart Card (SCardSvr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Internet Connection Sharing (ICS) (SharedAccess) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Microsoft Software Shadow Copy Provider (swprv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k swprv
Remote Desktop Services (TermService) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
Volume Shadow Copy (VSS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\vssvc.exe
WebClient (WebClient) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
WMI Performance Adapter (wmiApSrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\wbem\WmiApSrv.exe

<<<< Non-MS Services >>>>

SAS Core Service (!SASCORE) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
ArcSoft Connect Daemon (ACDaemon) - Running [Auto | Stoppable | Pausable] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
Application Experience (AeLookupSvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Application Information (Appinfo) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Apple Mobile Device (Apple Mobile Device) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
Windows Audio Endpoint Builder (AudioEndpointBuilder) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Base Filtering Engine (BFE) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Bonjour Service (Bonjour Service) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
Dock Login Service (DockLoginService) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Dell\DellDock\DockLogin.exe
Diagnostic Policy Service (DPS) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Encrypting File System (EFS) (EFS) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\System32\lsass.exe
Function Discovery Resource Publication (FDResPub) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Windows Font Cache Service (FontCache) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Group Policy Client (gpsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
hpqcxs08 (hpqcxs08) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k hpdevmgmt
HP CUE DeviceDiscovery Service (hpqddsvc) - Running [Auto | Stoppable | Pausable] - C:\Windows\system32\svchost.exe -k hpdevmgmt
HP Network Devices Support (HPSLPSVC) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k HPService
Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
IKE and AuthIP IPsec Keying Modules (IKEEXT) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
IP Helper (iphlpsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetSvcs
iPod Service (iPod Service) - Running [Manual | Stoppable | Not_Pausable] - "C:\Program Files\iPod\bin\iPodService.exe"
McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
McAfee Personal Firewall Service (McMPFSvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
McAfee Services (mcmscsvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc
McAfee VirusScan Announcer (McNaiAnn) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc
McAfee Network Agent (McNASvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc
McAfee Proxy Service (McProxy) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc
McShield (McShield) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
McAfee Firewall Core Service (mfefire) - Running [Auto | Stoppable | Pausable] - "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
McAfee Validation Trust Protection Service (mfevtp) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe"
Multimedia Class Scheduler (MMCSS) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Firewall (MpsSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
McAfee Anti-Spam Service (MSK80Service) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
Network List Service (netprofm) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalService
Network Location Awareness (NlaSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
Network Store Interface Service (nsi) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
NVIDIA Display Driver Service (nvsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\nvvsvc.exe
Program Compatibility Assistant Service (PcaSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Power (Power) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k DcomLaunch
User Profile Service (ProfSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Mobile-based device connectivity (RapiMgr) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k WindowsMobile
RPC Endpoint Mapper (RpcEptMapper) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k RPCSS
SeaPort (SeaPort) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
ServiceLayer (ServiceLayer) - Running [Manual | Stoppable | Not_Pausable] - "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
SoftThinks Agent Service (SftService) - Running [Auto | Stoppable | Pausable] - "C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
Secure Socket Tunneling Protocol Service (SstpSvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Superfetch (SysMain) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Desktop Window Manager Session Manager (UxSms) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Windows Mobile-2003-based device connectivity (WcesComm) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k WindowsMobile
Diagnostic Service Host (WdiServiceHost) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalService
Diagnostic System Host (WdiSystemHost) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Windows Live ID Sign-in Assistant (wlidsvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
Portable Device Enumerator Service (WPDBusEnum) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Windows Search (WSearch) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\SearchIndexer.exe /Embedding
Application Identity (AppIDSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ActiveX Installer (AxInstSV) (AxInstSV) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k AxInstSVGroup
BitLocker Drive Encryption Service (BDESVC) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Certificate Propagation (CertPropSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Microsoft .NET Framework NGEN v2.0.50727_X64 (clr_optimization_v2.0.50727_64) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Microsoft .NET Framework NGEN v4.0.30319_X64 (clr_optimization_v4.0.30319_64) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
Disk Defragmenter (defragsvc) - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k defragsvc
