Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SMART Repair virus and debris cleanup [Closed]

Started by bigpor2gee , May 26 2012 08:54 PM

  • This topic is locked This topic is locked

#16
bigpor2gee
Posted 17 June 2012 - 08:44 AM

bigpor2gee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Thanks. The tray at the top of my desktop is back. I also found that the "apps" that I wanted to uninstall had actually already been uninstalled, it was just that the shortcut iccons on the desktop were still present. I got rid of them and also stopped Skype and Windows Msgr from initializing on startup. The startup time does indeed seem to have decreased a bit, so I'm happy about that, too. Here ar the logs that you requested:


OTL Fix Log

All processes killed
========== OTL ==========
C:\Users\Bill\AppData\Roaming\EurekaLog\iPod2PC folder moved successfully.
C:\Users\Bill\AppData\Roaming\EurekaLog folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Apoint not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Broadcom Wireless Manager UI not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\CanonMyPrinter not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\CanonSolutionMenu not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\HotKeysCmds not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\IgfxTray not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Persistence not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickSet not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\QuiKProtect not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\RtHDVCpl not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Verizon_McciTrayApp not found.
========== FILES ==========
File C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk successfully replaced with C:\_OTL\MovedFiles\06112012_102809\C_Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Bill\Desktop\cmd.bat deleted successfully.
C:\Users\Bill\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Bill
->Temp folder emptied: 27084863 bytes
->Temporary Internet Files folder emptied: 225453651 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 17336 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8406231 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49286 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 139016 bytes

Total Files Cleaned = 249.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.43.1 log created on 06152012_005635

Files\Folders moved on Reboot...
C:\Users\Bill\AppData\Local\Temp\{E14260EE-EBAE-4E17-9D1F-27B665F93440}\fpb.tmp moved successfully.
C:\Users\Bill\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZIW3HQJC\display[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WO53YW81\default[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W4S0OMAC\adloader[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W4S0OMAC\WebIMPop[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UIQS1FHA\xmlProxy[2].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SBHHMYO0\Messenger[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SBHHMYO0\resourcespreload[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SBHHMYO0\xmlProxy[3].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F3B0MWKK\fastbutton[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F3B0MWKK\resourcespreload[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWZWM4J7\EditMessageLight[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DWZWM4J7\RteFrame_16.2.7030.0523[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\18MUI9Z3\LocalStorage[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BUNJFNA\AjaxHistoryFrame[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BUNJFNA\flextag[3].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BUNJFNA\tt[1].htm moved successfully.
C:\Users\Bill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

##########################################################################################################################################

Quick Scan > All Users

OTL logfile created on: 6/15/2012 1:08:09 AM - Run 5
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Bill\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 62.35% Memory free
7.60 Gb Paging File | 5.95 Gb Available in Paging File | 78.30% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58.59 Gb Total Space | 8.97 Gb Free Space | 15.30% Space Free | Partition Type: NTFS
Drive D: | 229.63 Gb Total Space | 204.70 Gb Free Space | 89.14% Space Free | Partition Type: NTFS
Drive F: | 931.38 Gb Total Space | 548.59 Gb Free Space | 58.90% Space Free | Partition Type: NTFS

Computer Name: INSPIRON17 | User Name: Bill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/26 21:42:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
PRC - [2010/09/03 02:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
PRC - [2010/07/20 01:29:20 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2010/07/20 01:29:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2010/03/17 16:53:24 | 000,207,872 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
PRC - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/09/30 08:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/12 17:01:34 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3f9dee1ce0ccb42145293a5bfcbe7205\System.Management.ni.dll
MOD - [2012/05/11 20:43:43 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\d22418c5321007d35bb4fd24b45b1193\System.Web.Services.ni.dll
MOD - [2012/05/11 20:42:49 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90d42781d5b19478870e412f7b7c71eb\System.Windows.Forms.ni.dll
MOD - [2012/05/11 20:42:40 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e65dbd1b68789fc21b9fb3c605b699a7\System.Drawing.ni.dll
MOD - [2012/05/11 20:42:09 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/11 20:42:04 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/11 20:42:01 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/11 17:35:48 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/11/13 17:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/11/13 17:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/11/13 17:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/11/13 17:15:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009/11/13 17:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | -H-- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | -H-- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/12/26 15:33:26 | 000,289,792 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/26 02:44:38 | 000,349,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2010/06/24 16:04:10 | 000,394,544 | R--- | M] () [Auto | Running] -- C:\Program Files\Iomega\QuikProtect\QpMonitor.exe -- (QPCopyEngine)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/17 12:06:00 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 21:39:13 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/04/11 07:37:02 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/12/12 12:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2010/09/03 02:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/07/28 17:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/07/20 01:29:20 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2010/07/20 01:29:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2010/05/14 04:13:58 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/30 08:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 08:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 21:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/24 16:04:10 | 000,022,584 | R--- | M] (Windows ® Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\QsFsFltr.sys -- (QsFsFltr)
DRV:64bit: - [2010/05/25 08:14:34 | 000,031,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OXUDIDRV_x64.sys -- (OXUDIDRV)
DRV:64bit: - [2010/01/22 19:38:52 | 000,284,720 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/10/30 15:23:16 | 007,770,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/10/26 16:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/28 09:55:42 | 000,051,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OXSDIDRV_x64.sys -- (OXSDIDRV_x64) Oxford Semi eSATA Filter (x64)
DRV:64bit: - [2009/09/26 10:42:58 | 000,233,984 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/09/17 15:54:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/20 12:05:00 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/17 12:06:00 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/17 12:06:00 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 23:14:00 | 000,220,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/12/13 18:14:14 | 000,065,024 | ---- | M] (Aladdin Knowledge Systems Ltd.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2006/12/04 10:44:14 | 000,314,368 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7FE8E636-4AE5-4FAD-A3AF-780102AC5FB2}
IE:64bit: - HKLM\..\SearchScopes\{7FE8E636-4AE5-4FAD-A3AF-780102AC5FB2}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9C46D058-96BA-432E-AB07-766F94D19A57}
IE - HKLM\..\SearchScopes\{9C46D058-96BA-432E-AB07-766F94D19A57}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {9C46D058-96BA-432E-AB07-766F94D19A57}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {9C46D058-96BA-432E-AB07-766F94D19A57}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\SearchScopes,DefaultScope = {9C46D058-96BA-432E-AB07-766F94D19A57}
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\SearchScopes\{9C46D058-96BA-432E-AB07-766F94D19A57}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....rms}&fr=chr-ver
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bill\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/04/29 09:34:44 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120428215609.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120428215610.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [QuiKProtect] C:\Program Files\Iomega\QuikProtect\startQuikProtect.exe (Iomega Corporation - An EMC Company)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - Startup: C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} http://wakefieldrx.l...PUploader57.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CCA7652-25A8-40DF-B960-C09F5138F641}: DhcpNameServer = 192.168.1.1 71.243.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EB18326-6E1F-4D33-A105-73AC2E003669}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/15 01:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/06/15 00:41:29 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{9AE6B724-A021-40DD-A9B1-AF10F351215C}
[2012/06/11 13:11:01 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{924AC15A-F5A7-46EB-A2A6-078162549D38}
[2012/06/11 11:54:10 | 000,000,000 | ---D | C] -- C:\Users\Bill\OTL Log Output
[2012/06/11 11:53:36 | 000,000,000 | ---D | C] -- C:\Users\Bill\RogueKiller Log Output
[2012/06/11 11:52:00 | 000,000,000 | ---D | C] -- C:\Users\Bill\TDSKiller Log Output
[2012/06/11 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{EC806797-8625-49C0-9BAE-BAE95CA652CE}
[2012/06/11 10:56:44 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CA0A6689-2A99-4572-92E9-AED4DA6AB26A}
[2012/06/11 10:43:28 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{AC6873CC-D100-40D2-BD4D-FF72B622B173}
[2012/06/11 10:43:12 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{C1C5F4CD-E2DB-488A-B9A1-5D6A22E6BF9E}
[2012/06/10 23:56:41 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{7B99F2EA-27F4-4DD2-8DBB-7D85CD89CAE7}
[2012/06/10 23:56:24 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{43E87606-8A60-4B08-9003-E21FBC5C8850}
[2012/06/10 23:04:54 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{793DB7EA-9CBC-44D9-9DB3-B035D7E2F23A}
[2012/06/10 11:04:41 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{EF5AA5CB-8B03-4F98-9056-A44A11A86F81}
[2012/06/10 10:02:11 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{8B1452F7-64A2-4638-BA61-5457138F03C1}
[2012/06/10 10:01:44 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{A0C59A7D-BA7B-48AE-8007-69BD57D316A3}
[2012/06/10 09:36:03 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{AE79A285-D987-4089-ABCD-B821686F7D61}
[2012/06/10 09:35:23 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DDDCFE91-680F-4FD2-8F24-58D13CB22725}
[2012/06/10 06:33:41 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{6D643EE3-584D-48D8-AFE0-82D44F7CE47E}
[2012/06/09 18:33:17 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{B41F6D28-D99C-4417-8E7D-F08B964A9CE6}
[2012/06/09 16:33:32 | 000,284,672 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDC.exe
[2012/06/09 16:33:32 | 000,253,952 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefrag.dll
[2012/06/09 16:33:32 | 000,130,048 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragBT.exe
[2012/06/09 16:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
[2012/06/09 16:33:31 | 001,363,968 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranFD.exe
[2012/06/09 16:33:31 | 000,289,792 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragS.exe
[2012/06/09 16:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag
[2012/06/09 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{2C37D2C7-4FC6-4EBA-B8C7-8E1CF0454C60}
[2012/06/09 16:27:16 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{957B01AA-2476-4951-961E-881048CAE439}
[2012/06/09 16:25:56 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{9FDF3284-6D94-490C-AFE9-EEE982D588DD}
[2012/06/09 16:25:32 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{3AE66072-F73F-4A17-9166-27860456270A}
[2012/06/09 16:24:07 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CC26B96E-D094-4FB7-9277-27A939CD1A97}
[2012/06/09 16:23:38 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{2DCF4D4F-1867-4E58-83F9-A1E572753E14}
[2012/06/09 16:13:11 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Users\Bill\Desktop\StartUpLite.exe
[2012/06/09 07:50:46 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{EA75F455-8EE7-46B2-9871-8D0822D6647D}
[2012/06/09 07:50:11 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{7CB66D87-D6D4-46DA-B548-0CBF7EB8CAE7}
[2012/06/08 08:16:55 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{4EF0D03B-6C41-4E02-A9BB-56F8FCC5546B}
[2012/06/08 08:16:24 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{4585FEC8-DF22-4FA6-8A10-7EA3999C516E}
[2012/06/06 09:30:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/06/06 09:30:29 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2012/06/06 00:00:07 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{C90793DE-97C6-45A4-B44F-6AD54861A05C}
[2012/06/05 23:59:40 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{F042D19C-0F32-4E85-810B-FB2CE99ADECA}
[2012/06/05 12:03:37 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{0C945C71-9FA8-4EC6-AEE8-F6543246F751}
[2012/06/05 11:03:08 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DAAA5B48-5CB0-4726-B3FB-731377FD44B0}
[2012/06/05 11:00:34 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{C7116E2F-CDD4-409F-B1F6-DA0DED9216B9}
[2012/06/04 23:31:23 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{2810DDE6-AF08-4AB1-BFC6-8931089A5AAB}
[2012/06/04 18:18:58 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{0EFFDD76-247F-4C82-9939-952CEF6CB276}
[2012/06/04 10:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{B99AEDC3-86F2-486B-8CEA-991978037992}
[2012/06/03 20:44:16 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{7CB7778B-133C-4690-B6C3-440F141EFA16}
[2012/06/03 19:28:21 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Malwarebytes
[2012/06/03 19:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/03 19:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/03 19:28:05 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/03 19:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/06/03 19:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/06/03 19:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/03 08:33:37 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DE4137F0-9AEF-4527-B07C-5A5F8CA830EB}
[2012/06/01 12:25:28 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CAD83CF1-4F13-4949-9E1E-460F6F99B51A}
[2012/06/01 12:25:00 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{63117CF8-ECA9-4F91-8E47-5EBEE1C144E7}
[2012/06/01 12:19:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/29 00:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2012/05/29 00:34:43 | 000,000,000 | ---D | C] -- C:\Users\Bill\Desktop\RK_Quarantine
[2012/05/29 00:19:42 | 002,127,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bill\Desktop\tdsskiller.exe
[2012/05/29 00:10:55 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{0CE791C0-D7B4-4DDD-A3F2-244E6347535B}
[2012/05/26 21:42:02 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2012/05/26 16:52:05 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CE3C1B97-3071-493A-967E-ECC5C6C6D596}
[2012/05/26 16:51:46 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{F3278574-920B-40F3-AF41-E6386914509B}
[2012/05/26 08:14:04 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{25C87EF8-5CD5-472C-B5CC-6905725EAA55}
[2012/05/25 23:51:16 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DAB87920-0414-4B27-9AF7-C35020459EEE}
[2012/05/25 23:50:50 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DA923BF1-4F21-404B-B561-33F25F8D5539}
[2012/05/25 23:10:52 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{66650DFB-00B8-4FE1-AD70-0EA527D85E2F}
[2012/05/25 23:09:11 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{A63AF60F-51DB-4E51-8EDC-D14011409409}
[2012/05/25 23:00:30 | 000,251,528 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012/05/25 23:00:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/05/25 23:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/05/25 23:00:04 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\TestApp
[2012/05/25 23:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/05/25 22:26:15 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{D12B7366-3598-4B89-AD50-F04F8AB87345}
[2012/05/25 22:25:49 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{B23ACEED-5F73-4E0B-B47C-CA8052566D4D}
[2012/05/25 21:52:51 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{656CB2E1-721F-49C2-91A5-7B2EEAA5D0EB}
[2012/05/25 21:52:25 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{57A5F740-7A42-4AD8-AB25-78D51D362069}
[2012/05/25 21:30:43 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CEE306FD-EEC0-4A5D-A112-36AE7AA46B7C}
[2012/05/25 21:30:15 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{5ADB46A6-D30C-41CF-B6BA-4319F484BCB0}
[2012/05/25 21:20:18 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{9C3670F0-53D9-4196-A7D8-E929B6EEC4CD}
[2012/05/25 21:19:48 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{33D9B9F2-EF07-409A-BC6F-F38A99ABA8FF}
[2012/05/25 21:15:46 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{463E3619-EAB9-4223-B2A8-1E82CA2D47F0}
[2012/05/18 17:11:52 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{9EE38EBF-773A-46D1-BA46-CEFD0B6D4075}
[2012/05/17 20:49:20 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{5CCEB7A2-9803-4A49-B0C7-D094D2161711}

========== Files - Modified Within 30 Days ==========

[2012/06/15 01:13:36 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 01:13:36 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 01:10:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/15 01:05:33 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/15 01:05:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/15 01:04:56 | 3061,215,232 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/15 00:39:20 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/15 00:39:20 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/06/09 16:33:32 | 000,000,872 | ---- | M] () -- C:\Users\Bill\Desktop\Puran Defrag.lnk
[2012/06/09 16:13:12 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Users\Bill\Desktop\StartUpLite.exe
[2012/06/05 23:56:38 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/06/03 19:28:13 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/29 00:24:32 | 001,496,576 | ---- | M] () -- C:\Users\Bill\Desktop\RogueKiller.exe
[2012/05/29 00:19:42 | 002,127,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bill\Desktop\tdsskiller.exe
[2012/05/26 21:42:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2012/05/25 23:02:14 | 000,002,243 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk

========== Files Created - No Company Name ==========

[2012/06/15 00:56:37 | 000,001,980 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2012/06/09 16:33:32 | 000,000,872 | ---- | C] () -- C:\Users\Bill\Desktop\Puran Defrag.lnk
[2012/06/03 19:28:13 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/29 00:35:43 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/05/29 00:35:43 | 000,002,243 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk
[2012/05/29 00:35:43 | 000,002,235 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office 60 Day Trial - Online.lnk
[2012/05/29 00:35:43 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Verizon Yahoo! Messenger.lnk
[2012/05/29 00:35:43 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/05/29 00:35:43 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\WQMAP.lnk
[2012/05/29 00:35:42 | 000,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Iomega Encryption.lnk
[2012/05/29 00:35:42 | 000,002,356 | ---- | C] () -- C:\Users\Public\Desktop\Canon MX350 series On-screen Manual.lnk
[2012/05/29 00:35:42 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2012/05/29 00:35:42 | 000,002,106 | ---- | C] () -- C:\Users\Public\Desktop\Iomega QuikProtect (64-Bit).lnk
[2012/05/29 00:35:42 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 3.1.lnk
[2012/05/29 00:35:42 | 000,002,095 | ---- | C] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012/05/29 00:35:42 | 000,002,056 | ---- | C] () -- C:\Users\Public\Desktop\Canon MX350 series User Registration.LNK
[2012/05/29 00:35:42 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012/05/29 00:35:42 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/29 00:35:42 | 000,002,011 | ---- | C] () -- C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
[2012/05/29 00:35:42 | 000,001,806 | ---- | C] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2012/05/29 00:35:42 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/29 00:35:42 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012/05/29 00:35:41 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/05/29 00:35:41 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012/05/29 00:35:41 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/05/29 00:35:41 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/05/29 00:35:41 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/05/29 00:35:41 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012/05/29 00:35:41 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/05/29 00:35:41 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/05/29 00:35:41 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012/05/29 00:35:40 | 000,002,084 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD DX.lnk
[2012/05/29 00:35:40 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012/05/29 00:35:40 | 000,001,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2012/05/29 00:35:39 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2012/05/29 00:35:38 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/05/29 00:35:36 | 000,001,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012/05/29 00:35:35 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2012/05/29 00:35:34 | 000,001,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cozi Family Calendar.lnk
[2012/05/29 00:35:33 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/29 00:35:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/29 00:24:32 | 001,496,576 | ---- | C] () -- C:\Users\Bill\Desktop\RogueKiller.exe
[2012/02/09 11:36:23 | 000,815,518 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/04 23:36:14 | 000,000,000 | ---- | C] () -- C:\Users\Bill\AppData\Local\{0AA70F16-ABB9-47A8-A37A-E4D267FEEBE7}
[2011/08/19 02:30:29 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\hlduinst.exe
[2011/08/19 02:30:28 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2011/08/19 02:29:40 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\netcdf.dll
[2011/08/19 02:29:40 | 000,172,126 | ---- | C] () -- C:\Windows\SysWow64\MDstats.dll
[2011/08/19 02:29:37 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\lfkodak.dll
[2011/08/19 02:29:36 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\lffpx7.dll
[2011/08/19 02:29:35 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\mcpchart32.dll
[2011/08/19 02:29:35 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\TCSDK32.DLL
[2011/08/19 02:29:35 | 000,088,576 | ---- | C] () -- C:\Windows\SysWow64\Tg2d32.dll
[2011/08/19 02:29:35 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\Tgkern32.dll
[2011/08/19 02:29:35 | 000,076,288 | ---- | C] () -- C:\Windows\SysWow64\Tgpoly32.dll
[2011/08/19 02:29:35 | 000,050,176 | ---- | C] () -- C:\Windows\SysWow64\Tgarea32.dll
[2010/09/05 14:34:19 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\YCRWin32.dll
[2010/08/20 17:24:22 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat

========== LOP Check ==========

[2010/09/26 21:53:37 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Canon
[2011/02/24 00:49:52 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\foobar2000
[2011/02/05 11:37:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\iPod2PC3
[2010/12/17 20:30:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\PCDr
[2011/10/22 17:20:37 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\PlxTech
[2010/11/25 13:10:17 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Southwest Airlines
[2012/04/26 20:11:45 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Spotify
[2012/05/25 23:00:04 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\TestApp
[2010/09/03 22:02:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\WildTangent
[2012/06/05 23:56:38 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/10/17 14:41:13 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/15 00:39:20 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
  • 0

Advertisements

#17
Nedklaw
Posted 19 June 2012 - 08:20 AM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

  • Click Start and type msconfig into the Serach box and click the program that appears.
  • Click on the Startup tab.
  • Uncheck all of the items in the list except for the following programs:
    • Dell DataSafe Online - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    • Malwarebytes' Anti-Malware - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    • mcui_exe - C:\Program Files\McAfee.com\Agent\mcagent.exe
  • Click Apply > OK then reboot your computer.

Step 2

  • Open OTL again and select the "Scan All Users" box.
  • Click the Quick Scan button. Post the log it produces in your next reply.

Step 3

How is your startup time now?


Things I want to see in your next reply

  • OTL.txt
  • Answer to my question
  • 0

#18
bigpor2gee
Posted 19 June 2012 - 10:29 AM

bigpor2gee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
This is NOT GOOD. There is virtually no startup time improvement - still a full 3 minutes to Restart. Plus, the tray at the top of my desktop is gone again and I am finding that a few of my apps (e.g. iTunes) are either very slow to start or do not start up at all when I try to initialize. Your requested OTL log is below. I ran it with only the 3 specified Starup programs enabled. But I am going to re-enable the rest of the unchecked ones in msconfig after I send you this. Not quite the result expected.....



OTL logfile created on: 6/19/2012 11:34:53 AM - Run 6
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Bill\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 51.47% Memory free
7.60 Gb Paging File | 5.41 Gb Available in Paging File | 71.21% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58.59 Gb Total Space | 8.87 Gb Free Space | 15.14% Space Free | Partition Type: NTFS
Drive D: | 229.63 Gb Total Space | 204.70 Gb Free Space | 89.14% Space Free | Partition Type: NTFS
Drive F: | 931.38 Gb Total Space | 547.71 Gb Free Space | 58.81% Space Free | Partition Type: NTFS

Computer Name: INSPIRON17 | User Name: Bill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/26 21:42:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
PRC - [2012/04/11 07:37:01 | 000,353,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
PRC - [2010/07/20 01:29:20 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2010/07/20 01:29:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/09/30 08:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 08:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/15 03:43:49 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\675c8bd801698993255d100c3b350d4b\System.Web.Services.ni.dll
MOD - [2012/06/15 03:43:01 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012/06/15 03:42:53 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012/05/12 17:01:34 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3f9dee1ce0ccb42145293a5bfcbe7205\System.Management.ni.dll
MOD - [2012/05/11 20:42:09 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/11 20:42:04 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/11 20:42:01 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/11 17:35:48 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/25 16:56:10 | 000,238,056 | -H-- | M] () -- c:\Program Files\McAfee\MSK\mskapbho.dll
MOD - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/11/13 17:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/11/13 17:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/11/13 17:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/11/13 17:15:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009/11/13 17:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | -H-- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | -H-- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/12/26 15:33:26 | 000,289,792 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | -H-- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/26 02:44:38 | 000,349,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2010/06/24 16:04:10 | 000,394,544 | R--- | M] () [Auto | Running] -- C:\Program Files\Iomega\QuikProtect\QpMonitor.exe -- (QPCopyEngine)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/17 12:06:00 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 21:39:13 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/04/11 07:37:02 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/12/12 12:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2010/09/03 02:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/07/28 17:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/07/20 01:29:20 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2010/07/20 01:29:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2010/05/14 04:13:58 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/30 08:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 08:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 21:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/24 16:04:10 | 000,022,584 | R--- | M] (Windows ® Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\QsFsFltr.sys -- (QsFsFltr)
DRV:64bit: - [2010/05/25 08:14:34 | 000,031,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OXUDIDRV_x64.sys -- (OXUDIDRV)
DRV:64bit: - [2010/01/22 19:38:52 | 000,284,720 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/10/30 15:23:16 | 007,770,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/10/26 16:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/28 09:55:42 | 000,051,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OXSDIDRV_x64.sys -- (OXSDIDRV_x64) Oxford Semi eSATA Filter (x64)
DRV:64bit: - [2009/09/26 10:42:58 | 000,233,984 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/09/17 15:54:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/20 12:05:00 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/17 12:06:00 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/17 12:06:00 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 23:14:00 | 000,220,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/12/13 18:14:14 | 000,065,024 | ---- | M] (Aladdin Knowledge Systems Ltd.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2006/12/04 10:44:14 | 000,314,368 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7FE8E636-4AE5-4FAD-A3AF-780102AC5FB2}
IE:64bit: - HKLM\..\SearchScopes\{7FE8E636-4AE5-4FAD-A3AF-780102AC5FB2}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9C46D058-96BA-432E-AB07-766F94D19A57}
IE - HKLM\..\SearchScopes\{9C46D058-96BA-432E-AB07-766F94D19A57}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {9C46D058-96BA-432E-AB07-766F94D19A57}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {9C46D058-96BA-432E-AB07-766F94D19A57}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\SearchScopes,DefaultScope = {9C46D058-96BA-432E-AB07-766F94D19A57}
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\SearchScopes\{9C46D058-96BA-432E-AB07-766F94D19A57}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....rms}&fr=chr-ver
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bill\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/04/29 09:34:44 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120428215609.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120428215610.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-4137722176-899963447-2229604894-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} http://wakefieldrx.l...PUploader57.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CCA7652-25A8-40DF-B960-C09F5138F641}: DhcpNameServer = 192.168.1.1 71.243.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EB18326-6E1F-4D33-A105-73AC2E003669}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/19 11:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/06/19 11:22:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/06/17 10:03:37 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{1610E308-15ED-425D-91C6-D6E126AE9887}
[2012/06/15 23:20:49 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CB040DDC-F7D3-47E2-AB79-590DE1A4D383}
[2012/06/15 00:41:29 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{9AE6B724-A021-40DD-A9B1-AF10F351215C}
[2012/06/11 13:11:01 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{924AC15A-F5A7-46EB-A2A6-078162549D38}
[2012/06/11 11:54:10 | 000,000,000 | ---D | C] -- C:\Users\Bill\OTL Log Output
[2012/06/11 11:53:36 | 000,000,000 | ---D | C] -- C:\Users\Bill\RogueKiller Log Output
[2012/06/11 11:52:00 | 000,000,000 | ---D | C] -- C:\Users\Bill\TDSKiller Log Output
[2012/06/11 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{EC806797-8625-49C0-9BAE-BAE95CA652CE}
[2012/06/11 10:56:44 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CA0A6689-2A99-4572-92E9-AED4DA6AB26A}
[2012/06/11 10:43:28 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{AC6873CC-D100-40D2-BD4D-FF72B622B173}
[2012/06/11 10:43:12 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{C1C5F4CD-E2DB-488A-B9A1-5D6A22E6BF9E}
[2012/06/10 23:56:41 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{7B99F2EA-27F4-4DD2-8DBB-7D85CD89CAE7}
[2012/06/10 23:56:24 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{43E87606-8A60-4B08-9003-E21FBC5C8850}
[2012/06/10 23:04:54 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{793DB7EA-9CBC-44D9-9DB3-B035D7E2F23A}
[2012/06/10 11:04:41 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{EF5AA5CB-8B03-4F98-9056-A44A11A86F81}
[2012/06/10 10:02:11 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{8B1452F7-64A2-4638-BA61-5457138F03C1}
[2012/06/10 10:01:44 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{A0C59A7D-BA7B-48AE-8007-69BD57D316A3}
[2012/06/10 09:36:03 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{AE79A285-D987-4089-ABCD-B821686F7D61}
[2012/06/10 09:35:23 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DDDCFE91-680F-4FD2-8F24-58D13CB22725}
[2012/06/10 06:33:41 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{6D643EE3-584D-48D8-AFE0-82D44F7CE47E}
[2012/06/09 18:33:17 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{B41F6D28-D99C-4417-8E7D-F08B964A9CE6}
[2012/06/09 16:33:32 | 000,284,672 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDC.exe
[2012/06/09 16:33:32 | 000,253,952 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefrag.dll
[2012/06/09 16:33:32 | 000,130,048 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragBT.exe
[2012/06/09 16:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
[2012/06/09 16:33:31 | 001,363,968 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranFD.exe
[2012/06/09 16:33:31 | 000,289,792 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragS.exe
[2012/06/09 16:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag
[2012/06/09 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{2C37D2C7-4FC6-4EBA-B8C7-8E1CF0454C60}
[2012/06/09 16:27:16 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{957B01AA-2476-4951-961E-881048CAE439}
[2012/06/09 16:25:56 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{9FDF3284-6D94-490C-AFE9-EEE982D588DD}
[2012/06/09 16:25:32 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{3AE66072-F73F-4A17-9166-27860456270A}
[2012/06/09 16:24:07 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CC26B96E-D094-4FB7-9277-27A939CD1A97}
[2012/06/09 16:23:38 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{2DCF4D4F-1867-4E58-83F9-A1E572753E14}
[2012/06/09 16:13:11 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Users\Bill\Desktop\StartUpLite.exe
[2012/06/09 07:50:46 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{EA75F455-8EE7-46B2-9871-8D0822D6647D}
[2012/06/09 07:50:11 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{7CB66D87-D6D4-46DA-B548-0CBF7EB8CAE7}
[2012/06/08 08:16:55 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{4EF0D03B-6C41-4E02-A9BB-56F8FCC5546B}
[2012/06/08 08:16:24 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{4585FEC8-DF22-4FA6-8A10-7EA3999C516E}
[2012/06/06 09:30:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/06/06 09:30:29 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2012/06/06 00:00:07 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{C90793DE-97C6-45A4-B44F-6AD54861A05C}
[2012/06/05 23:59:40 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{F042D19C-0F32-4E85-810B-FB2CE99ADECA}
[2012/06/05 12:03:37 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{0C945C71-9FA8-4EC6-AEE8-F6543246F751}
[2012/06/05 11:03:08 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DAAA5B48-5CB0-4726-B3FB-731377FD44B0}
[2012/06/05 11:00:34 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{C7116E2F-CDD4-409F-B1F6-DA0DED9216B9}
[2012/06/04 23:31:23 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{2810DDE6-AF08-4AB1-BFC6-8931089A5AAB}
[2012/06/04 18:18:58 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{0EFFDD76-247F-4C82-9939-952CEF6CB276}
[2012/06/04 10:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{B99AEDC3-86F2-486B-8CEA-991978037992}
[2012/06/03 20:44:16 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{7CB7778B-133C-4690-B6C3-440F141EFA16}
[2012/06/03 19:28:21 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Malwarebytes
[2012/06/03 19:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/03 19:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/03 19:28:05 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/03 19:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/06/03 19:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/06/03 19:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/03 08:33:37 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DE4137F0-9AEF-4527-B07C-5A5F8CA830EB}
[2012/06/01 12:25:28 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CAD83CF1-4F13-4949-9E1E-460F6F99B51A}
[2012/06/01 12:25:00 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{63117CF8-ECA9-4F91-8E47-5EBEE1C144E7}
[2012/06/01 12:19:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/29 00:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2012/05/29 00:34:43 | 000,000,000 | ---D | C] -- C:\Users\Bill\Desktop\RK_Quarantine
[2012/05/29 00:19:42 | 002,127,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bill\Desktop\tdsskiller.exe
[2012/05/29 00:10:55 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{0CE791C0-D7B4-4DDD-A3F2-244E6347535B}
[2012/05/26 21:42:02 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2012/05/26 16:52:05 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CE3C1B97-3071-493A-967E-ECC5C6C6D596}
[2012/05/26 16:51:46 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{F3278574-920B-40F3-AF41-E6386914509B}
[2012/05/26 08:14:04 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{25C87EF8-5CD5-472C-B5CC-6905725EAA55}
[2012/05/25 23:51:16 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DAB87920-0414-4B27-9AF7-C35020459EEE}
[2012/05/25 23:50:50 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{DA923BF1-4F21-404B-B561-33F25F8D5539}
[2012/05/25 23:10:52 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{66650DFB-00B8-4FE1-AD70-0EA527D85E2F}
[2012/05/25 23:09:11 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{A63AF60F-51DB-4E51-8EDC-D14011409409}
[2012/05/25 23:00:30 | 000,251,528 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012/05/25 23:00:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/05/25 23:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/05/25 23:00:04 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\TestApp
[2012/05/25 23:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/05/25 22:26:15 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{D12B7366-3598-4B89-AD50-F04F8AB87345}
[2012/05/25 22:25:49 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{B23ACEED-5F73-4E0B-B47C-CA8052566D4D}
[2012/05/25 21:52:51 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{656CB2E1-721F-49C2-91A5-7B2EEAA5D0EB}
[2012/05/25 21:52:25 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{57A5F740-7A42-4AD8-AB25-78D51D362069}
[2012/05/25 21:30:43 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{CEE306FD-EEC0-4A5D-A112-36AE7AA46B7C}
[2012/05/25 21:30:15 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{5ADB46A6-D30C-41CF-B6BA-4319F484BCB0}
[2012/05/25 21:20:18 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{9C3670F0-53D9-4196-A7D8-E929B6EEC4CD}
[2012/05/25 21:19:48 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{33D9B9F2-EF07-409A-BC6F-F38A99ABA8FF}
[2012/05/25 21:15:46 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\{463E3619-EAB9-4223-B2A8-1E82CA2D47F0}

========== Files - Modified Within 30 Days ==========

[2012/06/19 11:34:39 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/19 11:34:39 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/19 11:26:06 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/19 11:25:04 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/19 11:24:59 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/06/19 11:24:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/19 11:24:13 | 3061,215,232 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/19 11:10:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/19 00:04:12 | 000,863,370 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/19 00:04:12 | 000,721,800 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/19 00:04:12 | 000,142,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/15 03:40:02 | 000,426,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/09 16:33:32 | 000,000,872 | ---- | M] () -- C:\Users\Bill\Desktop\Puran Defrag.lnk
[2012/06/09 16:13:12 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Users\Bill\Desktop\StartUpLite.exe
[2012/06/05 23:56:38 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/06/03 19:28:13 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/29 00:24:32 | 001,496,576 | ---- | M] () -- C:\Users\Bill\Desktop\RogueKiller.exe
[2012/05/29 00:19:42 | 002,127,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bill\Desktop\tdsskiller.exe
[2012/05/26 21:42:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe

========== Files Created - No Company Name ==========

[2012/06/09 16:33:32 | 000,000,872 | ---- | C] () -- C:\Users\Bill\Desktop\Puran Defrag.lnk
[2012/06/03 19:28:13 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/29 00:35:43 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/05/29 00:35:43 | 000,002,235 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office 60 Day Trial - Online.lnk
[2012/05/29 00:35:43 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Verizon Yahoo! Messenger.lnk
[2012/05/29 00:35:43 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/05/29 00:35:43 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\WQMAP.lnk
[2012/05/29 00:35:42 | 000,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Iomega Encryption.lnk
[2012/05/29 00:35:42 | 000,002,356 | ---- | C] () -- C:\Users\Public\Desktop\Canon MX350 series On-screen Manual.lnk
[2012/05/29 00:35:42 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2012/05/29 00:35:42 | 000,002,106 | ---- | C] () -- C:\Users\Public\Desktop\Iomega QuikProtect (64-Bit).lnk
[2012/05/29 00:35:42 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 3.1.lnk
[2012/05/29 00:35:42 | 000,002,095 | ---- | C] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012/05/29 00:35:42 | 000,002,056 | ---- | C] () -- C:\Users\Public\Desktop\Canon MX350 series User Registration.LNK
[2012/05/29 00:35:42 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012/05/29 00:35:42 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/29 00:35:42 | 000,002,011 | ---- | C] () -- C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
[2012/05/29 00:35:42 | 000,001,806 | ---- | C] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2012/05/29 00:35:42 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/29 00:35:42 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012/05/29 00:35:41 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/05/29 00:35:41 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/05/29 00:35:41 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/05/29 00:35:41 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/05/29 00:35:41 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012/05/29 00:35:41 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/05/29 00:35:41 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/05/29 00:35:41 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012/05/29 00:35:40 | 000,002,084 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD DX.lnk
[2012/05/29 00:35:40 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012/05/29 00:35:40 | 000,001,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2012/05/29 00:35:39 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2012/05/29 00:35:38 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/05/29 00:35:36 | 000,001,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2012/05/29 00:35:35 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2012/05/29 00:35:34 | 000,001,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cozi Family Calendar.lnk
[2012/05/29 00:35:33 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/29 00:35:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/29 00:24:32 | 001,496,576 | ---- | C] () -- C:\Users\Bill\Desktop\RogueKiller.exe
[2012/02/09 11:36:23 | 000,815,518 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/04 23:36:14 | 000,000,000 | ---- | C] () -- C:\Users\Bill\AppData\Local\{0AA70F16-ABB9-47A8-A37A-E4D267FEEBE7}
[2011/08/19 02:30:29 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\hlduinst.exe
[2011/08/19 02:30:28 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2011/08/19 02:29:40 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\netcdf.dll
[2011/08/19 02:29:40 | 000,172,126 | ---- | C] () -- C:\Windows\SysWow64\MDstats.dll
[2011/08/19 02:29:37 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\lfkodak.dll
[2011/08/19 02:29:36 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\lffpx7.dll
[2011/08/19 02:29:35 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\mcpchart32.dll
[2011/08/19 02:29:35 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\TCSDK32.DLL
[2011/08/19 02:29:35 | 000,088,576 | ---- | C] () -- C:\Windows\SysWow64\Tg2d32.dll
[2011/08/19 02:29:35 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\Tgkern32.dll
[2011/08/19 02:29:35 | 000,076,288 | ---- | C] () -- C:\Windows\SysWow64\Tgpoly32.dll
[2011/08/19 02:29:35 | 000,050,176 | ---- | C] () -- C:\Windows\SysWow64\Tgarea32.dll
[2010/09/05 14:34:19 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\YCRWin32.dll
[2010/08/20 17:24:22 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat

========== LOP Check ==========

[2010/09/26 21:53:37 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Canon
[2011/02/24 00:49:52 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\foobar2000
[2011/02/05 11:37:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\iPod2PC3
[2010/12/17 20:30:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\PCDr
[2011/10/22 17:20:37 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\PlxTech
[2012/04/26 20:11:45 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Spotify
[2012/05/25 23:00:04 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\TestApp
[2010/09/03 22:02:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\WildTangent
[2012/06/05 23:56:38 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/10/17 14:41:13 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/19 11:24:59 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
  • 0

#19
Nedklaw
Posted 21 June 2012 - 03:34 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

Please download and install Service Pack 1 from here.


Step 2

We're going to run a tool from Microsoft that has a good effect on reducing startup time.

Read this page for the download instructions for the Windows Performance Toolkit.

Then go to this page for the running instructions.

If you need any help just tell me.
  • 0

#20
bigpor2gee
Posted 21 June 2012 - 09:14 PM

bigpor2gee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
I am sorry, Ted. The instructions for the SP1 download are as clear as mud. The page states:

"Click the Continue button then on any Download button on this page to start the download"

a) Continue button?? I don't know what they're talking about...I can't find it.

b) any Dpwnload button?? Ther are 10 different download buttons (6 that appear to be different versions of SP1), all pointing to files of different sizes. I have no idea what file or files I am supposed to download. Can you provide a bit more detail on where to get the right version of SP1?
  • 0

#21
Nedklaw
Posted 22 June 2012 - 08:52 AM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
Just click on the Download button next to windows6.1-KB976932-X64.exe (one up from the bottom).
  • 0

#22
bigpor2gee
Posted 25 June 2012 - 09:43 AM

bigpor2gee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
OK. I got SP1 installed. Then I went ahead and installed the Windows Performance Toolkit (with only the Win32 Development Tools selected per the instructions on the msfn page) and then the wpt_x64.msi.

Under the msfn “Speed up boot process” instructions, I verified the registry settings for EnablePrefetcher, EnableSuperFetch, and sysmain. Then I installed the 3 suggested Windows 7 hotfixes. Finally, I ran the command “xbootmgr -trace boot -prepSystem –verboseReadyBoot” from the command line prompt and observed the 6X reboot process.

My startup time is now roughly 2 minutes, 30 seconds, so there is SOME improvement. However, I am not sure that the xbootmgr reboot process ran correctly, as here is what I observed:

After each reboot, I would eventually receive a message stating “Please allow the tool to elevate”. At this point, I would also receive a UAC message that “xbootmgr is requesting to make changes to the system”. When I selected <Yes> to allow changes, the “allow tool to elevate” message would always change to “Stopping Trace” and then I would get subsequent messages about how the content of the trace may include personal info that might be divulged if the trace were shared, followed by a “Waiting for Prefetcher” message.
This same process continued through the 6 reboots. Finally, at the end of the 6th reboot, I got the following: “Gave up waiting for Win7RTM physical prefetcher after 300 seconds. Couldn’t wait for prefetcher. Couldn’t find kernel logger.”

I have no idea whether this ran like it should have, since the msfn instructions are not that informative. But it leaves a bit to be desired. The claims of a HUGE improvement at startup may be a bit overblown, as I’m seeing 2 min 30 secconds vs. 3 minutes. I’ll take the improvement of course, but I’m left wondering if the improvement might be even better if the reboot process had run more smoothly. What do you think?
  • 0

#23
Nedklaw
Posted 25 June 2012 - 01:36 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)

  • Download Autoruns.
  • Extract the Autoruns Zip file contents to a folder.
  • Double-click Autoruns.exe.
  • Click on the Everything tab.
  • Go to File then to Export As or Save in some versions.
  • Save AutoRuns.txt file to known location like your Desktop.
  • Attach it to your next reply.

Things I want to see in your next reply

  • AutoRuns.txt
  • 0

#24
bigpor2gee
Posted 25 June 2012 - 07:12 PM

bigpor2gee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "Broadcom Wireless Manager UI" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dell wireless wlan card\wltray.exe"
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "CanonSolutionMenu" "CNSLMAIN" "CANON INC." "c:\program files (x86)\canon\solutionmenu\cnslmain.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "QuiKProtect" "startQuikProtect" "Iomega Corporation - An EMC Company" "c:\program files\iomega\quikprotect\startquikprotect.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "Verizon_McciTrayApp" "mcci+McciTrayApp" "Alcatel-Lucent" "c:\program files\verizon\mccitrayapp.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Dell DataSafe Online" "DataSafeOnline" "" "c:\program files (x86)\dell datasafe online\datasafeonline.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Malwarebytes' Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.1.121\ssscheduler.exe"
"C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "PuranDefrag" "Shell Context Menu Handler" "Puran Software" "c:\windows\system32\purandefrag.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Yahoo! Mail" "Yahoo! Mail" "Yahoo! Inc." "c:\program files (x86)\yahoo!\common\ymmapi.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "PuranDefrag" "Shell Context Menu Handler" "Puran Software" "c:\windows\system32\purandefrag.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg64.dll"
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files\Java\jre6\bin\jp2ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120624231936.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Canon Easy-WebPrint EX BHO" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexbho.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\5.7.7227.1100\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "c:\program files\mcafee\msk\mskapbho.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120624231936.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn0\ytsingleinstance.dll"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Canon Easy-WebPrint EX" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexhlp.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SystemToolsDailyTest" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\{22344C62-C574-486E-B2D7-B328F09E0D3B}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{6C3878F3-6D9E-4C8E-A370-6D70BCC3D4E5}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\wildtangent\dell games\dell game console\gameconsoleservice.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "IHA_MessageCenter" "IHA_MessageCenter" "Verizon" "c:\program files (x86)\verizon\iha_messagecenter\bin\verizon_ihamessagecenter.exe"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files (x86)\canon\ijplm\ijplmsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files (x86)\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files (x86)\common files\motive\mccicmservice.exe"
+ "McciCMService64" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.1.121\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfevtps.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "QPCopyEngine" "Quik Protect CopyEngine Service" "" "c:\program files\iomega\quikprotect\qpmonitor.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "ServicepointService" "" "Radialpoint Inc." "c:\program files (x86)\verizon\vsp\servicepointservice.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sprtsvc_verizondm" "SupportSoft Sprocket Service" "SupportSoft, Inc." "c:\program files (x86)\verizondm\bin\sprtsvc.exe"
+ "tgsrvc_verizondm" "SupportSoft Repair Service" "SupportSoft, Inc." "c:\program files (x86)\verizondm\bin\tgsrvc.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "" "c:\program files\dell\dell wireless wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aksdf" "Aladdin Data Mini-Filter Driver" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\aksdf.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "Hardlock" "Hardlock Device Driver for Windows x64" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\hardlock.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display HD Audio driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfenlfk" "McAfee NDIS Light Filter" "McAfee, Inc." "c:\windows\system32\drivers\mfenlfk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mremp50.sys"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mresp50.sys"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "OXSDIDRV_x64" "" "" "c:\windows\system32\drivers\oxsdidrv_x64.sys"
+ "OXUDIDRV" "" "" "c:\windows\system32\drivers\oxudidrv_x64.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "QsFsFltr" "QuikSync Fs mini-filter driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\qsfsfltr.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MX350 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlma6.dll"
+ "Canon BJNP Port" "Canon IJ Network 64bit comm Module" "CANON INC." "c:\windows\system32\cnmn6ppm.dll"
+ "Canon MP FAX Language Monitor MX350 series" "MP FAX Language Monitor DLL" "Canon Inc." "c:\windows\system32\cncf2ll.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "Dell Wireless WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"
  • 0

#25
Nedklaw
Posted 26 June 2012 - 04:08 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
There are quite a few programs that are loading when you start Windows which causes a delay in Windows to load.


Step 1

Open Autoruns, click on the Logon tab, and Un-check:

+ "Apoint"
+ "Broadcom Wireless Manager UI"
+ "CanonMyPrinter"
+ "CanonSolutionMenu"
+ "HotKeysCmds"
+ "IgfxTray"
+ "Persistence"
+ "QuickSet"
+ "QuiKProtect"
+ "RtHDVCpl"
+ "Verizon_McciTrayApp"
+ "Adobe ARM"
+ "iTunesHelper"
+ "QuickTime Task"
+ "SunJavaUpdateSched"

When done restart your computer.


Step 2

Run the Windows Performance Toolkit again using the instructions here.


Step 3

Has the startup time of your computer been reduced?
  • 0

Advertisements

#26
bigpor2gee
Posted 27 June 2012 - 03:27 PM

bigpor2gee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Thanks. I disabled the noted programs with Autoruns and then re-ran the Windows Performance Toolkit. This time the toolkit ran without the “Gave up waiting for Win7RTM physical prefetcher after 300 seconds" message. Restart time is now approx 100 seconds. Full cold boot time is approx. 130 seconds. Definitely an improvement! :P
  • 0

#27
Nedklaw
Posted 28 June 2012 - 08:54 AM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
I'm still not satisfied with the startup time so I'm going to get you to create a trace file so I can see what is causing the delay.

  • Click Start and type cmd.exe into the Search box.
  • Right-click the program.
  • Click Run as Administrator.
  • Click Yes to the prompt that appears.
  • Copy and paste the following command prompt into the black box and press Enter:

    xbootmgr -trace boot -traceFlags BASE+CSWITCH+DRIVERS+POWER -resultPath C:\Users\Bill\Desktop
  • The file should be on your desktop. Attach the trace file in your next reply.

  • 0

#28
bigpor2gee
Posted 29 June 2012 - 09:24 PM

bigpor2gee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Well now I have a BIG PROBLEM. I ran the command like you asked. The system shut down and now cannot restart. Upon the restart attempt it went to the Windows Error Reovery screen where it gave me the option of trying to startup normally or run Startup Repair. The system would not startup normally, so I tried the Startup Repair. That was unable to diagnose the problem but led me to a more detailed repair log that essentially provided the following (I had to copy all of this manually from my computer as I am using my wife's work computer to writh this):

REPAIR LOG
# OF REPAIR ATTEMPTS = 2

DETAILS
SYSTEM DISK = \DEVICE\HARDDISK0
WIDNOWS DIRECTORY = E:\WINDOWS
AUTOCHK RUN = 0
NUMBER OF ROOT CAUSES = 1

Tests performed successfully (no tests were identified as fails):
Check for updates
System disk test
Disk failure diagnosis
Disk metadata test
Target OS test
Volume content check
Boot manager diagnosis
System boot log diagnosis
Event log diagnosis
Internal state check
Boot status test
Setup state check
Registry hives test
Windows boot log diagnosis
Bugcheck analysis
Access control test
File system test (chkdsk)
Software installation log diagnosis
Fallback diagnosis

Root cause found:
Unspecified changes to system configuration might have caused the problem
Repair action: System files integrity check and repair
Result: Failed. Error code = 0x490

So I don't know what happened with this command (I double-checked that I entered in all the arguments correctly), but I am seriously hosed now. I need this fixed ASAP. As it is now late Friday night, I'm not sure what I can expect, but if a live chat would help get it resolved quicker, I'm up for it. YOu can always send me an email with contact info in it. [email protected]. HELP!!
  • 0

#29
bigpor2gee
Posted 29 June 2012 - 09:47 PM

bigpor2gee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
The StartUP Repair problem details are as follows:

Problem Event Name: StartupRepairOffline
Problem Signature 01: 6.1.7600.16385
Problem Signature 02: 6.1.7600.16385
Problem Signature 03: unknown
Problem Signature 04: 385
Problem Signature 05: AutoFailover
Problem Signature 06: 1
Problem Signature 07: NoRootCause
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033
  • 0

#30
Nedklaw
Posted 30 June 2012 - 05:38 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
All help must be given in this topic so other users can use it as a learning experience.

Download the following three programmes to your desktop :

1. WiNToBootic
2. Windows 7 64bit RC
3. Farbar Recovery Scan Tool x64


Extract WiNToBoot to your desktop.
Insert a USB drive of at least 4GB.
Run WiNToBoot.

Posted Image


Drag and drop the Windows 7 ISO to the programme in the space indicated.
Tick the Format box and accept the warnings.
Press Do it!.

You will see it progressing.

Posted Image


It will let you know when it is done.
Then copy FRST to the same USB.

Posted Image


Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB.
Note: If you are not sure how to do that follow the instructions here.


When you reboot you will see this although yours will say windows 7. Click Repair your computer.

Posted Image


Select your operating system.

Posted Image


Select Command Prompt.

Posted Image


At the command prompt type the following:

  • notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe and press Enter.
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP