Results 1 to 10 of 10
  1. #1
    Member
    Join Date
    Jan 2014
    Posts
    4
    Points
    0

    Default Laptop will not download more than 1.7 MB of a file. Frequent popups Clean Virus Scan

    Several weeks ago two new programs were downloaded and installed on the laptop by accident since they seem were 'bundled" with some design software. These were GorillaPrice and Save The Children Reminder by We-Care.com. At first it wasnt an issue, the only way I knew they were on the computer is by looking at the Program Files. A few days after that Internet Explorer would open without prompting. I dont use IE, I use Chrome. These popups will happen every time I'm using Chrome, but have popped up infrequently while I'm not using the internet at all. Shortly after this I downloaded Norton Antivirus software, the first comprehensive scan revealed a plethora of problems that werent really severe and resolved them, however the popups kept coming. After that I lost the capability to download files. Everything I would try to download would stop after only downloading 1.7MB. Every time without fail 1.7 MB. Doesnt matter what is being downloaded, it only downloads 1.7MB. I contacted the ISP and it isnt them, also none of the other computers on the network have the same difficulty. I've run the antivirus scan multiple times since the first scan and everyone comes back saying no problems detected.

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi Venator05,
    My name is zep516 and Welcome to help2go

    I'll do the best I can to resolve your computer issue
    Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue. Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    First

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double-click AdwCleaner.exe to run the tool.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • Click the Scan button.
    • AdwCleaner will begin. Be patient as the scan may take some time to complete.
    • After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.



    Next

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.

    Next

    Download Security Check by screen317 from Here or Here
    Save it to your Desktop.
    Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    In your next reply post:
    • AdwCleaner[R0].txt)
    • Extras.txt
    • OTL.txt
    • checkup.txt


    Thanks
    Joe

    I will ask a moderator to move us to spyware forum

  3. #3
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Thread moved at request of zep516.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  4. #4
    Member
    Join Date
    Jan 2014
    Posts
    4
    Points
    0

    Default

    Thank you so much for your help!

    [U]AdwCleaner[R0].txt[U]

    # AdwCleaner v3.016 - Report created 04/01/2014 at 01:17:06
    # Updated 23/12/2013 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 2 (64 bits)
    # Username : Imperator Regalis - MAINFRAME
    # Running from : C:\Users\Imperator Regalis\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\END
    Folder Found : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Folder Found : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\Program Files (x86)\Free Offers from Freeze.com
    Folder Found C:\ProgramData\boost_interprocess
    Folder Found C:\ProgramData\Conduit
    Folder Found C:\ProgramData\WeCareReminder
    Folder Found C:\Users\Imperator Regalis\AppData\Local\Conduit
    Folder Found C:\Users\Imperator Regalis\AppData\Local\NativeMessaging
    Folder Found C:\Users\Imperator Regalis\AppData\Local\PackageAware
    Folder Found C:\Users\Imperator Regalis\AppData\LocalLow\Conduit

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\Freecause
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\FLEXnet
    Key Found : HKCU\Software\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Found : HKCU\Software\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\wecarereminder
    Key Found : HKCU\Software\YahooPartnerToolbar
    Key Found : [x64] HKCU\Software\FLEXnet
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : [x64] HKCU\Software\wecarereminder
    Key Found : [x64] HKCU\Software\YahooPartnerToolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\Freeze.com
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\Software\Uniblue
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com?SearchSource=10&CUI=UN11509452401901276&UM=2&ctid=CT3314936
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://isearch.avg.com/tab?cid={E3240CF5-9EAD-4571-ABB8-1BF56D1015B8}&mid=9af85e34245947d19258d16c2281c5f4-f8f30cfe4a75aa4f4063cf61eae253eb1d87977a&lang=en&ds=AVG&pr=fr&d=2011-11-06 01:52:20&v=9.0.0.22&sap=nt

    -\\ Google Chrome v31.0.1650.63

    [ File : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [6543 octets] - [04/01/2014 01:17:06]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6603 octets] ##########

    Extras.txt:

    OTL Extras logfile created on: 1/4/2014 5:12:52 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Imperator Regalis\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.96 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 55.34% Memory free
    7.92 Gb Paging File | 6.08 Gb Available in Paging File | 76.81% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.40 Gb Total Space | 193.02 Gb Free Space | 68.11% Space Free | Partition Type: NTFS

    Computer Name: MAINFRAME | User Name: Imperator Regalis | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
    .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
    .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- "%1" %*
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1 -- ()

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1 -- ()

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1 -- ()

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1 -- ()

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{03DC33B3-8C9E-4548-8EB5-44366820C5C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{07C5B1DC-D7A9-4477-B545-1F1D4EAAF685}" = lport=57195 | protocol=6 | dir=in | name=akamai netsession interface |
    "{097F345A-71E8-4434-9C67-3B657DDFB634}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{12082BFF-DBD8-4844-B9CD-3B71B1F71DD5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{1D482B6F-0BE5-4A02-A914-AEA7508FA5CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{266F59B7-58A8-45D7-B464-204C331096F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{2F19E0D5-D281-4FEC-817A-C25FC31A2CF9}" = lport=64754 | protocol=6 | dir=in | name=akamai netsession interface |
    "{4293C272-2329-49FB-9087-67B809A5C4C5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{4341BDFC-7957-4A62-8EF2-69F7A186D463}" = rport=2869 | protocol=6 | dir=out | app=system |
    "{571A8F20-6716-4BB0-8FC8-0BA26D53B9E5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{5CD0809E-B173-42D8-80A8-D836455C19B8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{62636EB4-EA82-4E6F-B05A-EFB5B15A1201}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
    "{632B26FC-0B76-48A1-B034-3F32A363A255}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{6846DFDA-3B05-4CD1-A29E-C90C5FD4ABAF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{6B97323F-44AE-4504-A459-1D4771DC21E8}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{711CE77A-30FC-4600-AABA-1DB8DFA42A91}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{75951084-E686-4034-AC60-6EAE7F1C6230}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{90C64C25-ABDB-4627-9B34-3D14732C6923}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{9498A79C-84C0-4B1D-988E-6F0225FFCDC7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{9C876B9C-8AFA-4696-AEE6-E0B27E561483}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{9EB0AA4D-272D-47ED-83CB-4BDFDC4C5D6B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A6DF9EC0-9350-4929-9C15-B81E073D3103}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{A716EA8C-9197-48EE-A779-88C539718E36}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AAFBA697-8BF2-4325-8287-EA9CB797C49F}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
    "{BCA3F0A7-4AC1-4294-BCE8-2A3C2734AAED}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{CAD4BA0D-FB72-48AC-9607-FDFA1919235B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D06B5BC6-B04F-4D9D-9C4B-9817D463AA7A}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{D12BE6D4-8DDD-432C-8BB5-E6C8882D4CA4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{E24CBEAE-3658-400A-A61E-16D3AF90B4C6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{E2671930-B809-48EA-84D7-9169ACBAB646}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{E5B742EA-EE0E-4853-91D4-602029F6BCCE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{F10C1480-30B8-4985-A867-DEE3A2062F2E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{F138820F-751C-4419-A8DC-0456EA518554}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{F23FA2F2-6638-4B70-A126-CFC74D677C06}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
    "{F3B54219-4AE5-4E58-9602-8BD0EBC387FF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{FFB6A55C-0A06-4B60-BF07-DA5F9928DA4B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{06B68AB7-5DEE-4871-9334-93D398E12C9C}" = dir=in | app=c:\program files (x86)\pogoplugpc\ppserver.exe |
    "{09F01E45-6778-47BD-98A5-043F0745E35B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{0FDA23E6-7211-44CB-A96E-3552038A6211}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{10D808EA-394F-44CF-89A2-652A6FBD796B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{15C516DC-4156-40B9-A078-975B877B04D1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{1B527B49-37F2-4644-8A63-C9275D9FBBA4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
    "{1EF40A19-15F2-4796-9332-4DC619ECBA19}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{1FA11264-43F3-468A-850B-1E85FEF8A6A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{210BD06C-096C-42EB-A3E1-B67000CE0116}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
    "{29E87F28-A4BF-47DB-B007-605FECC9780C}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
    "{2E11D096-6A61-45B0-8D30-551827372D00}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{346A5588-CCC5-47D5-BB06-17309685C3F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
    "{367B3E30-1A51-473A-81CF-C9136AB73D65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{37DEED9F-D62A-4AD9-AD2C-3384BBFBB192}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
    "{38AB5661-3F9F-4040-9293-76647270000A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{3EB84054-D276-4709-AFCC-A0556E58DC3F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{46E05C8A-8E54-4AA5-83BD-4AF2ACDE5699}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{4789FA66-4FE7-4B85-AAD9-AE6AF8ADA5E1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
    "{49C6A027-E456-402F-8AEE-49FA7868C4D6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
    "{4E5415C5-37AE-49F2-A081-73F7F9B79BBE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{513B83F6-5E4E-4104-ACF8-41A999BA2A61}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
    "{53F646C8-4091-4BEE-B79B-086F7DE4978F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{59A674C3-A6C1-41FF-AF8F-CAB42AB10D47}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
    "{6A4D2459-76FA-427E-A81E-A3456159607F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{6FEA9F96-0FA2-418C-86C9-01A911E3B403}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{70E35E9F-2277-4783-AA09-000E86BF505C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{74483AAC-47FC-4026-A2B1-517D2BAEC074}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{7788B61B-1E69-42B6-93FF-33A574C96F99}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
    "{7A5F6797-4B67-431F-82CB-5E10F4086B2B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{7B272FD4-A357-4398-A1C2-500DCAFB48FC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{86DC90B3-55AF-4A60-A88A-E7666BDD5BF8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{8DA1CFBB-3A62-4E72-9C42-5D36966B695F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
    "{96BB7358-5A63-445A-84D4-39755DE5BBB6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{9A49F6E8-A912-4653-BE02-23CE173F0BA2}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
    "{9B813E98-2D88-419A-A124-C815B7F3540A}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
    "{9DB75081-36D6-45AA-9D04-320F340A281E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{A078C7B8-25D4-4AD5-A0FE-676A817634FB}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
    "{A614BC78-8879-4623-A4FD-C84766BF7724}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
    "{ABB41604-16B2-4C1A-9E57-A7F7FA417506}" = protocol=6 | dir=out | app=system |
    "{B0C0CCF0-B0E0-4C60-A236-556D0A275E64}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{B30F0D1B-C7C1-453B-B15A-C1C372A0CCBF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
    "{B44A2C28-367E-4EE0-970E-9C5D1AEF7E8D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{B4F1977B-9EEA-4053-B495-CCA825B197FC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{B60F005C-D118-4405-A2A3-2247B1B0A317}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{B65CAA30-593B-4033-8314-98E3E7700E00}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
    "{B6BF1952-7389-4933-80CF-26AA9895E7FA}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
    "{B75A161C-D1C5-42EC-AD19-346E31F7BBD4}" = dir=in | app=c:\program files (x86)\inde\current\template\csharp\idws.exe |
    "{B92C9E5C-AEE7-43D6-B631-8A7D1B9BBBCC}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
    "{BC0D7EDA-6DF0-4AA6-BACD-84FA73717B5B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{BC0FE21F-04CC-4827-8C4E-F786098ADB82}" = protocol=6 | dir=in | app=c:\program files (x86)\realtouch\platform\agent.exe |
    "{C26E59A7-6311-4C68-9D4D-F7DEEB1F80EC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{C43AC9F8-C402-43B5-AE2D-D8CB7B50BD1C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{C5309BB7-DB3D-473D-BB50-234BAAE39F1E}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
    "{C7F6CB2B-2BB8-480D-ACA2-D0C0F1CC9C50}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
    "{CE790572-4C3C-496F-B1F7-9456FA49A2C2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{D43D6D28-A880-43B9-8223-08EB4C60ABAD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
    "{D857A8C0-EBEC-4386-B971-30E795DA252C}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
    "{D89E439F-2A79-4B48-A317-0F7C9CE41AE7}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
    "{DCDE66E9-1474-45A2-9166-DB082F393105}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
    "{E3A57B20-8A75-4919-9A8B-3FE77519A6CF}" = dir=in | app=d:\setup\hpznui40.exe |
    "{E5167C51-17F9-4964-AFA8-EF2E216530FD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{EB7C9E83-DBE2-4E60-B70C-3A27F8A8007B}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
    "{F4E0E08A-F01B-4FED-BDD8-1CD95663F838}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{F68AC1C0-CB7E-4B01-9973-3FB01DD851CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F7C19DF7-4D89-4672-B8AB-3CC1C0CC22E0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
    "{F9222940-4298-4000-B150-E73080DF0B3B}" = dir=out | app=c:\program files (x86)\pogoplugpc\ppserver.exe |
    "{FCF24874-92D8-4D60-9E34-35A904C3CAF9}" = protocol=17 | dir=in | app=c:\program files (x86)\realtouch\platform\agent.exe |
    "TCP Query User{2AD3415D-0619-468C-B320-64225000400B}C:\program files (x86)\realtouch\platform\agent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\realtouch\platform\agent.exe |
    "TCP Query User{92EFF43D-0314-4EAF-90F4-989CAF5CCE2E}C:\users\imperator regalis\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\imperator regalis\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{9470F438-E858-42E8-869F-30ACC98F99BE}C:\users\imperator regalis\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\imperator regalis\appdata\local\directv player\ndspcshowserver.exe |
    "TCP Query User{B53318B3-D1C7-4647-9196-F40405988315}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "TCP Query User{DA03C376-A0A6-4A74-802E-87AAD39575B3}C:\users\imperator regalis\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\imperator regalis\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{1119FF11-39CE-448F-B3F6-EF183FE5A56E}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "UDP Query User{2421DFEE-6A06-4B5A-B343-2F5E994D0FDF}C:\program files (x86)\realtouch\platform\agent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\realtouch\platform\agent.exe |
    "UDP Query User{494BB819-EA87-4257-8F75-E7DF604374AC}C:\users\imperator regalis\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\imperator regalis\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{D1335E01-AF6F-4AA8-98F7-2323FD65684A}C:\users\imperator regalis\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\imperator regalis\appdata\local\directv player\ndspcshowserver.exe |
    "UDP Query User{E3E312BF-5488-436D-BDAD-902864913D3B}C:\users\imperator regalis\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\imperator regalis\appdata\local\akamai\netsession_win.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{009751C6-22D7-4548-A313-AD48FA57076F}" = Autodesk Inventor Server Engine for 3ds Max 2014 64-bit
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{08BE46F7-166A-4716-8603-75518EA54B3F}" = Driver Installer
    "{0BB716E0-1400-0610-0000-097DC2F354DF}" = Autodesk Revit Interoperability for 3ds Max 2014
    "{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
    "{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
    "{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
    "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{52B37EC7-D836-0409-0064-3C24BCED2010}" = Autodesk 3ds Max 2014
    "{5AAB972C-FF31-4B01-8445-50C42860EC02}" = Autodesk Composite 2014
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{7491836B-659E-47DD-ABBF-F875AD48FD10}" = Autodesk 3ds Max 2014 64-bit Populate Data
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{8FC7C2B2-0F64-4B35-AA3D-2B051D009243}" = Autodesk DirectConnect 2014 64-bit
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
    "{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
    "{E8814D63-BB76-4C89-A25E-264ECF11D00D}" = Autodesk Essential Skills Movies for 3ds Max 2014 64-bit
    "{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
    "Autodesk 3ds Max 2014" = Autodesk 3ds Max 2014
    "Autodesk Composite 2014" = Autodesk Composite 2014
    "Autodesk DirectConnect 2014 64-bit" = Autodesk DirectConnect 2014 64-bit
    "Autodesk Revit Interoperability for 3ds Max 2014" = Autodesk Revit Interoperability for 3ds Max 2014
    "Blender" = Blender
    "Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Print Projects" = HP Print Projects 1.0
    "HP Smart Web Printing" = HP Smart Web Printing 4.5
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPExtendedCapabilities" = HP Customer Participation Program 13.0
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "PC-Doctor for Windows" = My Dell
    "PogoplugPC" = Pogoplug PC
    "Pro Gamma Instant Developer" = Pro Gamma Instant Developer
    "Shop for HP Supplies" = Shop for HP Supplies

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0228288D-975E-42F7-9993-E91A82E6BBD9}" = SavetheChildren Reminder by We-Care.com v4.1.24.4
    "{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager
    "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
    "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1A0FDBEB-BDFE-454C-AE09-4EF58B4DCD2A}" = Art Explosion Home & Student Print Center
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
    "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{3018B943-C76C-44B0-B078-790A28CEF67E}" = Microsoft UI Engine
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2014
    "{4273BF7C-FBFD-402C-BAE1-98382D10F0B7}" = RealTouch Platform
    "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
    "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
    "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
    "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
    "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
    "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
    "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
    "{69b8745b-65c2-4a2d-b5db-00e0cd841f1e}" = DIRECTV Player
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
    "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9BF3D390-A0AD-4733-AFC8-18E306B8E219}_is1" = SCARM 0.9.18 beta
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}" = Autodesk Material Library Medium Resolution Image Library 2014
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
    "{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
    "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
    "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
    "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
    "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
    "{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
    "{E5F343DE-F5ED-4582-BAE2-C8ED548DFA46}" = Google SketchUp Viewer
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
    "{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
    "{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}" = Bing Bar
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced Audio FX Engine" = Advanced Audio FX Engine
    "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
    "AudibleDownloadManager" = Audible Download Manager
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "Dell Webcam Central" = Dell Webcam Central
    "Google Chrome" = Google Chrome
    "GorillaPrice" = GorillaPrice
    "GoToAssist" = GoToAssist 8.0.0.514
    "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
    "N360" = Norton 360
    "New LEGO Digital Designer" = LEGO Digital Designer
    "Setup Support for SweetIM" = SweetIM
    "simppulltoolbar" = Simppull Toolbar (Remove Toolbar Only)
    "Wings 3D 1.4.1" = Wings 3D 1.4.1
    "WinLiveSuite" = Windows Live Essentials
    "Yahoo! Companion" = Yahoo! Toolbar

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 1/3/2014 11:14:38 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 858192

    Error - 1/3/2014 11:16:42 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/3/2014 11:16:42 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 1076

    Error - 1/3/2014 11:16:42 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 1076

    Error - 1/3/2014 11:16:44 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/3/2014 11:16:44 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 2246

    Error - 1/3/2014 11:16:44 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 2246

    Error - 1/4/2014 3:10:06 AM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/4/2014 3:10:06 AM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 14004693

    Error - 1/4/2014 3:10:06 AM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 14004693

    [ Media Center Events ]
    Error - 1/5/2013 4:02:28 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:02:28 AM - Error connecting to the internet. 2:02:28 AM - Unable
    to contact server..

    Error - 1/5/2013 4:02:34 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:02:33 AM - Error connecting to the internet. 2:02:33 AM - Unable
    to contact server..

    Error - 1/5/2013 4:13:52 PM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:13:52 PM - Error connecting to the internet. 2:13:52 PM - Unable
    to contact server..

    Error - 1/5/2013 4:13:58 PM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:13:57 PM - Error connecting to the internet. 2:13:57 PM - Unable
    to contact server..

    Error - 1/6/2013 4:35:38 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:35:38 AM - Error connecting to the internet. 2:35:38 AM - Unable
    to contact server..

    Error - 1/6/2013 4:35:47 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:35:44 AM - Error connecting to the internet. 2:35:44 AM - Unable
    to contact server..

    Error - 1/6/2013 4:45:56 PM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:45:56 PM - Error connecting to the internet. 2:45:56 PM - Unable
    to contact server..

    Error - 1/6/2013 4:46:02 PM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:46:01 PM - Error connecting to the internet. 2:46:01 PM - Unable
    to contact server..

    Error - 1/7/2013 4:42:24 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:42:22 AM - Error connecting to the internet. 2:42:22 AM - Unable
    to contact server..

    Error - 9/27/2013 4:23:26 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 3:23:21 AM - Error connecting to the internet. 3:23:21 AM - Unable
    to contact server..

    [ System Events ]
    Error - 1/4/2014 7:07:26 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    SMR410

    Error - 1/4/2014 7:08:36 AM | Computer Name = Mainframe | Source = PNRPSvc | ID = 102
    Description =

    Error - 1/4/2014 7:08:36 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 1/4/2014 7:08:36 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = PNRPSvc | ID = 102
    Description =

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = PNRPSvc | ID = 102
    Description =

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535


    < End of report >

    OTL.txt:

    OTL logfile created on: 1/4/2014 5:12:52 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Imperator Regalis\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.96 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 55.34% Memory free
    7.92 Gb Paging File | 6.08 Gb Available in Paging File | 76.81% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.40 Gb Total Space | 193.02 Gb Free Space | 68.11% Space Free | Partition Type: NTFS

    Computer Name: MAINFRAME | User Name: Imperator Regalis | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/01/04 01:59:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Imperator Regalis\Downloads\OTL.exe
    PRC - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
    PRC - [2013/11/05 12:11:20 | 000,631,808 | ---- | M] () -- C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe
    PRC - [2013/10/08 06:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
    PRC - [2013/09/15 13:34:06 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    PRC - [2013/09/14 02:38:54 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2013/06/25 14:12:12 | 001,765,744 | ---- | M] (NDS Technologies) -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
    PRC - [2013/06/25 14:12:10 | 007,956,328 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
    PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Imperator Regalis\AppData\Local\Akamai\netsession_win.exe
    PRC - [2011/09/14 22:19:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
    PRC - [2010/07/23 12:19:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
    PRC - [2010/07/23 10:46:02 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    PRC - [2009/12/17 12:54:40 | 001,795,488 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
    PRC - [2009/10/30 09:40:26 | 000,341,504 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    PRC - [2009/10/02 13:46:00 | 000,656,624 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    PRC - [2009/06/24 19:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    PRC - [2009/06/24 15:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    PRC - [2009/06/18 20:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    PRC - [2009/06/04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/10/09 02:43:07 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
    MOD - [2013/10/09 02:42:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
    MOD - [2013/10/09 02:42:37 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
    MOD - [2013/10/09 02:42:22 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
    MOD - [2013/10/09 02:42:13 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
    MOD - [2013/09/14 00:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
    MOD - [2013/09/14 00:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
    MOD - [2013/08/14 02:34:59 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
    MOD - [2013/08/14 02:34:38 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
    MOD - [2013/08/14 02:34:29 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
    MOD - [2013/08/01 02:44:49 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
    MOD - [2013/08/01 02:41:24 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
    MOD - [2013/06/25 14:12:50 | 000,091,976 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\z.dll
    MOD - [2013/06/25 14:12:48 | 000,332,128 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\ndsLogStore.dll
    MOD - [2013/06/25 14:12:46 | 001,403,224 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\libxml2-2.dll
    MOD - [2013/06/25 14:12:38 | 000,689,000 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
    MOD - [2013/06/25 14:12:18 | 007,554,400 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\gsttspplugin.dll
    MOD - [2013/06/25 14:12:10 | 007,956,328 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
    MOD - [2013/06/25 14:12:06 | 003,175,264 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\DrmSingleton.dll
    MOD - [2013/06/25 14:12:04 | 002,237,288 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\DiscoveryManager.dll
    MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2009/10/02 13:47:00 | 000,128,240 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
    MOD - [2009/10/02 13:47:00 | 000,121,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
    MOD - [2009/10/02 13:47:00 | 000,111,856 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
    MOD - [2009/10/02 13:47:00 | 000,079,088 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
    MOD - [2009/10/02 13:47:00 | 000,074,992 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
    MOD - [2009/10/02 13:46:00 | 001,123,568 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
    MOD - [2009/10/02 13:46:00 | 000,234,736 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
    MOD - [2009/10/02 13:46:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
    MOD - [2009/10/02 13:46:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
    MOD - [2009/10/02 13:46:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
    MOD - [2009/06/18 20:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe


    ========== Services (SafeList) ==========

    SRV:64bit: - [2013/07/31 23:40:23 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
    SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2011/09/14 22:19:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe -- (mi-raysat_3dsmax2014_64)
    SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2009/07/16 19:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
    SRV:64bit: - [2009/06/28 22:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
    SRV - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013/12/11 01:35:18 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/11/05 12:11:20 | 000,631,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -- (GorillaPrice)
    SRV - [2013/10/08 06:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
    SRV - [2013/04/12 15:00:38 | 000,903,456 | ---- | M] (Cloud Engines, Inc.) [Auto | Running] -- C:\Program Files (x86)\PogoplugPC\hbadmin.exe -- (HBAdmin)
    SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
    SRV - [2010/07/23 12:19:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/10/17 06:59:09 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
    SRV - [2009/10/02 13:46:00 | 000,656,624 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
    SRV - [2009/06/28 22:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
    SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
    DRV:64bit: - [2013/12/10 15:42:56 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2013/09/26 21:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
    DRV:64bit: - [2013/09/26 20:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
    DRV:64bit: - [2013/09/26 20:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2013/09/25 21:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
    DRV:64bit: - [2013/09/25 20:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
    DRV:64bit: - [2013/09/09 20:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
    DRV:64bit: - [2013/09/09 19:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
    DRV:64bit: - [2013/04/12 15:00:38 | 000,039,712 | ---- | M] (Cloud Engines, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\xcetap0.sys -- (xcetap0)
    DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2009/07/16 19:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
    DRV:64bit: - [2009/07/16 19:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 18:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
    DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2009/06/28 22:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2009/06/15 12:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
    DRV:64bit: - [2009/06/12 15:51:46 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
    DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/06/04 04:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/06/02 21:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/05/19 21:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/05/08 02:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2009/05/04 16:02:20 | 000,198,528 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\swumx80.sys -- (SWUMX80)
    DRV:64bit: - [2009/03/31 14:50:38 | 000,227,840 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\swnc8u80.sys -- (SWNC8U80)
    DRV:64bit: - [2009/02/05 05:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV:64bit: - [2008/09/12 02:31:29 | 000,041,216 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
    DRV:64bit: - [2008/09/12 02:31:29 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SaiMini.sys -- (SaiMini)
    DRV:64bit: - [2008/09/12 02:31:16 | 000,131,584 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SaiK0836.sys -- (SaiK0836)
    DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2013/12/13 18:01:06 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140102.001\IDSviA64.sys -- (IDSVia64)
    DRV - [2013/12/09 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140103.001\ex64.sys -- (NAVEX15)
    DRV - [2013/12/09 01:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2013/12/09 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140103.001\eng64.sys -- (NAVENG)
    DRV - [2013/12/03 12:27:32 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9CCC3B31-E175-4FAC-BD99-CC9CA53D3F28}
    IE:64bit: - HKLM\..\SearchScopes\{9CCC3B31-E175-4FAC-BD99-CC9CA53D3F28}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{9A8095EA-0783-416B-BFD7-C571E4DAF60A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{09FD26C8-131E-4750-9065-3A39374EC42A}: "URL" = http://www.ant.com/web/{searchTerms}/
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{3540EA80-73C3-49B5-83F7-876A3058A66E}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3314936&CUI=UN11509452401901276&UM=2
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{9A8095EA-0783-416B-BFD7-C571E4DAF60A}: "URL" = http://www.bing.com/search?FORM=MSNTLB&PC=MSNTDF&q={searchTerms}&src=IE-SearchBox
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{D6B0B2BA-C1AC-45FE-B7DB-C76619D45F51}: "URL" = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20110312,16491,0,8,0
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Imperator Regalis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Imperator Regalis\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Imperator Regalis\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Imperator Regalis\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Imperator Regalis\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/01 15:29:07 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/12/10 15:43:38 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/01/04 05:10:19 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/01 15:29:07 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - Extension: Google Docs = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
    CHR - Extension: Google Docs = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
    CHR - Extension: Google Drive = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: YouTube = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Google Search = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: No name found = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_1\
    CHR - Extension: Google Wallet = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
    CHR - Extension: Google Wallet = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
    CHR - Extension: Gmail = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
    CHR - Extension: Gmail = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
    O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O2 - BHO: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll ()
    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Updater For Simppull Toolbar) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll (Visicom Media)
    O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
    O2 - BHO: (no name) - {eaf98704-4dcb-44dc-a616-1f04696ced7e} - No CLSID value found.
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll ()
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
    O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [Akamai NetSession Interface] C:\Users\Imperator Regalis\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [PCShowServer] C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [PogoplugPC] C:\Program Files (x86)\PogoplugPC\ppserver.exe (Cloud Engines, Inc.)
    O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
    O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O4 - Startup: C:\Users\Imperator Regalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 ()
    O7 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 ()
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FCEACD3-A82F-4426-A147-5FA1C575C347}: DhcpNameServer = 209.183.35.23 209.183.33.23
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B7143D4-18B2-4E31-A1D6-B7CA3FD229F2}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7DA01FF-BA33-4FAA-8EC3-13F852D313D7}: DhcpNameServer = 209.183.35.23 209.183.33.23
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE22D741-EF28-4740-8B8D-CE2C7F1A7E3E}: DhcpNameServer = 10.0.0.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2013/07/31 22:01:39 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
    O32 - AutoRun File - [2013/12/09 22:21:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{babaa42e-db09-11de-b5a2-002564652c07}\Shell - "" = AutoRun
    O33 - MountPoints2\{babaa42e-db09-11de-b5a2-002564652c07}\Shell\AutoRun\command - "" = F:\WIN\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/01/04 05:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
    [2014/01/04 02:41:29 | 000,000,000 | -HSD | C] -- C:\found.000
    [2014/01/04 01:16:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/12/24 16:26:40 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\AppData\Local\CrashDumps
    [2013/12/14 03:05:03 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
    [2013/12/14 03:05:03 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
    [2013/12/14 03:05:02 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
    [2013/12/14 03:05:01 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
    [2013/12/14 03:02:43 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013/12/14 03:02:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2013/12/14 03:02:42 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013/12/14 03:02:42 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2013/12/14 03:02:42 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2013/12/14 03:02:42 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2013/12/14 03:02:42 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2013/12/14 03:02:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2013/12/14 03:02:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2013/12/14 03:02:41 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2013/12/14 03:02:41 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2013/12/14 03:02:41 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2013/12/14 03:02:41 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2013/12/14 03:02:39 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2013/12/14 03:02:39 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2013/12/14 03:02:36 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013/12/13 18:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogoplug PC
    [2013/12/13 18:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PogoplugPC
    [2013/12/13 18:17:28 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\AppData\Local\Pogoplug
    [2013/12/13 18:05:53 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
    [2013/12/13 18:05:53 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
    [2013/12/13 18:05:51 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
    [2013/12/13 18:05:47 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
    [2013/12/13 18:05:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
    [2013/12/13 18:05:04 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
    [2013/12/13 18:05:04 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
    [2013/12/13 18:05:02 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
    [2013/12/13 18:05:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
    [2013/12/13 18:05:02 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
    [2013/12/13 18:05:02 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
    [2013/12/13 18:05:02 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
    [2013/12/13 18:05:02 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
    [2013/12/11 13:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
    [2013/12/11 05:58:00 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\AppData\Local\NPE
    [2013/12/10 15:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
    [2013/12/10 15:44:36 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\Documents\Symantec
    [2013/12/10 15:42:57 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2013/12/10 15:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
    [2013/12/10 15:42:30 | 001,147,480 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys
    [2013/12/10 15:42:30 | 000,858,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys
    [2013/12/10 15:42:30 | 000,590,936 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys
    [2013/12/10 15:42:30 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.sys
    [2013/12/10 15:42:30 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Ironx64.sys
    [2013/12/10 15:42:30 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys
    [2013/12/10 15:42:30 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys
    [2013/12/10 15:42:30 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymELAM.sys
    [2013/12/10 15:42:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
    [2013/12/10 15:42:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\1501000.012
    [2013/12/10 15:42:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
    [2013/12/10 15:42:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
    [2013/12/10 15:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
    [2013/12/10 15:28:19 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
    [2013/12/09 22:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
    [2013/12/09 22:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/01/04 08:34:19 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/01/04 08:03:25 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2106226183-3928033189-3857513127-1000UA.job
    [2014/01/04 08:00:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/01/04 06:00:38 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/01/04 05:14:45 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/01/04 05:14:45 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/01/04 05:12:03 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/01/04 05:12:03 | 000,660,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/01/04 05:12:03 | 000,121,442 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/01/04 05:07:34 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    [2014/01/04 05:07:17 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
    [2014/01/04 05:07:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/01/04 05:07:02 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
    [2014/01/04 02:42:58 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
    [2014/01/03 19:03:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2106226183-3928033189-3857513127-1000Core.job
    [2014/01/03 18:00:44 | 000,002,048 | ---- | M] () -- C:\Uninstall.dat
    [2013/12/19 12:55:20 | 000,023,702 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\VT20131219.024
    [2013/12/14 03:38:43 | 000,396,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/12/14 03:05:18 | 002,684,397 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Cat.DB
    [2013/12/11 13:02:59 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2013/12/11 01:35:16 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013/12/11 01:35:16 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013/12/10 15:42:56 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2013/12/10 15:42:56 | 000,008,222 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2013/12/10 15:42:56 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2013/12/10 15:42:50 | 000,002,397 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
    [2013/12/10 15:28:19 | 000,001,303 | ---- | M] () -- C:\Users\Imperator Regalis\Desktop\Norton Installation Files.lnk
    [2013/12/09 22:21:23 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
    [2013/12/05 20:26:05 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/01/04 02:42:58 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
    [2014/01/03 18:00:44 | 000,002,048 | ---- | C] () -- C:\Uninstall.dat
    [2013/12/20 17:16:55 | 000,023,702 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\VT20131219.024
    [2013/12/11 13:02:59 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2013/12/10 15:43:02 | 002,684,397 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Cat.DB
    [2013/12/10 15:42:58 | 000,008,222 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2013/12/10 15:42:57 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2013/12/10 15:42:50 | 000,002,397 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
    [2013/12/10 15:42:18 | 000,014,818 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymVTcer.dat
    [2013/12/10 15:42:18 | 000,003,433 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA.inf
    [2013/12/10 15:42:18 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS.inf
    [2013/12/10 15:42:18 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymNet.inf
    [2013/12/10 15:42:18 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.inf
    [2013/12/10 15:42:18 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.inf
    [2013/12/10 15:42:18 | 000,001,098 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symELAM.inf
    [2013/12/10 15:42:18 | 000,000,855 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.inf
    [2013/12/10 15:42:18 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Iron.inf
    [2013/12/10 15:42:17 | 000,009,939 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymELAM64.cat
    [2013/12/10 15:42:17 | 000,008,202 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.cat
    [2013/12/10 15:42:17 | 000,008,196 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.cat
    [2013/12/10 15:42:17 | 000,008,194 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.cat
    [2013/12/10 15:42:17 | 000,008,192 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnet64.cat
    [2013/12/10 15:42:17 | 000,008,192 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.cat
    [2013/12/10 15:42:17 | 000,008,188 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.cat
    [2013/12/10 15:42:17 | 000,008,184 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\iron.cat
    [2013/12/10 15:42:17 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\isolate.ini
    [2013/12/10 15:28:19 | 000,001,303 | ---- | C] () -- C:\Users\Imperator Regalis\Desktop\Norton Installation Files.lnk
    [2013/12/09 22:21:23 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
    [2013/07/31 22:12:08 | 000,773,522 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010/10/14 17:39:47 | 000,002,515 | ---- | C] () -- C:\Users\Imperator Regalis\AppData\Roaming\SAS7_000.DAT
    [2010/01/31 21:34:59 | 000,000,632 | RHS- | C] () -- C:\Users\Imperator Regalis\ntuser.pol
    [2010/01/08 11:07:58 | 000,004,608 | ---- | C] () -- C:\Users\Imperator Regalis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/11/25 22:55:25 | 000,034,878 | ---- | C] () -- C:\Users\Imperator Regalis\AppData\Roaming\wklnhst.dat

    ========== ZeroAccess Check ==========

    [2013/06/05 22:09:53 | 000,000,044 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2106226183-3928033189-3857513127-1000\$R8UHVWC.com_files\n
    [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:0FF263E8

    < End of report >

    Checkup.txt:

    Results of screen317's Security Check version 0.99.78
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Norton 360
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    Java(TM) 6 Update 24
    Java version out of Date!
    Adobe Flash Player 11.9.900.170
    Adobe Reader 9 Adobe Reader out of Date!
    Google Chrome 31.0.1650.57
    Google Chrome 31.0.1650.63
    ````````Process Check: objlist.exe by Laurent````````
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:
    ````````````````````End of Log``````````````````````

  5. #5
    Member
    Join Date
    Jan 2014
    Posts
    4
    Points
    0

    Default

    [U]AdwCleaner[R0].txt[U]

    # AdwCleaner v3.016 - Report created 04/01/2014 at 01:17:06
    # Updated 23/12/2013 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 2 (64 bits)
    # Username : Imperator Regalis - MAINFRAME
    # Running from : C:\Users\Imperator Regalis\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\END
    Folder Found : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Folder Found : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\Program Files (x86)\Free Offers from Freeze.com
    Folder Found C:\ProgramData\boost_interprocess
    Folder Found C:\ProgramData\Conduit
    Folder Found C:\ProgramData\WeCareReminder
    Folder Found C:\Users\Imperator Regalis\AppData\Local\Conduit
    Folder Found C:\Users\Imperator Regalis\AppData\Local\NativeMessaging
    Folder Found C:\Users\Imperator Regalis\AppData\Local\PackageAware
    Folder Found C:\Users\Imperator Regalis\AppData\LocalLow\Conduit

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\Freecause
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\FLEXnet
    Key Found : HKCU\Software\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Found : HKCU\Software\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\wecarereminder
    Key Found : HKCU\Software\YahooPartnerToolbar
    Key Found : [x64] HKCU\Software\FLEXnet
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : [x64] HKCU\Software\wecarereminder
    Key Found : [x64] HKCU\Software\YahooPartnerToolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\Freeze.com
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\Software\Uniblue
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com?SearchSource=10&CUI=UN11509452401901276&UM=2&ctid=CT3314936
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://isearch.avg.com/tab?cid={E3240CF5-9EAD-4571-ABB8-1BF56D1015B8}&mid=9af85e34245947d19258d16c2281c5f4-f8f30cfe4a75aa4f4063cf61eae253eb1d87977a&lang=en&ds=AVG&pr=fr&d=2011-11-06 01:52:20&v=9.0.0.22&sap=nt

    -\\ Google Chrome v31.0.1650.63

    [ File : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [6543 octets] - [04/01/2014 01:17:06]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6603 octets] ##########

    Extras.txt:

    OTL Extras logfile created on: 1/4/2014 5:12:52 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Imperator Regalis\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.96 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 55.34% Memory free
    7.92 Gb Paging File | 6.08 Gb Available in Paging File | 76.81% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.40 Gb Total Space | 193.02 Gb Free Space | 68.11% Space Free | Partition Type: NTFS

    Computer Name: MAINFRAME | User Name: Imperator Regalis | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
    .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
    .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- "%1" %*
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1 -- ()

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1 -- ()

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1 -- ()

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1 -- ()

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{03DC33B3-8C9E-4548-8EB5-44366820C5C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{07C5B1DC-D7A9-4477-B545-1F1D4EAAF685}" = lport=57195 | protocol=6 | dir=in | name=akamai netsession interface |
    "{097F345A-71E8-4434-9C67-3B657DDFB634}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{12082BFF-DBD8-4844-B9CD-3B71B1F71DD5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{1D482B6F-0BE5-4A02-A914-AEA7508FA5CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{266F59B7-58A8-45D7-B464-204C331096F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{2F19E0D5-D281-4FEC-817A-C25FC31A2CF9}" = lport=64754 | protocol=6 | dir=in | name=akamai netsession interface |
    "{4293C272-2329-49FB-9087-67B809A5C4C5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{4341BDFC-7957-4A62-8EF2-69F7A186D463}" = rport=2869 | protocol=6 | dir=out | app=system |
    "{571A8F20-6716-4BB0-8FC8-0BA26D53B9E5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{5CD0809E-B173-42D8-80A8-D836455C19B8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{62636EB4-EA82-4E6F-B05A-EFB5B15A1201}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
    "{632B26FC-0B76-48A1-B034-3F32A363A255}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{6846DFDA-3B05-4CD1-A29E-C90C5FD4ABAF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{6B97323F-44AE-4504-A459-1D4771DC21E8}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{711CE77A-30FC-4600-AABA-1DB8DFA42A91}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{75951084-E686-4034-AC60-6EAE7F1C6230}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{90C64C25-ABDB-4627-9B34-3D14732C6923}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{9498A79C-84C0-4B1D-988E-6F0225FFCDC7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{9C876B9C-8AFA-4696-AEE6-E0B27E561483}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{9EB0AA4D-272D-47ED-83CB-4BDFDC4C5D6B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A6DF9EC0-9350-4929-9C15-B81E073D3103}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{A716EA8C-9197-48EE-A779-88C539718E36}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AAFBA697-8BF2-4325-8287-EA9CB797C49F}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
    "{BCA3F0A7-4AC1-4294-BCE8-2A3C2734AAED}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{CAD4BA0D-FB72-48AC-9607-FDFA1919235B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D06B5BC6-B04F-4D9D-9C4B-9817D463AA7A}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{D12BE6D4-8DDD-432C-8BB5-E6C8882D4CA4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{E24CBEAE-3658-400A-A61E-16D3AF90B4C6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{E2671930-B809-48EA-84D7-9169ACBAB646}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{E5B742EA-EE0E-4853-91D4-602029F6BCCE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{F10C1480-30B8-4985-A867-DEE3A2062F2E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{F138820F-751C-4419-A8DC-0456EA518554}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{F23FA2F2-6638-4B70-A126-CFC74D677C06}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
    "{F3B54219-4AE5-4E58-9602-8BD0EBC387FF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{FFB6A55C-0A06-4B60-BF07-DA5F9928DA4B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{06B68AB7-5DEE-4871-9334-93D398E12C9C}" = dir=in | app=c:\program files (x86)\pogoplugpc\ppserver.exe |
    "{09F01E45-6778-47BD-98A5-043F0745E35B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{0FDA23E6-7211-44CB-A96E-3552038A6211}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{10D808EA-394F-44CF-89A2-652A6FBD796B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{15C516DC-4156-40B9-A078-975B877B04D1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{1B527B49-37F2-4644-8A63-C9275D9FBBA4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
    "{1EF40A19-15F2-4796-9332-4DC619ECBA19}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{1FA11264-43F3-468A-850B-1E85FEF8A6A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{210BD06C-096C-42EB-A3E1-B67000CE0116}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
    "{29E87F28-A4BF-47DB-B007-605FECC9780C}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
    "{2E11D096-6A61-45B0-8D30-551827372D00}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{346A5588-CCC5-47D5-BB06-17309685C3F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
    "{367B3E30-1A51-473A-81CF-C9136AB73D65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{37DEED9F-D62A-4AD9-AD2C-3384BBFBB192}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
    "{38AB5661-3F9F-4040-9293-76647270000A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{3EB84054-D276-4709-AFCC-A0556E58DC3F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{46E05C8A-8E54-4AA5-83BD-4AF2ACDE5699}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{4789FA66-4FE7-4B85-AAD9-AE6AF8ADA5E1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
    "{49C6A027-E456-402F-8AEE-49FA7868C4D6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
    "{4E5415C5-37AE-49F2-A081-73F7F9B79BBE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{513B83F6-5E4E-4104-ACF8-41A999BA2A61}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
    "{53F646C8-4091-4BEE-B79B-086F7DE4978F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{59A674C3-A6C1-41FF-AF8F-CAB42AB10D47}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
    "{6A4D2459-76FA-427E-A81E-A3456159607F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{6FEA9F96-0FA2-418C-86C9-01A911E3B403}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{70E35E9F-2277-4783-AA09-000E86BF505C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{74483AAC-47FC-4026-A2B1-517D2BAEC074}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{7788B61B-1E69-42B6-93FF-33A574C96F99}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
    "{7A5F6797-4B67-431F-82CB-5E10F4086B2B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{7B272FD4-A357-4398-A1C2-500DCAFB48FC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{86DC90B3-55AF-4A60-A88A-E7666BDD5BF8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{8DA1CFBB-3A62-4E72-9C42-5D36966B695F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
    "{96BB7358-5A63-445A-84D4-39755DE5BBB6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{9A49F6E8-A912-4653-BE02-23CE173F0BA2}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
    "{9B813E98-2D88-419A-A124-C815B7F3540A}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
    "{9DB75081-36D6-45AA-9D04-320F340A281E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{A078C7B8-25D4-4AD5-A0FE-676A817634FB}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
    "{A614BC78-8879-4623-A4FD-C84766BF7724}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
    "{ABB41604-16B2-4C1A-9E57-A7F7FA417506}" = protocol=6 | dir=out | app=system |
    "{B0C0CCF0-B0E0-4C60-A236-556D0A275E64}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{B30F0D1B-C7C1-453B-B15A-C1C372A0CCBF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
    "{B44A2C28-367E-4EE0-970E-9C5D1AEF7E8D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{B4F1977B-9EEA-4053-B495-CCA825B197FC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{B60F005C-D118-4405-A2A3-2247B1B0A317}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{B65CAA30-593B-4033-8314-98E3E7700E00}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
    "{B6BF1952-7389-4933-80CF-26AA9895E7FA}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
    "{B75A161C-D1C5-42EC-AD19-346E31F7BBD4}" = dir=in | app=c:\program files (x86)\inde\current\template\csharp\idws.exe |
    "{B92C9E5C-AEE7-43D6-B631-8A7D1B9BBBCC}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
    "{BC0D7EDA-6DF0-4AA6-BACD-84FA73717B5B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{BC0FE21F-04CC-4827-8C4E-F786098ADB82}" = protocol=6 | dir=in | app=c:\program files (x86)\realtouch\platform\agent.exe |
    "{C26E59A7-6311-4C68-9D4D-F7DEEB1F80EC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{C43AC9F8-C402-43B5-AE2D-D8CB7B50BD1C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{C5309BB7-DB3D-473D-BB50-234BAAE39F1E}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
    "{C7F6CB2B-2BB8-480D-ACA2-D0C0F1CC9C50}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
    "{CE790572-4C3C-496F-B1F7-9456FA49A2C2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{D43D6D28-A880-43B9-8223-08EB4C60ABAD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
    "{D857A8C0-EBEC-4386-B971-30E795DA252C}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
    "{D89E439F-2A79-4B48-A317-0F7C9CE41AE7}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
    "{DCDE66E9-1474-45A2-9166-DB082F393105}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
    "{E3A57B20-8A75-4919-9A8B-3FE77519A6CF}" = dir=in | app=d:\setup\hpznui40.exe |
    "{E5167C51-17F9-4964-AFA8-EF2E216530FD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{EB7C9E83-DBE2-4E60-B70C-3A27F8A8007B}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
    "{F4E0E08A-F01B-4FED-BDD8-1CD95663F838}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{F68AC1C0-CB7E-4B01-9973-3FB01DD851CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F7C19DF7-4D89-4672-B8AB-3CC1C0CC22E0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
    "{F9222940-4298-4000-B150-E73080DF0B3B}" = dir=out | app=c:\program files (x86)\pogoplugpc\ppserver.exe |
    "{FCF24874-92D8-4D60-9E34-35A904C3CAF9}" = protocol=17 | dir=in | app=c:\program files (x86)\realtouch\platform\agent.exe |
    "TCP Query User{2AD3415D-0619-468C-B320-64225000400B}C:\program files (x86)\realtouch\platform\agent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\realtouch\platform\agent.exe |
    "TCP Query User{92EFF43D-0314-4EAF-90F4-989CAF5CCE2E}C:\users\imperator regalis\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\imperator regalis\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{9470F438-E858-42E8-869F-30ACC98F99BE}C:\users\imperator regalis\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\imperator regalis\appdata\local\directv player\ndspcshowserver.exe |
    "TCP Query User{B53318B3-D1C7-4647-9196-F40405988315}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "TCP Query User{DA03C376-A0A6-4A74-802E-87AAD39575B3}C:\users\imperator regalis\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\imperator regalis\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{1119FF11-39CE-448F-B3F6-EF183FE5A56E}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "UDP Query User{2421DFEE-6A06-4B5A-B343-2F5E994D0FDF}C:\program files (x86)\realtouch\platform\agent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\realtouch\platform\agent.exe |
    "UDP Query User{494BB819-EA87-4257-8F75-E7DF604374AC}C:\users\imperator regalis\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\imperator regalis\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{D1335E01-AF6F-4AA8-98F7-2323FD65684A}C:\users\imperator regalis\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\imperator regalis\appdata\local\directv player\ndspcshowserver.exe |
    "UDP Query User{E3E312BF-5488-436D-BDAD-902864913D3B}C:\users\imperator regalis\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\imperator regalis\appdata\local\akamai\netsession_win.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{009751C6-22D7-4548-A313-AD48FA57076F}" = Autodesk Inventor Server Engine for 3ds Max 2014 64-bit
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{08BE46F7-166A-4716-8603-75518EA54B3F}" = Driver Installer
    "{0BB716E0-1400-0610-0000-097DC2F354DF}" = Autodesk Revit Interoperability for 3ds Max 2014
    "{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
    "{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
    "{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
    "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{52B37EC7-D836-0409-0064-3C24BCED2010}" = Autodesk 3ds Max 2014
    "{5AAB972C-FF31-4B01-8445-50C42860EC02}" = Autodesk Composite 2014
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{7491836B-659E-47DD-ABBF-F875AD48FD10}" = Autodesk 3ds Max 2014 64-bit Populate Data
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{8FC7C2B2-0F64-4B35-AA3D-2B051D009243}" = Autodesk DirectConnect 2014 64-bit
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
    "{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
    "{E8814D63-BB76-4C89-A25E-264ECF11D00D}" = Autodesk Essential Skills Movies for 3ds Max 2014 64-bit
    "{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
    "Autodesk 3ds Max 2014" = Autodesk 3ds Max 2014
    "Autodesk Composite 2014" = Autodesk Composite 2014
    "Autodesk DirectConnect 2014 64-bit" = Autodesk DirectConnect 2014 64-bit
    "Autodesk Revit Interoperability for 3ds Max 2014" = Autodesk Revit Interoperability for 3ds Max 2014
    "Blender" = Blender
    "Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Print Projects" = HP Print Projects 1.0
    "HP Smart Web Printing" = HP Smart Web Printing 4.5
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPExtendedCapabilities" = HP Customer Participation Program 13.0
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "PC-Doctor for Windows" = My Dell
    "PogoplugPC" = Pogoplug PC
    "Pro Gamma Instant Developer" = Pro Gamma Instant Developer
    "Shop for HP Supplies" = Shop for HP Supplies

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0228288D-975E-42F7-9993-E91A82E6BBD9}" = SavetheChildren Reminder by We-Care.com v4.1.24.4
    "{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager
    "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
    "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1A0FDBEB-BDFE-454C-AE09-4EF58B4DCD2A}" = Art Explosion Home & Student Print Center
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
    "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{3018B943-C76C-44B0-B078-790A28CEF67E}" = Microsoft UI Engine
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2014
    "{4273BF7C-FBFD-402C-BAE1-98382D10F0B7}" = RealTouch Platform
    "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
    "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
    "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
    "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
    "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
    "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
    "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
    "{69b8745b-65c2-4a2d-b5db-00e0cd841f1e}" = DIRECTV Player
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
    "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9BF3D390-A0AD-4733-AFC8-18E306B8E219}_is1" = SCARM 0.9.18 beta
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}" = Autodesk Material Library Medium Resolution Image Library 2014
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
    "{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
    "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
    "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
    "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
    "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
    "{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
    "{E5F343DE-F5ED-4582-BAE2-C8ED548DFA46}" = Google SketchUp Viewer
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
    "{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
    "{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}" = Bing Bar
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced Audio FX Engine" = Advanced Audio FX Engine
    "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
    "AudibleDownloadManager" = Audible Download Manager
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "Dell Webcam Central" = Dell Webcam Central
    "Google Chrome" = Google Chrome
    "GorillaPrice" = GorillaPrice
    "GoToAssist" = GoToAssist 8.0.0.514
    "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
    "N360" = Norton 360
    "New LEGO Digital Designer" = LEGO Digital Designer
    "Setup Support for SweetIM" = SweetIM
    "simppulltoolbar" = Simppull Toolbar (Remove Toolbar Only)
    "Wings 3D 1.4.1" = Wings 3D 1.4.1
    "WinLiveSuite" = Windows Live Essentials
    "Yahoo! Companion" = Yahoo! Toolbar

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 1/3/2014 11:14:38 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 858192

    Error - 1/3/2014 11:16:42 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/3/2014 11:16:42 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 1076

    Error - 1/3/2014 11:16:42 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 1076

    Error - 1/3/2014 11:16:44 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/3/2014 11:16:44 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 2246

    Error - 1/3/2014 11:16:44 PM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 2246

    Error - 1/4/2014 3:10:06 AM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 1/4/2014 3:10:06 AM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 14004693

    Error - 1/4/2014 3:10:06 AM | Computer Name = Mainframe | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 14004693

    [ Media Center Events ]
    Error - 1/5/2013 4:02:28 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:02:28 AM - Error connecting to the internet. 2:02:28 AM - Unable
    to contact server..

    Error - 1/5/2013 4:02:34 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:02:33 AM - Error connecting to the internet. 2:02:33 AM - Unable
    to contact server..

    Error - 1/5/2013 4:13:52 PM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:13:52 PM - Error connecting to the internet. 2:13:52 PM - Unable
    to contact server..

    Error - 1/5/2013 4:13:58 PM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:13:57 PM - Error connecting to the internet. 2:13:57 PM - Unable
    to contact server..

    Error - 1/6/2013 4:35:38 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:35:38 AM - Error connecting to the internet. 2:35:38 AM - Unable
    to contact server..

    Error - 1/6/2013 4:35:47 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:35:44 AM - Error connecting to the internet. 2:35:44 AM - Unable
    to contact server..

    Error - 1/6/2013 4:45:56 PM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:45:56 PM - Error connecting to the internet. 2:45:56 PM - Unable
    to contact server..

    Error - 1/6/2013 4:46:02 PM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:46:01 PM - Error connecting to the internet. 2:46:01 PM - Unable
    to contact server..

    Error - 1/7/2013 4:42:24 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 2:42:22 AM - Error connecting to the internet. 2:42:22 AM - Unable
    to contact server..

    Error - 9/27/2013 4:23:26 AM | Computer Name = Mainframe | Source = MCUpdate | ID = 0
    Description = 3:23:21 AM - Error connecting to the internet. 3:23:21 AM - Unable
    to contact server..

    [ System Events ]
    Error - 1/4/2014 7:07:26 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    SMR410

    Error - 1/4/2014 7:08:36 AM | Computer Name = Mainframe | Source = PNRPSvc | ID = 102
    Description =

    Error - 1/4/2014 7:08:36 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 1/4/2014 7:08:36 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = PNRPSvc | ID = 102
    Description =

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = PNRPSvc | ID = 102
    Description =

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 1/4/2014 7:08:46 AM | Computer Name = Mainframe | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535


    < End of report >

    OTL.txt:

    OTL logfile created on: 1/4/2014 5:12:52 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Imperator Regalis\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.96 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 55.34% Memory free
    7.92 Gb Paging File | 6.08 Gb Available in Paging File | 76.81% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.40 Gb Total Space | 193.02 Gb Free Space | 68.11% Space Free | Partition Type: NTFS

    Computer Name: MAINFRAME | User Name: Imperator Regalis | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/01/04 01:59:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Imperator Regalis\Downloads\OTL.exe
    PRC - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
    PRC - [2013/11/05 12:11:20 | 000,631,808 | ---- | M] () -- C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe
    PRC - [2013/10/08 06:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
    PRC - [2013/09/15 13:34:06 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    PRC - [2013/09/14 02:38:54 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2013/06/25 14:12:12 | 001,765,744 | ---- | M] (NDS Technologies) -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
    PRC - [2013/06/25 14:12:10 | 007,956,328 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
    PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Imperator Regalis\AppData\Local\Akamai\netsession_win.exe
    PRC - [2011/09/14 22:19:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
    PRC - [2010/07/23 12:19:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
    PRC - [2010/07/23 10:46:02 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    PRC - [2009/12/17 12:54:40 | 001,795,488 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
    PRC - [2009/10/30 09:40:26 | 000,341,504 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    PRC - [2009/10/02 13:46:00 | 000,656,624 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    PRC - [2009/06/24 19:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    PRC - [2009/06/24 15:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    PRC - [2009/06/18 20:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    PRC - [2009/06/04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/10/09 02:43:07 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
    MOD - [2013/10/09 02:42:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
    MOD - [2013/10/09 02:42:37 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
    MOD - [2013/10/09 02:42:22 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
    MOD - [2013/10/09 02:42:13 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
    MOD - [2013/09/14 00:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
    MOD - [2013/09/14 00:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
    MOD - [2013/08/14 02:34:59 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
    MOD - [2013/08/14 02:34:38 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
    MOD - [2013/08/14 02:34:29 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
    MOD - [2013/08/01 02:44:49 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
    MOD - [2013/08/01 02:41:24 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
    MOD - [2013/06/25 14:12:50 | 000,091,976 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\z.dll
    MOD - [2013/06/25 14:12:48 | 000,332,128 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\ndsLogStore.dll
    MOD - [2013/06/25 14:12:46 | 001,403,224 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\libxml2-2.dll
    MOD - [2013/06/25 14:12:38 | 000,689,000 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
    MOD - [2013/06/25 14:12:18 | 007,554,400 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\gsttspplugin.dll
    MOD - [2013/06/25 14:12:10 | 007,956,328 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
    MOD - [2013/06/25 14:12:06 | 003,175,264 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\DrmSingleton.dll
    MOD - [2013/06/25 14:12:04 | 002,237,288 | ---- | M] () -- C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\DiscoveryManager.dll
    MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2009/10/02 13:47:00 | 000,128,240 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
    MOD - [2009/10/02 13:47:00 | 000,121,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
    MOD - [2009/10/02 13:47:00 | 000,111,856 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
    MOD - [2009/10/02 13:47:00 | 000,079,088 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
    MOD - [2009/10/02 13:47:00 | 000,074,992 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
    MOD - [2009/10/02 13:46:00 | 001,123,568 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
    MOD - [2009/10/02 13:46:00 | 000,234,736 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
    MOD - [2009/10/02 13:46:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
    MOD - [2009/10/02 13:46:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
    MOD - [2009/10/02 13:46:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
    MOD - [2009/06/18 20:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe


    ========== Services (SafeList) ==========

    SRV:64bit: - [2013/07/31 23:40:23 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
    SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2011/09/14 22:19:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe -- (mi-raysat_3dsmax2014_64)
    SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2009/07/16 19:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
    SRV:64bit: - [2009/06/28 22:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
    SRV - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013/12/11 01:35:18 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/11/05 12:11:20 | 000,631,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -- (GorillaPrice)
    SRV - [2013/10/08 06:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
    SRV - [2013/04/12 15:00:38 | 000,903,456 | ---- | M] (Cloud Engines, Inc.) [Auto | Running] -- C:\Program Files (x86)\PogoplugPC\hbadmin.exe -- (HBAdmin)
    SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
    SRV - [2010/07/23 12:19:26 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/10/17 06:59:09 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
    SRV - [2009/10/02 13:46:00 | 000,656,624 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
    SRV - [2009/06/28 22:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
    SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
    DRV:64bit: - [2013/12/10 15:42:56 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2013/09/26 21:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
    DRV:64bit: - [2013/09/26 20:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
    DRV:64bit: - [2013/09/26 20:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2013/09/25 21:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
    DRV:64bit: - [2013/09/25 20:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
    DRV:64bit: - [2013/09/09 20:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
    DRV:64bit: - [2013/09/09 19:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
    DRV:64bit: - [2013/04/12 15:00:38 | 000,039,712 | ---- | M] (Cloud Engines, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\xcetap0.sys -- (xcetap0)
    DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2009/07/16 19:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
    DRV:64bit: - [2009/07/16 19:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 18:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
    DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2009/06/28 22:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2009/06/15 12:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
    DRV:64bit: - [2009/06/12 15:51:46 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
    DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/06/04 04:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/06/02 21:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/05/19 21:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/05/08 02:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2009/05/04 16:02:20 | 000,198,528 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\swumx80.sys -- (SWUMX80)
    DRV:64bit: - [2009/03/31 14:50:38 | 000,227,840 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\swnc8u80.sys -- (SWNC8U80)
    DRV:64bit: - [2009/02/05 05:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV:64bit: - [2008/09/12 02:31:29 | 000,041,216 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
    DRV:64bit: - [2008/09/12 02:31:29 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SaiMini.sys -- (SaiMini)
    DRV:64bit: - [2008/09/12 02:31:16 | 000,131,584 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SaiK0836.sys -- (SaiK0836)
    DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2013/12/13 18:01:06 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140102.001\IDSviA64.sys -- (IDSVia64)
    DRV - [2013/12/09 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140103.001\ex64.sys -- (NAVEX15)
    DRV - [2013/12/09 01:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2013/12/09 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140103.001\eng64.sys -- (NAVENG)
    DRV - [2013/12/03 12:27:32 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9CCC3B31-E175-4FAC-BD99-CC9CA53D3F28}
    IE:64bit: - HKLM\..\SearchScopes\{9CCC3B31-E175-4FAC-BD99-CC9CA53D3F28}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{9A8095EA-0783-416B-BFD7-C571E4DAF60A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{09FD26C8-131E-4750-9065-3A39374EC42A}: "URL" = http://www.ant.com/web/{searchTerms}/
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{3540EA80-73C3-49B5-83F7-876A3058A66E}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3314936&CUI=UN11509452401901276&UM=2
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{9A8095EA-0783-416B-BFD7-C571E4DAF60A}: "URL" = http://www.bing.com/search?FORM=MSNTLB&PC=MSNTDF&q={searchTerms}&src=IE-SearchBox
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{D6B0B2BA-C1AC-45FE-B7DB-C76619D45F51}: "URL" = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20110312,16491,0,8,0
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Imperator Regalis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Imperator Regalis\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Imperator Regalis\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Imperator Regalis\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Imperator Regalis\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/01 15:29:07 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/12/10 15:43:38 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/01/04 05:10:19 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/01 15:29:07 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - Extension: Google Docs = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
    CHR - Extension: Google Docs = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
    CHR - Extension: Google Drive = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: YouTube = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Google Search = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: No name found = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_1\
    CHR - Extension: Google Wallet = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
    CHR - Extension: Google Wallet = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
    CHR - Extension: Gmail = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
    CHR - Extension: Gmail = C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
    O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O2 - BHO: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll ()
    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Updater For Simppull Toolbar) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll (Visicom Media)
    O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
    O2 - BHO: (no name) - {eaf98704-4dcb-44dc-a616-1f04696ced7e} - No CLSID value found.
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll ()
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
    O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [Akamai NetSession Interface] C:\Users\Imperator Regalis\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [PCShowServer] C:\Users\Imperator Regalis\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
    O4 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000..\Run: [PogoplugPC] C:\Program Files (x86)\PogoplugPC\ppserver.exe (Cloud Engines, Inc.)
    O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
    O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O4 - Startup: C:\Users\Imperator Regalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 ()
    O7 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 ()
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FCEACD3-A82F-4426-A147-5FA1C575C347}: DhcpNameServer = 209.183.35.23 209.183.33.23
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B7143D4-18B2-4E31-A1D6-B7CA3FD229F2}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7DA01FF-BA33-4FAA-8EC3-13F852D313D7}: DhcpNameServer = 209.183.35.23 209.183.33.23
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE22D741-EF28-4740-8B8D-CE2C7F1A7E3E}: DhcpNameServer = 10.0.0.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2013/07/31 22:01:39 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
    O32 - AutoRun File - [2013/12/09 22:21:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{babaa42e-db09-11de-b5a2-002564652c07}\Shell - "" = AutoRun
    O33 - MountPoints2\{babaa42e-db09-11de-b5a2-002564652c07}\Shell\AutoRun\command - "" = F:\WIN\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/01/04 05:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
    [2014/01/04 02:41:29 | 000,000,000 | -HSD | C] -- C:\found.000
    [2014/01/04 01:16:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/12/24 16:26:40 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\AppData\Local\CrashDumps
    [2013/12/14 03:05:03 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
    [2013/12/14 03:05:03 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
    [2013/12/14 03:05:02 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
    [2013/12/14 03:05:01 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
    [2013/12/14 03:02:43 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013/12/14 03:02:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2013/12/14 03:02:42 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013/12/14 03:02:42 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2013/12/14 03:02:42 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2013/12/14 03:02:42 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2013/12/14 03:02:42 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2013/12/14 03:02:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2013/12/14 03:02:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2013/12/14 03:02:41 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2013/12/14 03:02:41 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2013/12/14 03:02:41 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2013/12/14 03:02:41 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2013/12/14 03:02:39 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2013/12/14 03:02:39 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2013/12/14 03:02:36 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013/12/13 18:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogoplug PC
    [2013/12/13 18:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PogoplugPC
    [2013/12/13 18:17:28 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\AppData\Local\Pogoplug
    [2013/12/13 18:05:53 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
    [2013/12/13 18:05:53 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
    [2013/12/13 18:05:51 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
    [2013/12/13 18:05:47 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
    [2013/12/13 18:05:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
    [2013/12/13 18:05:04 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
    [2013/12/13 18:05:04 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
    [2013/12/13 18:05:02 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
    [2013/12/13 18:05:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
    [2013/12/13 18:05:02 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
    [2013/12/13 18:05:02 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
    [2013/12/13 18:05:02 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
    [2013/12/13 18:05:02 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
    [2013/12/11 13:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
    [2013/12/11 05:58:00 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\AppData\Local\NPE
    [2013/12/10 15:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
    [2013/12/10 15:44:36 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\Documents\Symantec
    [2013/12/10 15:42:57 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2013/12/10 15:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
    [2013/12/10 15:42:30 | 001,147,480 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys
    [2013/12/10 15:42:30 | 000,858,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys
    [2013/12/10 15:42:30 | 000,590,936 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys
    [2013/12/10 15:42:30 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.sys
    [2013/12/10 15:42:30 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Ironx64.sys
    [2013/12/10 15:42:30 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys
    [2013/12/10 15:42:30 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys
    [2013/12/10 15:42:30 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymELAM.sys
    [2013/12/10 15:42:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
    [2013/12/10 15:42:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\1501000.012
    [2013/12/10 15:42:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
    [2013/12/10 15:42:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
    [2013/12/10 15:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
    [2013/12/10 15:28:19 | 000,000,000 | ---D | C] -- C:\Users\Imperator Regalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
    [2013/12/09 22:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
    [2013/12/09 22:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/01/04 08:34:19 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/01/04 08:03:25 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2106226183-3928033189-3857513127-1000UA.job
    [2014/01/04 08:00:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/01/04 06:00:38 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/01/04 05:14:45 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/01/04 05:14:45 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/01/04 05:12:03 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/01/04 05:12:03 | 000,660,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/01/04 05:12:03 | 000,121,442 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/01/04 05:07:34 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    [2014/01/04 05:07:17 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
    [2014/01/04 05:07:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/01/04 05:07:02 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
    [2014/01/04 02:42:58 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
    [2014/01/03 19:03:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2106226183-3928033189-3857513127-1000Core.job
    [2014/01/03 18:00:44 | 000,002,048 | ---- | M] () -- C:\Uninstall.dat
    [2013/12/19 12:55:20 | 000,023,702 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\VT20131219.024
    [2013/12/14 03:38:43 | 000,396,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/12/14 03:05:18 | 002,684,397 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Cat.DB
    [2013/12/11 13:02:59 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2013/12/11 01:35:16 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013/12/11 01:35:16 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013/12/10 15:42:56 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2013/12/10 15:42:56 | 000,008,222 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2013/12/10 15:42:56 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2013/12/10 15:42:50 | 000,002,397 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
    [2013/12/10 15:28:19 | 000,001,303 | ---- | M] () -- C:\Users\Imperator Regalis\Desktop\Norton Installation Files.lnk
    [2013/12/09 22:21:23 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
    [2013/12/05 20:26:05 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/01/04 02:42:58 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
    [2014/01/03 18:00:44 | 000,002,048 | ---- | C] () -- C:\Uninstall.dat
    [2013/12/20 17:16:55 | 000,023,702 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\VT20131219.024
    [2013/12/11 13:02:59 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2013/12/10 15:43:02 | 002,684,397 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Cat.DB
    [2013/12/10 15:42:58 | 000,008,222 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2013/12/10 15:42:57 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2013/12/10 15:42:50 | 000,002,397 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
    [2013/12/10 15:42:18 | 000,014,818 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymVTcer.dat
    [2013/12/10 15:42:18 | 000,003,433 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA.inf
    [2013/12/10 15:42:18 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS.inf
    [2013/12/10 15:42:18 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymNet.inf
    [2013/12/10 15:42:18 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.inf
    [2013/12/10 15:42:18 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.inf
    [2013/12/10 15:42:18 | 000,001,098 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symELAM.inf
    [2013/12/10 15:42:18 | 000,000,855 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.inf
    [2013/12/10 15:42:18 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Iron.inf
    [2013/12/10 15:42:17 | 000,009,939 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymELAM64.cat
    [2013/12/10 15:42:17 | 000,008,202 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.cat
    [2013/12/10 15:42:17 | 000,008,196 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.cat
    [2013/12/10 15:42:17 | 000,008,194 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.cat
    [2013/12/10 15:42:17 | 000,008,192 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnet64.cat
    [2013/12/10 15:42:17 | 000,008,192 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.cat
    [2013/12/10 15:42:17 | 000,008,188 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.cat
    [2013/12/10 15:42:17 | 000,008,184 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\iron.cat
    [2013/12/10 15:42:17 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1501000.012\isolate.ini
    [2013/12/10 15:28:19 | 000,001,303 | ---- | C] () -- C:\Users\Imperator Regalis\Desktop\Norton Installation Files.lnk
    [2013/12/09 22:21:23 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
    [2013/07/31 22:12:08 | 000,773,522 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010/10/14 17:39:47 | 000,002,515 | ---- | C] () -- C:\Users\Imperator Regalis\AppData\Roaming\SAS7_000.DAT
    [2010/01/31 21:34:59 | 000,000,632 | RHS- | C] () -- C:\Users\Imperator Regalis\ntuser.pol
    [2010/01/08 11:07:58 | 000,004,608 | ---- | C] () -- C:\Users\Imperator Regalis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/11/25 22:55:25 | 000,034,878 | ---- | C] () -- C:\Users\Imperator Regalis\AppData\Roaming\wklnhst.dat

    ========== ZeroAccess Check ==========

    [2013/06/05 22:09:53 | 000,000,044 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2106226183-3928033189-3857513127-1000\$R8UHVWC.com_files\n
    [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:0FF263E8

    < End of report >

    Checkup.txt:

    Results of screen317's Security Check version 0.99.78
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Norton 360
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    Java(TM) 6 Update 24
    Java version out of Date!
    Adobe Flash Player 11.9.900.170
    Adobe Reader 9 Adobe Reader out of Date!
    Google Chrome 31.0.1650.57
    Google Chrome 31.0.1650.63
    ````````Process Check: objlist.exe by Laurent````````
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:
    ````````````````````End of Log``````````````````````

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi Venator05,

    Thanks for the reports.

    • Now that I have these log reports, please refrain from making any changes like uninstalling or installing software.

    • It will be while before I get back to you. You have quite a bit of ad/ware that we will take care of.

    • Please stick with me until I tell you that you are Malware free.

    • You said you downloaded Norton Anti Virus. Is that Norton 360 that you downloaded and I see running?


    Thanks
    Joe
    Last edited by zep516; 01-04-2014 at 06:11 PM.

  7. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    First
    Lets remove those programs listed below.
    ==> Click > Start > Control Panel > Add / remove.

    • SavetheChildren Reminder by We-Care.com v4.1.24.4
    • Java(TM) 6 Update 24
    • GorillaPrice
    • SweetIM
    • Simppull Toolbar (Remove Toolbar Only)

      Next
      We need to "delete" some files using OTL

      • Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
      • Under the Custom Scans/Fixes box at the bottom, paste in the following


      Code:
      :COMMANDS
      [CREATERESTOREPOINT]
      
      :OTL
      
      SRV - [2013/11/05 12:11:20 | 000,631,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -- (GorillaPrice)
      IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\SearchScopes\{3540EA80-73C3-49B5-83F7-876A3058A66E}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3314936&CUI=UN11509452401901276&UM=2
      IE - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      O2 - BHO: (Updater For Simppull Toolbar) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll (Visicom Media)
      O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
      O2 - BHO: (no name) - {eaf98704-4dcb-44dc-a616-1f04696ced7e} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll ()
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
      O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
      O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
      O4 - Startup: C:\Users\Imperator Regalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
      O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O33 - MountPoints2\{babaa42e-db09-11de-b5a2-002564652c07}\Shell\AutoRun\command - "" = F:\WIN\setup.exe
      [2014/01/04 05:07:34 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
      @Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:0FF263E8
      
      :Files
      
      ipconfig /flushdns /c
      netsh advfirewall reset /c
      netsh advfirewall set allprofiles state off /c
      
      :Commands
      
      [resethosts]
      [emptytemp]
    • Make sure all other windows are closed.
    • Click the Run Fix button at the top
    • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
    • Post the log that is found in C:\_OTL\Moved Files in your next reply.
    • Open OTL again and click the Quick Scan button.


    Next

    Double-click AdwCleaner.exe to run the tool again.
    • Click the Scan button.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • AdwCleaner will begin to scan your computer like it did before.
    • After the scan has finished...
      This time click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.


    Next

    Please download Junkware Removal Tool to your desktop.

    • Disable your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking on XP. Or right click and select Run as Administrator Vista/Win7 and above.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    Please post the following logs in your next reply:

    • The OLT fix log located here--> C:\_OTL\Moved Files
    • OTL.txt "quick" scan log, after fix was run.
    • AdwCleaner[S0].txt after the clean was run.
    • JRT.txt


    Tell me how the computer is running, and what issues remain.

    Thanks
    Joe
    Last edited by zep516; 01-05-2014 at 08:22 PM.

  8. #8
    Member
    Join Date
    Jan 2014
    Posts
    4
    Points
    0

    Default

    Everything is working perfectly and back to normal! However, on three different occasions I attempted to run OTL quick scan, but it went Non-responsive halfway through all three times. Currently its been 48 hours since the fix and not a glitch to be found.

    OTL Moved Files

    All processes killed
    ========== COMMANDS ==========
    Restore point Set: OTL Restore Point
    ========== OTL ==========
    Service GorillaPrice stopped successfully!
    Service GorillaPrice deleted successfully!
    C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe moved successfully.
    Registry key HKEY_USERS\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3540EA80-73C3-49B5-83F7-876A3058A66E}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3540EA80-73C3-49B5-83F7-876A3058A66E}\ not found.
    HKU\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4B8BAB4-1667-11DF-A242-BA9455D89593}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4B8BAB4-1667-11DF-A242-BA9455D89593}\ deleted successfully.
    File C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4E6BF2A-1667-11DF-A01F-1F9655D89593}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4E6BF2A-1667-11DF-A01F-1F9655D89593}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eaf98704-4dcb-44dc-a616-1f04696ced7e}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eaf98704-4dcb-44dc-a616-1f04696ced7e}\ not found.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{627af46b-2076-42ae-a2fd-8428734d3e74} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{627af46b-2076-42ae-a2fd-8428734d3e74}\ deleted successfully.
    File C:\Program Files (x86)\simppulltoolbar\simppulldx.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-2106226183-3928033189-3857513127-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully.
    File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk scheduled to be moved on reboot.
    C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk moved successfully.
    C:\Users\Imperator Regalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk moved successfully.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
    C:\Windows\Downloaded Program Files\gp.inf not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{babaa42e-db09-11de-b5a2-002564652c07}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{babaa42e-db09-11de-b5a2-002564652c07}\ not found.
    File F:\WIN\setup.exe not found.
    C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job moved successfully.
    ADS C:\ProgramData\TEMP:0FF263E8 deleted successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\Imperator Regalis\Downloads\cmd.bat deleted successfully.
    C:\Users\Imperator Regalis\Downloads\cmd.txt deleted successfully.
    < netsh advfirewall reset /c >
    Ok.
    C:\Users\Imperator Regalis\Downloads\cmd.bat deleted successfully.
    C:\Users\Imperator Regalis\Downloads\cmd.txt deleted successfully.
    < netsh advfirewall set allprofiles state off /c >
    Ok.
    C:\Users\Imperator Regalis\Downloads\cmd.bat deleted successfully.
    C:\Users\Imperator Regalis\Downloads\cmd.txt deleted successfully.
    ========== COMMANDS ==========
    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 56504 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Guest
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 134 bytes
    ->Java cache emptied: 0 bytes
    ->Google Chrome cache emptied: 116680928 bytes
    ->Flash cache emptied: 56960 bytes

    User: Imperator Regalis
    ->Temp folder emptied: 110231484 bytes
    ->Temporary Internet Files folder emptied: 15407300 bytes
    ->Java cache emptied: 30704562 bytes
    ->Google Chrome cache emptied: 79161535 bytes
    ->Flash cache emptied: 130219 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 1716122 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 123825 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42304013 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
    RecycleBin emptied: 1013699777 bytes

    Total Files Cleaned = 1,345.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 01052014_194529

    Files\Folders moved on Reboot...
    File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk not found!
    C:\Users\Imperator Regalis\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Imperator Regalis\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...



    AdwCleaner[S0]

    # AdwCleaner v3.016 - Report created 04/01/2014 at 05:05:13
    # Updated 23/12/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Imperator Regalis - MAINFRAME
    # Running from : C:\Users\Imperator Regalis\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\boost_interprocess
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\ProgramData\WeCareReminder
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
    Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\Conduit
    Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\NativeMessaging
    Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\PackageAware
    Folder Deleted : C:\Users\Imperator Regalis\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekjokemioblbkdkclpehonimdjgiee
    [!] Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekjokemioblbkdkclpehonimdjgiee
    File Deleted : C:\END

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKCU\Software\FLEXnet
    Key Deleted : HKCU\Software\wecarereminder
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\Uniblue

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

    -\\ Google Chrome v31.0.1650.63

    [ File : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R1].txt - [6709 octets] - [04/01/2014 05:04:28]
    AdwCleaner[S0].txt - [6052 octets] - [04/01/2014 05:05:13]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6112 octets] ##########




    JRT

    # AdwCleaner v3.016 - Report created 04/01/2014 at 05:05:13
    # Updated 23/12/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Imperator Regalis - MAINFRAME
    # Running from : C:\Users\Imperator Regalis\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\boost_interprocess
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\ProgramData\WeCareReminder
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
    Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\Conduit
    Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\NativeMessaging
    Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\PackageAware
    Folder Deleted : C:\Users\Imperator Regalis\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekjokemioblbkdkclpehonimdjgiee
    [!] Folder Deleted : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekjokemioblbkdkclpehonimdjgiee
    File Deleted : C:\END

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\giekjokemioblbkdkclpehonimdjgiee
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKCU\Software\FLEXnet
    Key Deleted : HKCU\Software\wecarereminder
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\Uniblue

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

    -\\ Google Chrome v31.0.1650.63

    [ File : C:\Users\Imperator Regalis\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R1].txt - [6709 octets] - [04/01/2014 05:04:28]
    AdwCleaner[S0].txt - [6052 octets] - [04/01/2014 05:05:13]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6112 octets] ##########

  9. #9
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Excellent

    Let me review the log for any additional items. Stay with me until I say you're clean. You should expect a response Tomorrow at around 4pm EST.

    Thanks
    Joe

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Can you just click the run scan on OTL. See if that will run a scan and post the log. If not delete OTL and re download it. I need that scan.