[color=#0000FF]Fax (Fax)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\fxssvc.exe
[color=#0000FF]Function Discovery Provider Host (fdPHost)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalService
[color=#0000FF]Windows Live Family Safety Service (fsssvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe"
[color=#0000FF]GamesAppService (GamesAppService)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe"
[color=#0000FF]Google Update Service (gupdate) (gupdate)[/color] - [color=#CC6600]Stopped [Auto | Not_Stoppable | Not_Pausable][/color] - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
[color=#0000FF]Google Update Service (gupdatem) (gupdatem)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
[color=#0000FF]Google Updater Service (gusvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
[color=#0000FF]HomeGroup Listener (HomeGroupListener)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
[color=#0000FF]HomeGroup Provider (HomeGroupProvider)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
[color=#0000FF]PnP-X IP Bus Enumerator (IPBusEnum)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
[color=#0000FF]CNG Key Isolation (KeyIso)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\lsass.exe
[color=#0000FF]KtmRm for Distributed Transaction Coordinator (KtmRm)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
[color=#0000FF]Link-Layer Topology Discovery Mapper (lltdsvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalService
[color=#0000FF]McAfee Scanner (McODS)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - "C:\Program Files\mcafee\VirusScan\mcods.exe"
[color=#0000FF]McAfee OOBE Service (McOobeSv)[/color] - [color=#CC6600]Stopped [Disabled | Not_Stoppable | Not_Pausable][/color] - "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc
[color=#0000FF]Media Center Extender Service (Mcx2Svc)[/color] - [color=#CC6600]Stopped [Disabled | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
[color=#0000FF]Microsoft iSCSI Initiator Service (MSiSCSI)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k netsvcs
[color=#0000FF]Net Driver HPZ12 (Net Driver HPZ12)[/color] - [color=#CC6600]Stopped [Auto | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k HPZ12
[color=#0000FF]Peer Networking Identity Manager (p2pimsvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalServicePeerNet
[color=#0000FF]Peer Networking Grouping (p2psvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalServicePeerNet
[color=#0000FF]Performance Counter DLL Host (PerfHost)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\SysWow64\perfhost.exe
[color=#0000FF]Performance Logs & Alerts (pla)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
[color=#0000FF]PNRP Machine Name Publication Service (PNRPAutoReg)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalServicePeerNet
[color=#0000FF]Peer Name Resolution Protocol (PNRPsvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalServicePeerNet
[color=#0000FF]Quality Windows Audio Video Experience (QWAVE)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
[color=#0000FF]Smart Card Removal Policy (SCPolicySvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k netsvcs
[color=#0000FF]Windows Backup (SDRSVC)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k SDRSVC
[color=#0000FF]Adaptive Brightness (SensrSvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
[color=#0000FF]Remote Desktop Configuration (SessionEnv)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k netsvcs
[color=#0000FF]SNMP Trap (SNMPTRAP)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\snmptrap.exe
[color=#0000FF]Software Protection (sppsvc)[/color] - [color=#CC6600]Stopped [Auto | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\sppsvc.exe
[color=#0000FF]SPP Notification Service (sppuinotify)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalService
[color=#0000FF]Tablet PC Input Service (TabletInputService)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
[color=#0000FF]TPM Base Services (TBS)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
[color=#0000FF]Thread Ordering Server (THREADORDER)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalService
[color=#0000FF]Windows Modules Installer (TrustedInstaller)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\servicing\TrustedInstaller.exe
[color=#0000FF]Interactive Services Detection (UI0Detect)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\UI0Detect.exe
[color=#0000FF]Credential Manager (VaultSvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\lsass.exe
[color=#0000FF]Virtual Disk (vds)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\vds.exe
[color=#0000FF]Windows Activation Technologies Service (WatAdminSvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\Wat\WatAdminSvc.exe
[color=#0000FF]Block Level Backup Engine Service (wbengine)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - "C:\Windows\system32\wbengine.exe"
[color=#0000FF]Windows Biometric Service (WbioSrvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k WbioSvcGroup
[color=#0000FF]Windows Connect Now - Config Registrar (wcncsvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
[color=#0000FF]Windows Color System (WcsPlugInService)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k wcssvc
[color=#0000FF]Windows Event Collector (Wecsvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k NetworkService
[color=#0000FF]Problem Reports and Solutions Control Panel Support (wercplsupport)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k netsvcs
[color=#0000FF]Windows Error Reporting Service (WerSvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k WerSvcGroup
[color=#0000FF]Windows Defender (WinDefend)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k secsvcs
[color=#0000FF]Windows Remote Management (WS-Management) (WinRM)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\System32\svchost.exe -k NetworkService
[color=#0000FF]WLAN AutoConfig (Wlansvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
[color=#0000FF]Windows Live Mesh remote connections service (wlcrasvc)[/color] - [color=#CC6600]Stopped [Disabled | Not_Stoppable | Not_Pausable][/color] - "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
[color=#0000FF]Parental Controls (WPCSvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
[color=#0000FF]WWAN AutoConfig (WwanSvc)[/color] - [color=#CC6600]Stopped [Manual | Not_Stoppable | Not_Pausable][/color] - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

[color=#FF0000]<<<< Last 5 Application Errors or Warnings >>>>[/color]

[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 1[/color] | [color=#CC6600]Source: OviSuite[/color] | Type: Error | Date: 11-6-11 15:47:55 | Log: Application
Message: <The description for Event ID ( 1 ) in Source ( u'OviSuite' ) could not be found. It contains the following insertion string(s):u'11/06/2011 15:47:55 (OviSuite) - ERROR - DashboardPlugin, Thread GUI, Line 825,\t.\\Application\\DashboardView.cpp, CDashboardView::onNotifyWidgetCleared(): Could not found pNotifyElement from m_listShowableElement'.>
[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 1[/color] | [color=#CC6600]Source: OviSuite[/color] | Type: Error | Date: 11-6-11 15:47:55 | Log: Application
Message: <The description for Event ID ( 1 ) in Source ( u'OviSuite' ) could not be found. It contains the following insertion string(s):u'11/06/2011 15:47:55 (OviSuite) - ERROR - DashboardPlugin, Thread GUI, Line 825,\t.\\Application\\DashboardView.cpp, CDashboardView::onNotifyWidgetCleared(): Could not found pNotifyElement from m_listShowableElement'.>
[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 1[/color] | [color=#CC6600]Source: OviSuite[/color] | Type: Warning | Date: 11-6-11 15:42:22 | Log: Application
Message: <The description for Event ID ( 1 ) in Source ( u'OviSuite' ) could not be found. It contains the following insertion string(s):u'11/06/2011 15:42:22 (OviSuite) - WARNING - MapsPlugin, Thread GUI, Line 482,\t.\\Application\\ItemsPane.cpp, CItemsPane::showItemsPaneNoData(): ShowItemsPaneNoData error 1001'.>
[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 1[/color] | [color=#CC6600]Source: OviSuite[/color] | Type: Error | Date: 11-6-11 15:42:22 | Log: Application
Message: <The description for Event ID ( 1 ) in Source ( u'OviSuite' ) could not be found. It contains the following insertion string(s):u'11/06/2011 15:42:22 (OviSuite) - ERROR - DashboardPlugin, Thread GUI, Line 825,\t.\\Application\\DashboardView.cpp, CDashboardView::onNotifyWidgetCleared(): Could not found pNotifyElement from m_listShowableElement'.>
[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 1[/color] | [color=#CC6600]Source: OviSuite[/color] | Type: Error | Date: 11-6-11 15:42:22 | Log: Application
Message: <The description for Event ID ( 1 ) in Source ( u'OviSuite' ) could not be found. It contains the following insertion string(s):u'11/06/2011 15:42:22 (OviSuite) - ERROR - DashboardPlugin, Thread GUI, Line 825,\t.\\Application\\DashboardView.cpp, CDashboardView::onNotifyWidgetCleared(): Could not found pNotifyElement from m_listShowableElement'.>
[color=#FF0000]<<<< Last 5 System Errors or Warnings >>>>[/color]

[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 51[/color] | [color=#CC6600]Source: Disk[/color] | Type: Warning | Date: 11-6-11 15:15:27 | Log: System
Message: An error was detected on device \Device\Harddisk5\DR6 during a paging operation.


[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 7011[/color] | [color=#CC6600]Source: Service Control Manager[/color] | Type: Error | Date: 11-6-11 15:15:15 | Log: System
Message: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.


[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 134[/color] | [color=#CC6600]Source: Microsoft-Windows-Time-Service[/color] | Type: Warning | Date: 11-6-11 14:46:47 | Log: System
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)


[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 134[/color] | [color=#CC6600]Source: Microsoft-Windows-Time-Service[/color] | Type: Warning | Date: 11-6-11 14:46:45 | Log: System
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)


[color=#0000FF]Computer Name: Study-Dell[/color] | [color=#CC6600]ID: 134[/color] | [color=#CC6600]Source: Microsoft-Windows-Time-Service[/color] | Type: Warning | Date: 11-6-11 14:46:41 | Log: System
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)


[color=#FF0000]<<<< Special Events >>>>[/color]

There were no special events found

[color=#FF0000]<<<< Ipconfig >>>>[/color]

Windows IP Configuration

Host Name . . . . . . . . . . . . : Study-Dell
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-25-64-87-DC-AA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d083:e4ef:2fbe:a8db%10(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.168.219(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 234890596
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-97-04-49-00-25-64-87-DC-AA
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{21527730-7C4E-45A1-93A8-08D6134792CF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes


[color=#FF0000]<<<< Pinging >>>>[/color]

Pinging to www.opendns.com
There was a problem executing a ping to www.opendns.com
This can be due to various reasons. Missing a DNS Server or Internet Connection are the biggest cause of this error.

[color=#4169E1]OpenDNS IP Test[/color]
Pinging to 208.69.38.150 [208.69.38.150]:
Response - None
Response - None
Response - None
Response - NonePackets: Sent = 4, Received = 0, Lost = 4
Minimum = 0ms - Maximum = 0ms

Pinging to www.kaspersky.com
There was a problem executing a ping to www.kaspersky.com
This can be due to various reasons. Missing a DNS Server or Internet Connection are the biggest cause of this error.

[color=#4169E1]Kaspersky IP Test[/color]
Pinging to 195.27.181.10 [195.27.181.10]:
Response - None
Response - None
Response - None
Response - NonePackets: Sent = 4, Received = 0, Lost = 4
Minimum = 0ms - Maximum = 0ms

Pinging to www.youtube.com
There was a problem executing a ping to www.youtube.com
This can be due to various reasons. Missing a DNS Server or Internet Connection are the biggest cause of this error.

[color=#4169E1]YouTube IP Test[/color]
Pinging to 66.102.9.136 [66.102.9.136]:
Response - None
Response - None
Response - None
Response - NonePackets: Sent = 4, Received = 0, Lost = 4
Minimum = 0ms - Maximum = 0ms

[color=#4169E1]localhost Test[/color]
Pinging to 127.0.0.1 [127.0.0.1]:
Response - 0ms
Response - 0ms
Response - 0ms
Response - 0msPackets: Sent = 4, Received = 4, Lost = 0
Minimum = 0ms - Maximum = 0ms


[color=#FF0000]<<<< Netstat >>>>[/color]

Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 976
RpcSs
[System]
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 0.0.0.0:554 0.0.0.0:0 LISTENING 3048
WMPNetworkSvc
[System]
TCP 0.0.0.0:990 0.0.0.0:0 LISTENING 3676
WcesComm
[System]
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 0.0.0.0:6646 0.0.0.0:0 LISTENING 1836
McNASvc
[System]
TCP 0.0.0.0:10243 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 636
[System]
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 352
eventlog
[System]
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 384
Schedule
[System]
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING 700
[System]
TCP 0.0.0.0:49157 0.0.0.0:0 LISTENING 1468
Spooler
[System]
TCP 0.0.0.0:49158 0.0.0.0:0 LISTENING 716
[System]
TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 1716
[mDNSResponder.exe]
TCP 127.0.0.1:5679 0.0.0.0:0 LISTENING 3676
WcesComm
[System]
TCP 127.0.0.1:7438 0.0.0.0:0 LISTENING 3676
WcesComm
[System]
TCP 127.0.0.1:27015 0.0.0.0:0 LISTENING 1688
[AppleMobileDeviceService.exe]
TCP 127.0.0.1:49164 0.0.0.0:0 LISTENING 4292
[System]
TCP 169.254.168.219:139 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP [::]:135 [::]:0 LISTENING 976
RpcSs
[System]
TCP [::]:445 [::]:0 LISTENING 4
Can not obtain ownership information
TCP [::]:554 [::]:0 LISTENING 3048
WMPNetworkSvc
[System]
TCP [::]:990 [::]:0 LISTENING 3676
WcesComm
[System]
TCP [::]:2869 [::]:0 LISTENING 4
Can not obtain ownership information
TCP [::]:5357 [::]:0 LISTENING 4
Can not obtain ownership information
TCP [::]:10243 [::]:0 LISTENING 4
Can not obtain ownership information
TCP [::]:49152 [::]:0 LISTENING 636
[System]
TCP [::]:49153 [::]:0 LISTENING 352
eventlog
[System]
TCP [::]:49154 [::]:0 LISTENING 384
Schedule
[System]
TCP [::]:49156 [::]:0 LISTENING 700
[System]
TCP [::]:49157 [::]:0 LISTENING 1468
Spooler
[System]
TCP [::]:49158 [::]:0 LISTENING 716
[System]
TCP [::1]:5679 [::]:0 LISTENING 3676
WcesComm
[System]
UDP 0.0.0.0:123 *:* 1128
W32Time
[System]
UDP 0.0.0.0:427 *:* 2820
HPSLPSVC
[System]
UDP 0.0.0.0:500 *:* 384
IKEEXT
[System]
UDP 0.0.0.0:3702 *:* 1768
FDResPub
[System]
UDP 0.0.0.0:3702 *:* 1768
FDResPub
[System]
UDP 0.0.0.0:4500 *:* 384
IKEEXT
[System]
UDP 0.0.0.0:5004 *:* 3048
WMPNetworkSvc
[System]
UDP 0.0.0.0:5005 *:* 3048
WMPNetworkSvc
[System]
UDP 0.0.0.0:5355 *:* 1324
Dnscache
[System]
UDP 0.0.0.0:54583 *:* 1716
[mDNSResponder.exe]
UDP 0.0.0.0:56487 *:* 1768
FDResPub
[System]
UDP 127.0.0.1:1900 *:* 1768
SSDPSRV
[System]
UDP 127.0.0.1:54581 *:* 1688
[AppleMobileDeviceService.exe]
UDP 127.0.0.1:54582 *:* 1688
[AppleMobileDeviceService.exe]
UDP 127.0.0.1:56308 *:* 4312
[Skype.exe]
UDP 127.0.0.1:56369 *:* 1768
SSDPSRV
[System]
UDP 169.254.168.219:137 *:* 4
Can not obtain ownership information
UDP 169.254.168.219:138 *:* 4
Can not obtain ownership information
UDP 169.254.168.219:427 *:* 2820
HPSLPSVC
[System]
UDP 169.254.168.219:1900 *:* 1768
SSDPSRV
[System]
UDP 169.254.168.219:5353 *:* 1716
[mDNSResponder.exe]
UDP 169.254.168.219:56368 *:* 1768
SSDPSRV
[System]
UDP 192.168.0.3:6646 *:* 1836
McNASvc
[System]
UDP [::]:123 *:* 1128
W32Time
[System]
UDP [::]:500 *:* 384
IKEEXT
[System]
UDP [::]:3702 *:* 1768
FDResPub
[System]
UDP [::]:3702 *:* 1768
FDResPub
[System]
UDP [::]:4500 *:* 384
IKEEXT
[System]
UDP [::]:5004 *:* 3048
WMPNetworkSvc
[System]
UDP [::]:5005 *:* 3048
WMPNetworkSvc
[System]
UDP [::]:5355 *:* 1324
Dnscache
[System]
UDP [::]:54584 *:* 1716
[mDNSResponder.exe]
UDP [::]:56488 *:* 1768
FDResPub
[System]
UDP [::1]:1900 *:* 1768
SSDPSRV
[System]
UDP [::1]:56367 *:* 1768
SSDPSRV
[System]
UDP [fe80::d083:e4ef:2fbe:a8db%10]:1900 *:* 1768
SSDPSRV
[System]
UDP [fe80::d083:e4ef:2fbe:a8db%10]:5353 *:* 1716
[mDNSResponder.exe]
UDP [fe80::d083:e4ef:2fbe:a8db%10]:56366 *:* 1768
SSDPSRV
[System]

[color=#FF0000]<<<< Routing Table >>>>[/color]

===========================================================================
Interface List
10...00 25 64 87 dc aa ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.168.219 276
169.254.168.219 255.255.255.255 On-link 169.254.168.219 276
169.254.255.255 255.255.255.255 On-link 169.254.168.219 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.168.219 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.168.219 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::d083:e4ef:2fbe:a8db/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

[color=#FF0000]<<<< Hosts File >>>>[/color]

The HOSTS file is 27 Bytes in size.

There were 0 lines which refer to an external IP address.

[color=#FF0000]<<<< Active Shares >>>>[/color]

[color=#0000FF]Share: ADMIN$[/color] - [color=#CC6600]Path: C:\Windows[/color]
[color=#0000FF]Share: C$[/color] - [color=#CC6600]Path: C:\[/color]
[color=#0000FF]Share: HP Photosmart C309a series[/color] - [color=#CC6600]Path: HP Photosmart C309a series,LocalsplOnly[/color]
[color=#0000FF]Share: IPC$[/color] - [color=#CC6600]Path: [/color]
[color=#0000FF]Share: print$[/color] - [color=#CC6600]Path: C:\Windows\system32\spool\drivers[/color]
[color=#0000FF]Share: Users[/color] - [color=#CC6600]Path: C:\Users[/color]


------ End of File ------
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you enable thast driver please by right clicking and selecting enabled

I will now ask some of the network gurus about this
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you download and extract this zip file then run

Let me know if that cures it
  • 0

#15
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Both adaptors enabled. No evident improvement.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP