Results 1 to 10 of 10
  1. #1
    Member
    Join Date
    Dec 2008
    Location
    Austin, Texas
    Posts
    102
    Points
    4
    Blog Entries
    1

    Default Driver support software Malware uninstallation problems.

    Yesterday I thought I was updating drivers from an authorized Windows server and discovered this driver provider is linked to a web site where I must pay to download the drivers. Problem is now I am not able to uninstall the driver update software and I'm not sure what this software is capable of. When I attempt to uninstall the software "Driver Update" my PC pops up a dialogue window that says the "uninstall is prohibited since the user is not logged in as administrator". I am the admin and logged in as such.

    If someone can help I would greatly appreciate it since I try to maintain good PC housekeeping practices.

    I attached Malware bytes, Antispyware and Hijack this log files.

    I am running a Dell Inspiron 1720 with Vista Home Premium.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:42:18 PM, on 7/29/2014
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16561)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\DellTPad\Apoint.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
    C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe
    C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    C:\Windows\ehome\ehtray.exe
    C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Microsoft Office\Office\1033\msoffice.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.duckduckgo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Fox Business | Business News & Stock Quotes - Saving & Investing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
    O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
    O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Akamai NetSession Interface] "C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe" (User '?')
    O4 - HKUS\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?')
    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} (Cisco NAC Web Agent Control) - https://172.25.75.24/auth/taweb.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} (CCAWebLogin Control) - https://172.25.75.24/auth/CCALogin.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: WebEx Service Host for Support Center (atashost) - WebEx Communications, Inc. - C:\Windows\system32\atashost.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
    O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie-Soft - C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: AT&T Network Configuration Service (netcfgsvr) - AT&T - C:\Program Files\AT&T Global Network Client\netcfgsvr.exe
    O23 - Service: AT&T Global Network Client Service (NetClientSvc) - AT&T - C:\Program Files\AT&T Global Network Client\NetClientSvc.exe
    O23 - Service: AT&T Global Network Client Logging Service (NetLogSvc) - AT&T - C:\Program Files\AT&T Global Network Client\NetLogSvc.exe
    O23 - Service: PCTV Service (pctvsvc) - Pinnacle Systems Inc. - C:\Program Files\Pinnacle\PCTV To Go Setup Wizard\..\Drivers\pctvsvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 14438 bytes

    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 7/29/2014
    Scan Time: 4:18:28 PM
    Logfile: Malware Log File.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.29.07
    Rootkit Database: v2014.07.17.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows Vista Service Pack 2
    CPU: x86
    File System: NTFS
    User: capndavid2001

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 290610
    Time Elapsed: 35 min, 1 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 9
    PUP.Optional.WeCare, HKLM\SOFTWARE\CLASSES\CLSID\{6ED0A312-78F5-493C-A90C-5DAF321D0BF8}, , [4902fda8b1ca2c0ae85c56076b979967],
    PUP.Optional.WeCare, HKLM\SOFTWARE\CLASSES\TYPELIB\{B3201ABA-7CDE-4C8D-A28D-4316427BD6D1}, , [4902fda8b1ca2c0ae85c56076b979967],
    PUP.Optional.WeCare, HKLM\SOFTWARE\CLASSES\INTERFACE\{B60591CD-AA25-4261-B05A-77826471C0A3}, , [4902fda8b1ca2c0ae85c56076b979967],
    PUP.Optional.WeCare, HKU\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6ED0A312-78F5-493C-A90C-5DAF321D0BF8}, , [4902fda8b1ca2c0ae85c56076b979967],
    PUP.Optional.WeCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0228288D-975E-42F7-9993-E91A82E6BBD9}, , [3912564f057654e2adfbb11b6a984db3],
    PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, , [fb50139233482f079ed509c8976b7888],
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [ba911392b5c6280ef5fd1cda36cc4bb5],
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [c388475e0c6fe650818f48c551b39769],
    PUP.Optional.SystemSpeedup, HKU\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, , [fe4dd1d47704171fb2c0ad24fa08e51b],

    Registry Values: 1
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-2574564581-2394573384-1249639492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R2Y1I1P1N0J1U1C, , [c388475e0c6fe650818f48c551b39769]

    Registry Data: 0
    (No malicious items detected)

    Folders: 9
    PUP.Optional.SmartBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\Smartbar, , [99b2f1b48bf0e2546ae65159837fc53b],
    PUP.Optional.SmartBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\Smartbar\PennyBeeW.exe_StrongName_krfrcnflo1jv5oe3k1gjgavlynpczxro, , [99b2f1b48bf0e2546ae65159837fc53b],
    PUP.Optional.SmartBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\Smartbar\PennyBeeW.exe_StrongName_krfrcnflo1jv5oe3k1gjgavlynpczxro\1.0.1.0, , [99b2f1b48bf0e2546ae65159837fc53b],
    PUP.Optional.SystemSpeedup, C:\Users\capndavid2001\AppData\Roaming\Systweak\ssd, , [1a3101a4dc9f9c9abaa313b02fd317e9],
    PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector, , [75d66e37e7949a9c9775b91055ad768a],
    PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\2.1.1000.13665, , [75d66e37e7949a9c9775b91055ad768a],
    PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures, , [75d66e37e7949a9c9775b91055ad768a],
    PUP.Optional.AdvancedSystemProtector.A, C:\Users\capndavid2001\AppData\Roaming\Systweak\Advanced-System-Protector, , [212a6c39ee8d8babfe0ee1e8a959cf31],
    PUP.Optional.AdvancedSystemProtector.A, C:\Users\capndavid2001\AppData\Roaming\Systweak\Advanced-System-Protector\2.1.1000.13665, , [212a6c39ee8d8babfe0ee1e8a959cf31],

    Files: 4
    PUP.Optional.SmartBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\Smartbar\PennyBeeW.exe_StrongName_krfrcnflo1jv5oe3k1gjgavlynpczxro\1.0.1.0\user.config, , [99b2f1b48bf0e2546ae65159837fc53b],
    PUP.Optional.SystemSpeedup, C:\Users\capndavid2001\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, , [1a3101a4dc9f9c9abaa313b02fd317e9],
    PUP.Optional.AdvancedSystemProtector.A, C:\Users\capndavid2001\AppData\Roaming\Systweak\Advanced-System-Protector\Settings.db, , [212a6c39ee8d8babfe0ee1e8a959cf31],
    PUP.Optional.AdvancedSystemProtector.A, C:\Users\capndavid2001\AppData\Roaming\Systweak\Advanced-System-Protector\2.1.1000.13665\ASPLog.txt, , [212a6c39ee8d8babfe0ee1e8a959cf31],

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 07/29/2014 at 05:44 PM

    Application Version : 5.7.1026

    Core Rules Database Version : 11401
    Trace Rules Database Version: 9213

    Scan type : Complete Scan
    Total Scan Time : 01:38:33

    Operating System Information
    Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User (Administrator User)

    Memory items scanned : 827
    Memory threats detected : 0
    Registry items scanned : 36844
    Registry threats detected : 0
    File items scanned : 35476
    File threats detected : 8

    Adware.Tracking Cookie
    C:\Users\capndavid2001\AppData\Roaming\Microsoft\Windows\Cookies\G6GV6STB.txt [ /atdmt.com ]
    C:\Users\capndavid2001\AppData\Roaming\Microsoft\Windows\Cookies\NQ883CW4.txt [ /imrworldwide.com ]
    C:\Users\capndavid2001\AppData\Roaming\Microsoft\Windows\Cookies\45IGEFF6.txt [ /liveperson.net ]
    C:\Users\capndavid2001\AppData\Roaming\Microsoft\Windows\Cookies\EF2ZKVRC.txt [ /liveperson.net ]
    C:\USERS\CAPNDAVID2001\Cookies\G6GV6STB.txt [ Cookie:capndavid2001@atdmt.com/ ]
    C:\USERS\CAPNDAVID2001\Cookies\NQ883CW4.txt [ Cookie:capndavid2001@imrworldwide.com/ ]
    C:\USERS\CAPNDAVID2001\Cookies\45IGEFF6.txt [ Cookie:capndavid2001@liveperson.net/ ]
    C:\USERS\CAPNDAVID2001\Cookies\EF2ZKVRC.txt [ Cookie:capndavid2001@liveperson.net/hc/19452074 ]

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,167
    Points
    1305

    Default

    Hello,

    Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the Report button and the report will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.[/*]
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner

  3. #3
    Member
    Join Date
    Dec 2008
    Location
    Austin, Texas
    Posts
    102
    Points
    4
    Blog Entries
    1

    Default

    Hi Z516...I attached the Adaware log file for your reading pleasure. thank you so much for your help and I hope you can find a solution. Also after installing and running the adaware software my PC seems to be unstable now. Anything related?

    # AdwCleaner v3.301 - Report created 30/07/2014 at 06:58:03
    # Updated 28/07/2014 by Xplode
    # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Username : capndavid2001 - CAPNDAVID200-PC
    # Running from : C:\Users\capndavid2001\Desktop\adwcleaner_3.301.exe
    # Option : Clean

    ***** [ Services ] *****

    [x] Not Deleted : wltrysvc

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Systweak
    Folder Deleted : C:\Program Files\PennyBee
    Folder Deleted : C:\Users\capndavid2001\AppData\Roaming\Systweak
    File Deleted : C:\Windows\system32\roboot.exe
    File Deleted : C:\Windows\system32\WLTRYSVC.EXE

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKLM\Software\systweak

    ***** [ Browsers ] *****

    -\\ Internet Explorer v9.0.8112.16561


    *************************

    AdwCleaner[R0].txt - [6554 octets] - [11/12/2013 12:57:30]
    AdwCleaner[R1].txt - [5447 octets] - [13/12/2013 16:46:20]
    AdwCleaner[R2].txt - [2407 octets] - [14/12/2013 22:37:35]
    AdwCleaner[R3].txt - [1106 octets] - [17/12/2013 19:07:07]
    AdwCleaner[R4].txt - [1226 octets] - [17/12/2013 19:42:04]
    AdwCleaner[R5].txt - [1347 octets] - [18/12/2013 20:50:39]
    AdwCleaner[R6].txt - [1467 octets] - [18/12/2013 21:14:38]
    AdwCleaner[R7].txt - [1587 octets] - [18/12/2013 21:29:11]
    AdwCleaner[R8].txt - [2107 octets] - [30/07/2014 06:54:45]
    AdwCleaner[S0].txt - [2512 octets] - [14/12/2013 22:47:17]
    AdwCleaner[S1].txt - [1170 octets] - [17/12/2013 19:34:46]
    AdwCleaner[S2].txt - [1290 octets] - [18/12/2013 20:45:19]
    AdwCleaner[S3].txt - [1410 octets] - [18/12/2013 20:58:48]
    AdwCleaner[S4].txt - [1530 octets] - [18/12/2013 21:18:23]
    AdwCleaner[S5].txt - [1650 octets] - [18/12/2013 21:30:54]
    AdwCleaner[S6].txt - [2048 octets] - [30/07/2014 06:58:03]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2108 octets] ##########

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,167
    Points
    1305

    Default

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.

  5. #5
    Member
    Join Date
    Dec 2008
    Location
    Austin, Texas
    Posts
    102
    Points
    4
    Blog Entries
    1

    Default

    Here ye go Zep516, looks like greek to me......

    OTL logfile created on: 7/30/2014 9:08:08 PM - Run 8
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\capndavid2001\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.42% Memory free
    6.17 Gb Paging File | 3.98 Gb Available in Paging File | 64.49% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 136.47 Gb Total Space | 7.84 Gb Free Space | 5.74% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.49 Gb Free Space | 54.93% Space Free | Partition Type: NTFS

    Computer Name: CAPNDAVID200-PC | User Name: capndavid2001 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/07/30 21:05:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    PRC - [2014/06/18 20:58:36 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
    PRC - [2014/06/16 17:14:36 | 005,626,136 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    PRC - [2014/04/17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe
    PRC - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/10/31 14:47:38 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2013/10/31 14:47:20 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
    PRC - [2013/10/02 04:02:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    PRC - [2013/07/18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
    PRC - [2013/07/18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2013/07/18 16:49:24 | 000,995,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2012/09/07 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2010/07/04 20:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    PRC - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
    PRC - [2010/06/10 15:26:12 | 000,079,200 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\NetLogSvc.exe
    PRC - [2010/06/10 15:26:00 | 000,476,000 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\netcfgsvr.exe
    PRC - [2010/06/10 15:25:40 | 000,349,536 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\NetClientSvc.exe
    PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
    PRC - [2007/09/27 23:54:54 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    PRC - [2007/09/27 23:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
    PRC - [2007/09/27 23:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
    PRC - [2007/09/24 04:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
    PRC - [2007/09/24 04:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
    PRC - [2007/09/24 04:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
    PRC - [2007/09/24 04:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
    PRC - [2007/07/20 19:13:26 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
    PRC - [2007/07/11 09:15:58 | 000,202,800 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    PRC - [2007/07/11 09:15:38 | 000,198,704 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    PRC - [2007/06/27 18:03:18 | 000,125,952 | ---- | M] (Pinnacle Systems Inc.) -- C:\Program Files\Pinnacle\Drivers\pctvsvc.exe
    PRC - [2007/04/16 17:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
    PRC - [2007/03/15 13:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
    PRC - [1999/02/01 18:53:24 | 000,405,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\1033\MSOFFICE.EXE


    ========== Modules (No Company Name) ==========

    MOD - [2014/05/20 06:53:04 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\fbf434299b068c463296945c12845734\System.Runtime.Remoting.ni.dll
    MOD - [2014/03/08 20:53:51 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
    MOD - [2014/03/08 20:53:00 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
    MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2013/09/14 02:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
    MOD - [2013/09/14 02:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
    MOD - [2008/01/28 11:15:28 | 000,073,728 | ---- | M] () -- c:\Program Files\MyMorph\Mcmh.dll
    MOD - [2007/09/26 05:47:30 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
    MOD - [2007/03/21 14:33:40 | 000,065,536 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- C:\Windows\System32\WLTRYSVC.EXE %C:\Windows%\System32\bcmwltry.exe -- (wltrysvc)
    SRV - [2014/07/08 16:51:52 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/07/18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2013/07/18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2012/09/07 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
    SRV - [2010/06/10 15:26:12 | 000,079,200 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\NetLogSvc.exe -- (NetLogSvc)
    SRV - [2010/06/10 15:26:00 | 000,476,000 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\netcfgsvr.exe -- (netcfgsvr)
    SRV - [2010/06/10 15:25:40 | 000,349,536 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\NetClientSvc.exe -- (NetClientSvc)
    SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
    SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/09/27 23:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
    SRV - [2007/09/27 23:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
    SRV - [2007/07/11 09:15:58 | 000,202,800 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
    SRV - [2007/06/27 18:03:18 | 000,125,952 | ---- | M] () [Auto | Running] -- C:\Program Files\Pinnacle\PCTV To Go Setup Wizard\..\Drivers\pctvsvc.exe -- (pctvsvc)
    SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
    SRV - [2007/03/19 13:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [File_System | On_Demand | Stopped] -- system32\DRIVERS\SNDMon.sys -- (SNDMon)
    DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\pnarp.sys -- (pnarp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B5898220-7F72-4066-9483-77749B57B46C}\MpKsl4a6ddd76.sys -- (MpKsl4a6ddd76)
    DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\CAPNDA~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\CAPNDA~1\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2014/07/30 20:31:59 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
    DRV - [2014/05/12 07:26:04 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
    DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2013/06/18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/05/16 11:44:17 | 000,083,968 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swiwdmbx.sys -- (swiwdmbx)
    DRV - [2011/05/13 13:53:00 | 000,215,552 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swg3kser00.sys -- (swg3kser00)
    DRV - [2011/03/03 14:40:22 | 000,208,128 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8ua3.sys -- (SWNC8UA3)
    DRV - [2011/01/17 12:24:58 | 000,275,088 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cbfs3.sys -- (cbfs3)
    DRV - [2010/09/07 01:27:22 | 000,028,672 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PcaSp60.sys -- (PcaSp60)
    DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
    DRV - [2010/06/10 15:08:20 | 000,166,912 | ---- | M] (AT&T) [Kernel | System | Running] -- C:\Windows\System32\drivers\agnfilt.sys -- (agnfilt)
    DRV - [2010/04/26 21:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
    DRV - [2010/04/26 21:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus)
    DRV - [2010/04/26 21:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
    DRV - [2010/02/25 13:48:16 | 000,011,392 | ---- | M] (AT&T) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avpnnic.sys -- (avpnnic)
    DRV - [2009/09/28 09:55:38 | 000,052,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OXSDIDRV_x32.sys -- (OXSDIDRV_x32)
    DRV - [2008/08/22 10:05:42 | 000,026,760 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
    DRV - [2007/09/27 23:54:56 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
    DRV - [2007/09/24 04:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2007/06/27 18:03:18 | 000,347,904 | ---- | M] (Pinnacle Sytems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCTV_10.sys -- (HavaTV_10)
    DRV - [2007/06/27 18:03:18 | 000,347,904 | ---- | M] (Pinnacle Sytems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCTV.sys -- (HAVATV)
    DRV - [2007/06/27 18:03:18 | 000,025,088 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvbus.sys -- (pctvbus)
    DRV - [2007/06/27 18:03:18 | 000,016,384 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvkey.sys -- (BoosterKey)
    DRV - [2007/06/27 18:03:18 | 000,014,848 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvnet.sys -- (havanet)
    DRV - [2007/02/25 13:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
    DRV - [2006/11/27 02:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
    DRV - [2006/11/27 02:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2006/11/27 02:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2006/11/21 07:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
    DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
    DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
    DRV - [2006/10/05 18:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
    DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.duckduckgo
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fox Business | Business News & Stock Quotes - Saving & Investing
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 AB 03 61 56 73 CF 01 [binary data]
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\..\SearchScopes\{7CCA6552-433F-49F0-BC32-E896736B4338}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20131250,20028,0,18,0
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\capndavid2001\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

    [2013/12/10 21:39:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\capndavid2001\AppData\Roaming\Mozilla\Extensions

    O1 HOSTS File: ([2013/07/18 20:27:15 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
    O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [Akamai NetSession Interface] C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} https://172.25.75.24/auth/taweb.cab (Cisco NAC Web Agent Control)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} https://172.25.75.24/auth/CCALogin.CAB (CCAWebLogin Control)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25CCCF37-120D-4D4A-8F10-CFEA457F0E33}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CAA0F40-D16B-4DC4-A6CB-077BD9F28F0F}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{862AA2AE-2419-4156-A2FC-BE9019C79955}: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O24 - Desktop WallPaper: C:\Users\capndavid2001\Pictures\Vic and Me\014.JPG
    O24 - Desktop BackupWallPaper: C:\Users\capndavid2001\Pictures\Vic and Me\014.JPG
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/07/30 21:04:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    [2014/07/29 16:16:47 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    [2014/07/29 16:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    [2014/07/29 16:14:55 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
    [2014/07/29 16:14:52 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
    [2014/07/29 16:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
    [2014/07/29 16:10:51 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2014/07/29 16:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2014/07/28 18:30:36 | 000,000,000 | ---D | C] -- C:\Windows\TempC9F24143-61BD-58D9-18F4-84B57D61D954-Signatures
    [2014/07/28 18:29:43 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
    [2014/07/28 18:29:24 | 000,000,000 | ---D | C] -- C:\Users\capndavid2001\AppData\Local\PC_Drivers_Headquarters
    [2014/07/28 18:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Support
    [2014/07/28 18:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
    [2014/07/28 18:24:00 | 000,000,000 | ---D | C] -- C:\Windows\TempEA70F672-9CB8-7A18-335F-7489F83E2FA4-Signatures
    [2014/07/28 18:21:28 | 000,000,000 | ---D | C] -- C:\Windows\TempDBA005CD-DD70-A7BD-5BE2-DC154396DB54-Signatures
    [2014/07/28 18:19:59 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
    [2014/07/28 18:18:54 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
    [2014/07/28 18:18:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
    [2014/07/28 17:35:15 | 000,000,000 | ---D | C] -- C:\Windows\TempBC9B5420-9856-E526-ED6E-DD4FF270940D-Signatures
    [2014/07/28 17:32:57 | 000,000,000 | ---D | C] -- C:\Windows\Temp4FF00B39-24D4-D80E-702D-F5CF4319422A-Signatures
    [2014/07/28 17:16:16 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
    [2014/07/28 17:16:10 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2014/07/28 17:15:54 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2014/07/28 17:15:53 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2014/07/28 17:15:52 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2014/07/28 17:15:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2014/07/28 17:15:44 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2014/07/28 17:15:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2014/07/28 17:15:43 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2014/07/28 17:15:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2014/07/28 17:15:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2014/07/28 17:15:39 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2014/07/28 17:15:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2014/07/28 17:15:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

    ========== Files - Modified Within 30 Days ==========

    [2014/07/30 21:05:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    [2014/07/30 21:04:02 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/07/30 21:04:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/07/30 21:01:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/07/30 21:01:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/07/30 20:51:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/07/30 20:42:04 | 000,000,610 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2574564581-2394573384-1249639492-1000.job
    [2014/07/30 20:31:59 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    [2014/07/30 07:00:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/07/30 07:00:54 | 3208,732,672 | -HS- | M] () -- C:\hiberfil.sys
    [2014/07/30 06:59:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2014/07/30 06:54:07 | 001,365,551 | ---- | M] () -- C:\Users\capndavid2001\Desktop\adwcleaner_3.301.exe
    [2014/07/30 06:43:40 | 000,000,788 | ---- | M] () -- C:\Users\capndavid2001\Desktop\cbsidlm-cbsi213-Adware_Remover-ORG-75720238.exe - Shortcut.lnk
    [2014/07/29 16:15:37 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/07/28 18:32:18 | 000,002,113 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2014/07/28 18:28:10 | 000,002,168 | ---- | M] () -- C:\Users\Public\Desktop\Driver Support.lnk
    [2014/07/28 17:45:42 | 000,422,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2014/07/08 16:51:49 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2014/07/08 16:51:49 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

    ========== Files Created - No Company Name ==========

    [2014/07/30 06:53:36 | 001,365,551 | ---- | C] () -- C:\Users\capndavid2001\Desktop\adwcleaner_3.301.exe
    [2014/07/30 06:43:39 | 000,000,788 | ---- | C] () -- C:\Users\capndavid2001\Desktop\cbsidlm-cbsi213-Adware_Remover-ORG-75720238.exe - Shortcut.lnk
    [2014/07/29 16:15:37 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/07/28 18:28:10 | 000,002,168 | ---- | C] () -- C:\Users\Public\Desktop\Driver Support.lnk
    [2013/12/10 21:39:45 | 000,000,162 | ---- | C] () -- C:\Windows\Reimage.ini
    [2013/07/18 20:11:36 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2013/07/18 20:11:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2013/07/18 20:11:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2013/07/18 20:11:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2013/07/18 20:11:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2013/01/08 23:05:13 | 000,148,870 | ---- | C] () -- C:\Windows\hpoins19.dat
    [2013/01/08 23:04:51 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
    [2012/12/10 14:19:37 | 000,003,993 | ---- | C] () -- C:\Windows\checkip.dat
    [2012/11/11 10:23:17 | 000,798,720 | ---- | C] () -- C:\Windows\System32\FCPlayer.dll
    [2012/11/11 10:23:17 | 000,303,104 | ---- | C] () -- C:\Windows\System32\FCPlayer.exe
    [2012/11/11 10:23:17 | 000,180,224 | ---- | C] () -- C:\Windows\System32\FCNetLib.dll
    [2012/11/11 10:23:17 | 000,073,728 | ---- | C] () -- C:\Windows\System32\SearchLib.dll
    [2012/11/11 10:23:17 | 000,069,632 | ---- | C] () -- C:\Windows\System32\IPCamera.exe
    [2012/11/11 10:23:17 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FCSDK.dll
    [2012/03/28 15:07:43 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
    [2012/03/27 20:43:30 | 000,005,864 | ---- | C] () -- C:\Users\capndavid2001\AppData\Local\d3d9caps.dat
    [2012/03/09 10:55:51 | 000,870,128 | ---- | C] () -- C:\Users\capndavid2001\AppData\Roaming\mcs.rma
    [2012/03/08 12:41:00 | 000,057,344 | ---- | C] () -- C:\Users\capndavid2001\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/02/25 13:23:40 | 000,217,942 | ---- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

    ========== ZeroAccess Check ==========

    [2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >

    OTL Extras logfile created on: 7/30/2014 9:08:08 PM - Run 8
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\capndavid2001\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.42% Memory free
    6.17 Gb Paging File | 3.98 Gb Available in Paging File | 64.49% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 136.47 Gb Total Space | 7.84 Gb Free Space | 5.74% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.49 Gb Free Space | 54.93% Space Free | Partition Type: NTFS

    Computer Name: CAPNDAVID200-PC | User Name: capndavid2001 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = ComFile] -- "%1" %*
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00F49B2E-21F2-4C5A-A9C1-59ABD36EA66D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{1559BB74-62AE-4991-87CB-6DBA6759F08C}" = lport=445 | protocol=6 | dir=in | app=system |
    "{1D5D6AED-0CC0-4580-97F5-6302A5B3124D}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{1FE7A8FF-005B-4647-A53D-2B0CAA73F79D}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{1FFD85CD-9D68-4B0A-A72B-D71A0FEC8AB1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{2FE92060-96E7-4E77-A623-A7881DA731F1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{3F3C723D-09F7-45E8-A715-C329A37C11D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{3F91E591-1581-43E6-BF1A-12A75ED43EA5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{41F56659-25CB-4CE3-B984-C60F6900D1BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{4244CC59-0E7F-4C93-A4F0-4FF8F18E4C37}" = lport=1778 | protocol=17 | dir=in | name=pctv service |
    "{4B461AF4-AE5E-4B75-8BE1-815B7E594621}" = lport=1778 | protocol=17 | dir=in | name=pctv service |
    "{63097867-DC89-456B-96EB-CE31F14D506D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{7F5267D9-1084-4E2C-A420-63E8DCDB1895}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{806F6546-279B-4780-A90F-6F3CA35FB517}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{83004F41-C9C4-4661-86B7-B111EB0949AD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{8FC4BA35-FCA2-4F42-AA83-A6C2458BEE80}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{969D7BFF-5AF4-47A7-864F-EC2810BCA9E9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{A2A89208-28B3-4CB2-8112-9130DE0759F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AF0474CE-5CB1-47BD-A97D-8D547CDAAC8D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{C9CF6235-F6EA-47C0-8234-669329398B10}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D4854E8F-72CA-49B8-8542-1C39C0EAF978}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{E76D705A-6B06-4DE8-ABDA-B52B0B42E337}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{EF877196-1745-4F55-9D9B-CD21E255AB86}" = lport=10243 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04A971EE-6069-49B3-BD85-B10B89C7E24B}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "{05A28FED-720D-423A-B2A5-F5DC8CA6CF56}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{0899D5FC-9E8E-4C59-9EB9-DA8C37385FAF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{0A1E8647-9088-4BE0-8187-4A6D8FF2D805}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
    "{0C2418B1-50DF-4608-9179-EECB757DB9A6}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{0CA0F5DB-C5A8-4505-9948-35BA854BA849}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{10F1F1C8-DADF-4FC6-9366-0F44267D67AE}" = protocol=6 | dir=out | app=system |
    "{166158B2-626D-4D36-865E-31B06ABCE650}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{27B16B12-15EE-49A2-B119-B777BD99455E}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
    "{3443AF16-82CB-4D17-864C-E741B2D169D3}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
    "{349C65B7-CF62-4B6E-9E84-B480400FF43D}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
    "{3587AF70-726A-4DC2-9278-2A23F16E40E9}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
    "{38B4474C-38D3-4BBA-B4A3-A0307B52FB47}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{49DDA028-4557-448F-A0D3-5A3AAF210F29}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{4A11D219-93A3-4EB7-BE07-61EC4B317F0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{54B2061D-5E17-4106-871B-11350992582F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{5DF6FF92-3BDF-4245-83ED-220A6CFE3001}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
    "{61506E02-7A3F-456F-9520-6B1E5880A39D}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
    "{62676F7E-5871-41DD-934D-A7C9F52CCE69}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\qiswizard.exe |
    "{66125539-2602-470D-A56C-F2FBBA865960}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{6823EA88-64C7-42D0-9933-7BD91FF32A14}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
    "{6962F3C6-3E75-43AC-9D91-6575AA5DDC87}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
    "{72032D1F-64B3-4351-B977-B4B33078F0EA}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "{746215A5-DAFB-4E29-9185-1DBFF5C541C4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{757CCDEF-3324-4D46-B4D1-4A9D8CC9C51B}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "{7938BDFC-A3B3-4622-876C-CB78BEA948F4}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "{7B765400-D2D3-4ABF-AA5B-5AAFD7FAB5F7}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
    "{7F40835E-D464-440D-B46A-6328FF1EB57B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{976828FB-F910-4E35-92D9-2F42B647F32F}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\qiswizard.exe |
    "{9BAF7144-1EBE-4E8C-820C-F7A8169F185E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
    "{A0037EB3-234A-4050-A634-589340ED0AA8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{AE5A51FC-CFE8-4978-987E-DDB37E29F764}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
    "{B17E28E0-3A78-47F4-BB40-A407EBA33963}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C651FE76-5F42-48AD-B661-62F75C9DFF92}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{C9E3ECD9-0B99-4EB3-8702-AA6990CE97B7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{CDFEF342-B886-428D-BD89-5DE475D2F593}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{D9C88C48-E02F-4E08-B8C7-ABC2F05B0839}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\rescue.exe |
    "{DF8A33EF-F202-46A6-ABEF-0498F18C22CA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E23BCBC9-0AD9-4BAF-9569-ADDF0BAE2DED}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{E2D96D9A-E475-47C3-B2F1-F899B6FBBBB4}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
    "{E8BD7F61-D996-4268-9F3F-5C49D42BA03B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{F0A6D2FA-0B55-4AA2-9F8F-A5DEFB09137C}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
    "{F13066B1-DD11-4C02-AE44-BFD517F80B0B}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\rescue.exe |
    "{FA6B29EB-A5DF-445A-A680-31A5F04C6037}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{FCB1A46D-283C-4981-86B0-36D658EDE0D9}" = protocol=6 | dir=out | app=system |
    "{FE9E6389-612F-4F34-86C0-0F714FEC3B10}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
    "TCP Query User{2B3ACD0C-15AA-49E0-B61F-38D13C6FDCCA}C:\windows\system32\ipcamera.exe" = protocol=6 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "TCP Query User{663DBF95-8538-4F47-A99E-43BAC3E0AFD9}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{69A0CDA6-D08B-49C6-B96E-8EA6180A0057}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{7E0072B4-2BE2-4349-98DF-BEDF1521E740}C:\windows\system32\ipcamera.exe" = protocol=6 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "TCP Query User{B5715681-0BB1-420E-A7E4-94C07A85303D}C:\program files\asus\rt-n66r wireless router utilities\discovery.exe" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "UDP Query User{07DE54B0-2A8B-4E4B-9376-90614A3836A8}C:\windows\system32\ipcamera.exe" = protocol=17 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "UDP Query User{402288E3-8BBC-4CF6-B034-E49907DBECFE}C:\windows\system32\ipcamera.exe" = protocol=17 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "UDP Query User{6C519BAF-E215-4C03-A704-A6817B275FCD}C:\program files\asus\rt-n66r wireless router utilities\discovery.exe" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "UDP Query User{8BBC228B-0AC0-4915-9C2E-8C7E7828524B}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{FACADA1F-CE8B-4AED-8183-EA9F32EA84C8}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
    "{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
    "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
    "{0BFCE729-2C99-4D94-944E-4B57878D3576}" = MyMorph
    "{0C141E39-BFED-40B3-ADA2-C58A6DC055E5}" = IP Camera Tool
    "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
    "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
    "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
    "{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
    "{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support
    "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
    "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
    "{21AED9AC-929B-446B-8DE9-6D808CC38783}" = PD Media Converter
    "{26A24AE4-039D-4CA4-87B4-2F83217045F0}" = Java 7 Update 45
    "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
    "{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
    "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
    "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{405ABBEB-8DF1-4174-86C0-DCB5E1C78F14}" = NetDeviceManager
    "{43BEEE26-01A8-4EEE-8632-2353261E3B55}" = RemoteComms driver
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
    "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
    "{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" = Driver Support
    "{59D268DF-CCA9-44C5-8F96-2E51BB34C829}" = Microsoft Security Client
    "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
    "{616445AF-BBCF-41C1-A4D6-8CFF171C182D}" = iTunes
    "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}" = iCloud
    "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
    "{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
    "{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
    "{8307E622-89E1-435A-BC8A-678C678F6A43}" = SA30xx Media Converter
    "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
    "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
    "{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
    "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
    "{9C767081-9DB1-4C02-AB02-0E692CFEDA41}" = ASUS RT-N66R Wireless Router Utilities
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
    "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
    "{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
    "{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
    "{B025BA0B-64A6-46DE-9D64-32965C83CCA9}" = Citrix Online Launcher
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
    "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
    "{C716522C-3731-4667-8579-40B098294500}" = Toolbox
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
    "{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
    "{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
    "{CC38C3D1-0359-4308-9DB8-194F8D92B2B6}" = PD Media Converter
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
    "{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
    "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
    "{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
    "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
    "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
    "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
    "{EFDD7E37-19B9-42BC-8200-4680F52ED786}" = AT&T Global Network Client LaptopConnect Edition
    "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
    "{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
    "{F7226FD8-04F4-45E8-B742-2F2C68B545BF}" = AT&T Global Network Client LaptopConnect Edition
    "{F804CAE5-50B2-4646-803A-A428325237CA}" = Driver Installer
    "{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
    "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
    "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
    "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
    "ConverterLite" = ConverterLite 1.6.6.0
    "ESET Online Scanner" = ESET Online Scanner v3
    "HP Imaging Device Functions" = HP Imaging Device Functions 8.0
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
    "HPExtendedCapabilities" = HP Customer Participation Program 8.0
    "HPOCR" = HP OCR Software 8.0
    "InstallShield_{0BFCE729-2C99-4D94-944E-4B57878D3576}" = MyMorph
    "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
    "MediaMonkey_is1" = MediaMonkey 3.2
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft Security Client" = Microsoft Security Essentials
    "Network MagicUninstall" = Network Magic
    "NoIPDUC" = No-IP DUC
    "PCTV To Go Player_is1" = PCTV To Go Player 1.7.0.231
    "PCTV To Go_is1" = PCTV To Go Setup Wizard 1.7.0.249
    "Rhapsody" = Rhapsody
    "VLC media player" = VLC media player 2.0.6
    "WinImage" = WinImage
    "Wuala CBFS" = Wuala CBFS
    "Wuala OverlayIcons" = Wuala OverlayIcons

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface
    "GoToMeeting" = GoToMeeting 6.3.0.1468
    "Wuala" = Wuala

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:35 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/30/2014 7:50:06 AM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application AdwareRemover.exe, version 5.4.0.0, time stamp
    0x4f730d6b, faulting module engine.dll, version 5.4.0.0, time stamp 0x4f730d4e,
    exception code 0x40000015, fault offset 0x0018653c, process id 0x1b04, application
    start time 0x01cfabec5162f477.

    Error - 7/30/2014 7:50:49 AM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application AdwareRemover.exe, version 5.4.0.0, time stamp
    0x4f730d6b, faulting module engine.dll, version 5.4.0.0, time stamp 0x4f730d4e,
    exception code 0x40000015, fault offset 0x0018653c, process id 0x19d8, application
    start time 0x01cfabec6fdd1c07.

    Error - 7/30/2014 8:06:35 AM | Computer Name = capndavid200-PC | Source = Perflib | ID = 1010
    Description =

    Error - 7/30/2014 8:06:36 AM | Computer Name = capndavid200-PC | Source = Perflib | ID = 1008
    Description =

    Error - 7/30/2014 12:28:30 PM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application ApplePhotoStreams.exe, version 7.7.1.7, time
    stamp 0x516e136b, faulting module ApplePhotoStreams_main.dll, version 7.7.1.7, time
    stamp 0x5243dace, exception code 0xc0000005, fault offset 0x000dc4da, process id
    0x1654, application start time 0x01cfabee90ee2974.

    Error - 7/30/2014 4:37:12 PM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application GenieTimelineService.exe, version 2.0.195.243,
    time stamp 0x4d494446, faulting module RPCRT4.dll, version 6.0.6002.18882, time
    stamp 0x51dd2d9c, exception code 0xc0000096, fault offset 0x0000126c, process id
    0x80c, application start time 0x01cfabedfb02a534.

    [ Broadcom Wireless LAN Events ]
    Error - 4/15/2014 4:52:39 PM | Computer Name = CAPNDAVID200-PC | Source = WLAN-Tray | ID = 0
    Description = 15:52:39, Tue, Apr 15, 14 Error - Unable to gain access to user store


    [ Media Center Events ]
    Error - 2/23/2014 1:19:05 PM | Computer Name = capndavid200-PC | Source = MCUpdate | ID = 0
    Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
    due to an abandoned mutex.'.

    [ System Events ]
    Error - 7/30/2014 7:58:34 AM | Computer Name = capndavid200-PC | Source = DCOM | ID = 10010
    Description =

    Error - 7/30/2014 8:01:21 AM | Computer Name = capndavid200-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:03:40 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7011
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7009
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:06:42 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7022
    Description =


    < End of report >

  6. #6
    Member
    Join Date
    Dec 2008
    Location
    Austin, Texas
    Posts
    102
    Points
    4
    Blog Entries
    1

    Default

    Here ye go Zep215....good luck, looks like greek to me..

    OTL logfile created on: 7/30/2014 9:08:08 PM - Run 8
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\capndavid2001\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.42% Memory free
    6.17 Gb Paging File | 3.98 Gb Available in Paging File | 64.49% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 136.47 Gb Total Space | 7.84 Gb Free Space | 5.74% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.49 Gb Free Space | 54.93% Space Free | Partition Type: NTFS

    Computer Name: CAPNDAVID200-PC | User Name: capndavid2001 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/07/30 21:05:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    PRC - [2014/06/18 20:58:36 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
    PRC - [2014/06/16 17:14:36 | 005,626,136 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    PRC - [2014/04/17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe
    PRC - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/10/31 14:47:38 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2013/10/31 14:47:20 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
    PRC - [2013/10/02 04:02:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    PRC - [2013/07/18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
    PRC - [2013/07/18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2013/07/18 16:49:24 | 000,995,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2012/09/07 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2010/07/04 20:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    PRC - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
    PRC - [2010/06/10 15:26:12 | 000,079,200 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\NetLogSvc.exe
    PRC - [2010/06/10 15:26:00 | 000,476,000 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\netcfgsvr.exe
    PRC - [2010/06/10 15:25:40 | 000,349,536 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\NetClientSvc.exe
    PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
    PRC - [2007/09/27 23:54:54 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    PRC - [2007/09/27 23:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
    PRC - [2007/09/27 23:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
    PRC - [2007/09/24 04:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
    PRC - [2007/09/24 04:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
    PRC - [2007/09/24 04:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
    PRC - [2007/09/24 04:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
    PRC - [2007/07/20 19:13:26 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
    PRC - [2007/07/11 09:15:58 | 000,202,800 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    PRC - [2007/07/11 09:15:38 | 000,198,704 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    PRC - [2007/06/27 18:03:18 | 000,125,952 | ---- | M] (Pinnacle Systems Inc.) -- C:\Program Files\Pinnacle\Drivers\pctvsvc.exe
    PRC - [2007/04/16 17:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
    PRC - [2007/03/15 13:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
    PRC - [1999/02/01 18:53:24 | 000,405,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\1033\MSOFFICE.EXE


    ========== Modules (No Company Name) ==========

    MOD - [2014/05/20 06:53:04 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\fbf434299b068c463296945c12845734\System.Runtime.Remoting.ni.dll
    MOD - [2014/03/08 20:53:51 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
    MOD - [2014/03/08 20:53:00 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
    MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2013/09/14 02:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
    MOD - [2013/09/14 02:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
    MOD - [2008/01/28 11:15:28 | 000,073,728 | ---- | M] () -- c:\Program Files\MyMorph\Mcmh.dll
    MOD - [2007/09/26 05:47:30 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
    MOD - [2007/03/21 14:33:40 | 000,065,536 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- C:\Windows\System32\WLTRYSVC.EXE %C:\Windows%\System32\bcmwltry.exe -- (wltrysvc)
    SRV - [2014/07/08 16:51:52 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/07/18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2013/07/18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2012/09/07 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
    SRV - [2010/06/10 15:26:12 | 000,079,200 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\NetLogSvc.exe -- (NetLogSvc)
    SRV - [2010/06/10 15:26:00 | 000,476,000 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\netcfgsvr.exe -- (netcfgsvr)
    SRV - [2010/06/10 15:25:40 | 000,349,536 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\NetClientSvc.exe -- (NetClientSvc)
    SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
    SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/09/27 23:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
    SRV - [2007/09/27 23:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
    SRV - [2007/07/11 09:15:58 | 000,202,800 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
    SRV - [2007/06/27 18:03:18 | 000,125,952 | ---- | M] () [Auto | Running] -- C:\Program Files\Pinnacle\PCTV To Go Setup Wizard\..\Drivers\pctvsvc.exe -- (pctvsvc)
    SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
    SRV - [2007/03/19 13:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [File_System | On_Demand | Stopped] -- system32\DRIVERS\SNDMon.sys -- (SNDMon)
    DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\pnarp.sys -- (pnarp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B5898220-7F72-4066-9483-77749B57B46C}\MpKsl4a6ddd76.sys -- (MpKsl4a6ddd76)
    DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\CAPNDA~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\CAPNDA~1\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2014/07/30 20:31:59 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
    DRV - [2014/05/12 07:26:04 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
    DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2013/06/18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/05/16 11:44:17 | 000,083,968 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swiwdmbx.sys -- (swiwdmbx)
    DRV - [2011/05/13 13:53:00 | 000,215,552 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swg3kser00.sys -- (swg3kser00)
    DRV - [2011/03/03 14:40:22 | 000,208,128 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8ua3.sys -- (SWNC8UA3)
    DRV - [2011/01/17 12:24:58 | 000,275,088 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cbfs3.sys -- (cbfs3)
    DRV - [2010/09/07 01:27:22 | 000,028,672 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PcaSp60.sys -- (PcaSp60)
    DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
    DRV - [2010/06/10 15:08:20 | 000,166,912 | ---- | M] (AT&T) [Kernel | System | Running] -- C:\Windows\System32\drivers\agnfilt.sys -- (agnfilt)
    DRV - [2010/04/26 21:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
    DRV - [2010/04/26 21:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus)
    DRV - [2010/04/26 21:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
    DRV - [2010/02/25 13:48:16 | 000,011,392 | ---- | M] (AT&T) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avpnnic.sys -- (avpnnic)
    DRV - [2009/09/28 09:55:38 | 000,052,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OXSDIDRV_x32.sys -- (OXSDIDRV_x32)
    DRV - [2008/08/22 10:05:42 | 000,026,760 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
    DRV - [2007/09/27 23:54:56 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
    DRV - [2007/09/24 04:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2007/06/27 18:03:18 | 000,347,904 | ---- | M] (Pinnacle Sytems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCTV_10.sys -- (HavaTV_10)
    DRV - [2007/06/27 18:03:18 | 000,347,904 | ---- | M] (Pinnacle Sytems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCTV.sys -- (HAVATV)
    DRV - [2007/06/27 18:03:18 | 000,025,088 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvbus.sys -- (pctvbus)
    DRV - [2007/06/27 18:03:18 | 000,016,384 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvkey.sys -- (BoosterKey)
    DRV - [2007/06/27 18:03:18 | 000,014,848 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvnet.sys -- (havanet)
    DRV - [2007/02/25 13:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
    DRV - [2006/11/27 02:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
    DRV - [2006/11/27 02:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2006/11/27 02:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2006/11/21 07:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
    DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
    DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
    DRV - [2006/10/05 18:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
    DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.duckduckgo
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fox Business | Business News & Stock Quotes - Saving & Investing
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 AB 03 61 56 73 CF 01 [binary data]
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\..\SearchScopes\{7CCA6552-433F-49F0-BC32-E896736B4338}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20131250,20028,0,18,0
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\capndavid2001\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

    [2013/12/10 21:39:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\capndavid2001\AppData\Roaming\Mozilla\Extensions

    O1 HOSTS File: ([2013/07/18 20:27:15 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
    O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [Akamai NetSession Interface] C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} https://172.25.75.24/auth/taweb.cab (Cisco NAC Web Agent Control)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} https://172.25.75.24/auth/CCALogin.CAB (CCAWebLogin Control)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25CCCF37-120D-4D4A-8F10-CFEA457F0E33}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CAA0F40-D16B-4DC4-A6CB-077BD9F28F0F}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{862AA2AE-2419-4156-A2FC-BE9019C79955}: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O24 - Desktop WallPaper: C:\Users\capndavid2001\Pictures\Vic and Me\014.JPG
    O24 - Desktop BackupWallPaper: C:\Users\capndavid2001\Pictures\Vic and Me\014.JPG
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/07/30 21:04:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    [2014/07/29 16:16:47 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    [2014/07/29 16:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    [2014/07/29 16:14:55 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
    [2014/07/29 16:14:52 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
    [2014/07/29 16:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
    [2014/07/29 16:10:51 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2014/07/29 16:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2014/07/28 18:30:36 | 000,000,000 | ---D | C] -- C:\Windows\TempC9F24143-61BD-58D9-18F4-84B57D61D954-Signatures
    [2014/07/28 18:29:43 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
    [2014/07/28 18:29:24 | 000,000,000 | ---D | C] -- C:\Users\capndavid2001\AppData\Local\PC_Drivers_Headquarters
    [2014/07/28 18:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Support
    [2014/07/28 18:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
    [2014/07/28 18:24:00 | 000,000,000 | ---D | C] -- C:\Windows\TempEA70F672-9CB8-7A18-335F-7489F83E2FA4-Signatures
    [2014/07/28 18:21:28 | 000,000,000 | ---D | C] -- C:\Windows\TempDBA005CD-DD70-A7BD-5BE2-DC154396DB54-Signatures
    [2014/07/28 18:19:59 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
    [2014/07/28 18:18:54 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
    [2014/07/28 18:18:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
    [2014/07/28 17:35:15 | 000,000,000 | ---D | C] -- C:\Windows\TempBC9B5420-9856-E526-ED6E-DD4FF270940D-Signatures
    [2014/07/28 17:32:57 | 000,000,000 | ---D | C] -- C:\Windows\Temp4FF00B39-24D4-D80E-702D-F5CF4319422A-Signatures
    [2014/07/28 17:16:16 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
    [2014/07/28 17:16:10 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2014/07/28 17:15:54 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2014/07/28 17:15:53 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2014/07/28 17:15:52 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2014/07/28 17:15:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2014/07/28 17:15:44 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2014/07/28 17:15:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2014/07/28 17:15:43 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2014/07/28 17:15:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2014/07/28 17:15:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2014/07/28 17:15:39 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2014/07/28 17:15:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2014/07/28 17:15:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

    ========== Files - Modified Within 30 Days ==========

    [2014/07/30 21:05:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    [2014/07/30 21:04:02 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/07/30 21:04:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/07/30 21:01:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/07/30 21:01:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/07/30 20:51:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/07/30 20:42:04 | 000,000,610 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2574564581-2394573384-1249639492-1000.job
    [2014/07/30 20:31:59 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    [2014/07/30 07:00:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/07/30 07:00:54 | 3208,732,672 | -HS- | M] () -- C:\hiberfil.sys
    [2014/07/30 06:59:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2014/07/30 06:54:07 | 001,365,551 | ---- | M] () -- C:\Users\capndavid2001\Desktop\adwcleaner_3.301.exe
    [2014/07/30 06:43:40 | 000,000,788 | ---- | M] () -- C:\Users\capndavid2001\Desktop\cbsidlm-cbsi213-Adware_Remover-ORG-75720238.exe - Shortcut.lnk
    [2014/07/29 16:15:37 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/07/28 18:32:18 | 000,002,113 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2014/07/28 18:28:10 | 000,002,168 | ---- | M] () -- C:\Users\Public\Desktop\Driver Support.lnk
    [2014/07/28 17:45:42 | 000,422,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2014/07/08 16:51:49 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2014/07/08 16:51:49 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

    ========== Files Created - No Company Name ==========

    [2014/07/30 06:53:36 | 001,365,551 | ---- | C] () -- C:\Users\capndavid2001\Desktop\adwcleaner_3.301.exe
    [2014/07/30 06:43:39 | 000,000,788 | ---- | C] () -- C:\Users\capndavid2001\Desktop\cbsidlm-cbsi213-Adware_Remover-ORG-75720238.exe - Shortcut.lnk
    [2014/07/29 16:15:37 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/07/28 18:28:10 | 000,002,168 | ---- | C] () -- C:\Users\Public\Desktop\Driver Support.lnk
    [2013/12/10 21:39:45 | 000,000,162 | ---- | C] () -- C:\Windows\Reimage.ini
    [2013/07/18 20:11:36 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2013/07/18 20:11:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2013/07/18 20:11:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2013/07/18 20:11:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2013/07/18 20:11:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2013/01/08 23:05:13 | 000,148,870 | ---- | C] () -- C:\Windows\hpoins19.dat
    [2013/01/08 23:04:51 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
    [2012/12/10 14:19:37 | 000,003,993 | ---- | C] () -- C:\Windows\checkip.dat
    [2012/11/11 10:23:17 | 000,798,720 | ---- | C] () -- C:\Windows\System32\FCPlayer.dll
    [2012/11/11 10:23:17 | 000,303,104 | ---- | C] () -- C:\Windows\System32\FCPlayer.exe
    [2012/11/11 10:23:17 | 000,180,224 | ---- | C] () -- C:\Windows\System32\FCNetLib.dll
    [2012/11/11 10:23:17 | 000,073,728 | ---- | C] () -- C:\Windows\System32\SearchLib.dll
    [2012/11/11 10:23:17 | 000,069,632 | ---- | C] () -- C:\Windows\System32\IPCamera.exe
    [2012/11/11 10:23:17 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FCSDK.dll
    [2012/03/28 15:07:43 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
    [2012/03/27 20:43:30 | 000,005,864 | ---- | C] () -- C:\Users\capndavid2001\AppData\Local\d3d9caps.dat
    [2012/03/09 10:55:51 | 000,870,128 | ---- | C] () -- C:\Users\capndavid2001\AppData\Roaming\mcs.rma
    [2012/03/08 12:41:00 | 000,057,344 | ---- | C] () -- C:\Users\capndavid2001\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/02/25 13:23:40 | 000,217,942 | ---- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

    ========== ZeroAccess Check ==========

    [2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >



    OTL Extras logfile created on: 7/30/2014 9:08:08 PM - Run 8
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\capndavid2001\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.42% Memory free
    6.17 Gb Paging File | 3.98 Gb Available in Paging File | 64.49% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 136.47 Gb Total Space | 7.84 Gb Free Space | 5.74% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.49 Gb Free Space | 54.93% Space Free | Partition Type: NTFS

    Computer Name: CAPNDAVID200-PC | User Name: capndavid2001 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = ComFile] -- "%1" %*
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00F49B2E-21F2-4C5A-A9C1-59ABD36EA66D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{1559BB74-62AE-4991-87CB-6DBA6759F08C}" = lport=445 | protocol=6 | dir=in | app=system |
    "{1D5D6AED-0CC0-4580-97F5-6302A5B3124D}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{1FE7A8FF-005B-4647-A53D-2B0CAA73F79D}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{1FFD85CD-9D68-4B0A-A72B-D71A0FEC8AB1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{2FE92060-96E7-4E77-A623-A7881DA731F1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{3F3C723D-09F7-45E8-A715-C329A37C11D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{3F91E591-1581-43E6-BF1A-12A75ED43EA5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{41F56659-25CB-4CE3-B984-C60F6900D1BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{4244CC59-0E7F-4C93-A4F0-4FF8F18E4C37}" = lport=1778 | protocol=17 | dir=in | name=pctv service |
    "{4B461AF4-AE5E-4B75-8BE1-815B7E594621}" = lport=1778 | protocol=17 | dir=in | name=pctv service |
    "{63097867-DC89-456B-96EB-CE31F14D506D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{7F5267D9-1084-4E2C-A420-63E8DCDB1895}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{806F6546-279B-4780-A90F-6F3CA35FB517}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{83004F41-C9C4-4661-86B7-B111EB0949AD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{8FC4BA35-FCA2-4F42-AA83-A6C2458BEE80}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{969D7BFF-5AF4-47A7-864F-EC2810BCA9E9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{A2A89208-28B3-4CB2-8112-9130DE0759F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AF0474CE-5CB1-47BD-A97D-8D547CDAAC8D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{C9CF6235-F6EA-47C0-8234-669329398B10}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D4854E8F-72CA-49B8-8542-1C39C0EAF978}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{E76D705A-6B06-4DE8-ABDA-B52B0B42E337}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{EF877196-1745-4F55-9D9B-CD21E255AB86}" = lport=10243 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04A971EE-6069-49B3-BD85-B10B89C7E24B}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "{05A28FED-720D-423A-B2A5-F5DC8CA6CF56}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{0899D5FC-9E8E-4C59-9EB9-DA8C37385FAF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{0A1E8647-9088-4BE0-8187-4A6D8FF2D805}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
    "{0C2418B1-50DF-4608-9179-EECB757DB9A6}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{0CA0F5DB-C5A8-4505-9948-35BA854BA849}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{10F1F1C8-DADF-4FC6-9366-0F44267D67AE}" = protocol=6 | dir=out | app=system |
    "{166158B2-626D-4D36-865E-31B06ABCE650}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{27B16B12-15EE-49A2-B119-B777BD99455E}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
    "{3443AF16-82CB-4D17-864C-E741B2D169D3}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
    "{349C65B7-CF62-4B6E-9E84-B480400FF43D}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
    "{3587AF70-726A-4DC2-9278-2A23F16E40E9}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
    "{38B4474C-38D3-4BBA-B4A3-A0307B52FB47}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{49DDA028-4557-448F-A0D3-5A3AAF210F29}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{4A11D219-93A3-4EB7-BE07-61EC4B317F0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{54B2061D-5E17-4106-871B-11350992582F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{5DF6FF92-3BDF-4245-83ED-220A6CFE3001}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
    "{61506E02-7A3F-456F-9520-6B1E5880A39D}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
    "{62676F7E-5871-41DD-934D-A7C9F52CCE69}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\qiswizard.exe |
    "{66125539-2602-470D-A56C-F2FBBA865960}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{6823EA88-64C7-42D0-9933-7BD91FF32A14}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
    "{6962F3C6-3E75-43AC-9D91-6575AA5DDC87}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
    "{72032D1F-64B3-4351-B977-B4B33078F0EA}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "{746215A5-DAFB-4E29-9185-1DBFF5C541C4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{757CCDEF-3324-4D46-B4D1-4A9D8CC9C51B}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "{7938BDFC-A3B3-4622-876C-CB78BEA948F4}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "{7B765400-D2D3-4ABF-AA5B-5AAFD7FAB5F7}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
    "{7F40835E-D464-440D-B46A-6328FF1EB57B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{976828FB-F910-4E35-92D9-2F42B647F32F}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\qiswizard.exe |
    "{9BAF7144-1EBE-4E8C-820C-F7A8169F185E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
    "{A0037EB3-234A-4050-A634-589340ED0AA8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{AE5A51FC-CFE8-4978-987E-DDB37E29F764}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
    "{B17E28E0-3A78-47F4-BB40-A407EBA33963}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C651FE76-5F42-48AD-B661-62F75C9DFF92}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{C9E3ECD9-0B99-4EB3-8702-AA6990CE97B7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{CDFEF342-B886-428D-BD89-5DE475D2F593}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{D9C88C48-E02F-4E08-B8C7-ABC2F05B0839}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\rescue.exe |
    "{DF8A33EF-F202-46A6-ABEF-0498F18C22CA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E23BCBC9-0AD9-4BAF-9569-ADDF0BAE2DED}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{E2D96D9A-E475-47C3-B2F1-F899B6FBBBB4}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
    "{E8BD7F61-D996-4268-9F3F-5C49D42BA03B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{F0A6D2FA-0B55-4AA2-9F8F-A5DEFB09137C}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
    "{F13066B1-DD11-4C02-AE44-BFD517F80B0B}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\rescue.exe |
    "{FA6B29EB-A5DF-445A-A680-31A5F04C6037}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{FCB1A46D-283C-4981-86B0-36D658EDE0D9}" = protocol=6 | dir=out | app=system |
    "{FE9E6389-612F-4F34-86C0-0F714FEC3B10}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
    "TCP Query User{2B3ACD0C-15AA-49E0-B61F-38D13C6FDCCA}C:\windows\system32\ipcamera.exe" = protocol=6 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "TCP Query User{663DBF95-8538-4F47-A99E-43BAC3E0AFD9}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{69A0CDA6-D08B-49C6-B96E-8EA6180A0057}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{7E0072B4-2BE2-4349-98DF-BEDF1521E740}C:\windows\system32\ipcamera.exe" = protocol=6 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "TCP Query User{B5715681-0BB1-420E-A7E4-94C07A85303D}C:\program files\asus\rt-n66r wireless router utilities\discovery.exe" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "UDP Query User{07DE54B0-2A8B-4E4B-9376-90614A3836A8}C:\windows\system32\ipcamera.exe" = protocol=17 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "UDP Query User{402288E3-8BBC-4CF6-B034-E49907DBECFE}C:\windows\system32\ipcamera.exe" = protocol=17 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "UDP Query User{6C519BAF-E215-4C03-A704-A6817B275FCD}C:\program files\asus\rt-n66r wireless router utilities\discovery.exe" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "UDP Query User{8BBC228B-0AC0-4915-9C2E-8C7E7828524B}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{FACADA1F-CE8B-4AED-8183-EA9F32EA84C8}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
    "{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
    "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
    "{0BFCE729-2C99-4D94-944E-4B57878D3576}" = MyMorph
    "{0C141E39-BFED-40B3-ADA2-C58A6DC055E5}" = IP Camera Tool
    "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
    "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
    "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
    "{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
    "{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support
    "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
    "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
    "{21AED9AC-929B-446B-8DE9-6D808CC38783}" = PD Media Converter
    "{26A24AE4-039D-4CA4-87B4-2F83217045F0}" = Java 7 Update 45
    "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
    "{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
    "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
    "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{405ABBEB-8DF1-4174-86C0-DCB5E1C78F14}" = NetDeviceManager
    "{43BEEE26-01A8-4EEE-8632-2353261E3B55}" = RemoteComms driver
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
    "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
    "{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" = Driver Support
    "{59D268DF-CCA9-44C5-8F96-2E51BB34C829}" = Microsoft Security Client
    "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
    "{616445AF-BBCF-41C1-A4D6-8CFF171C182D}" = iTunes
    "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}" = iCloud
    "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
    "{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
    "{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
    "{8307E622-89E1-435A-BC8A-678C678F6A43}" = SA30xx Media Converter
    "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
    "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
    "{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
    "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
    "{9C767081-9DB1-4C02-AB02-0E692CFEDA41}" = ASUS RT-N66R Wireless Router Utilities
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
    "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
    "{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
    "{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
    "{B025BA0B-64A6-46DE-9D64-32965C83CCA9}" = Citrix Online Launcher
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
    "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
    "{C716522C-3731-4667-8579-40B098294500}" = Toolbox
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
    "{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
    "{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
    "{CC38C3D1-0359-4308-9DB8-194F8D92B2B6}" = PD Media Converter
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
    "{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
    "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
    "{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
    "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
    "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
    "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
    "{EFDD7E37-19B9-42BC-8200-4680F52ED786}" = AT&T Global Network Client LaptopConnect Edition
    "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
    "{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
    "{F7226FD8-04F4-45E8-B742-2F2C68B545BF}" = AT&T Global Network Client LaptopConnect Edition
    "{F804CAE5-50B2-4646-803A-A428325237CA}" = Driver Installer
    "{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
    "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
    "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
    "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
    "ConverterLite" = ConverterLite 1.6.6.0
    "ESET Online Scanner" = ESET Online Scanner v3
    "HP Imaging Device Functions" = HP Imaging Device Functions 8.0
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
    "HPExtendedCapabilities" = HP Customer Participation Program 8.0
    "HPOCR" = HP OCR Software 8.0
    "InstallShield_{0BFCE729-2C99-4D94-944E-4B57878D3576}" = MyMorph
    "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
    "MediaMonkey_is1" = MediaMonkey 3.2
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft Security Client" = Microsoft Security Essentials
    "Network MagicUninstall" = Network Magic
    "NoIPDUC" = No-IP DUC
    "PCTV To Go Player_is1" = PCTV To Go Player 1.7.0.231
    "PCTV To Go_is1" = PCTV To Go Setup Wizard 1.7.0.249
    "Rhapsody" = Rhapsody
    "VLC media player" = VLC media player 2.0.6
    "WinImage" = WinImage
    "Wuala CBFS" = Wuala CBFS
    "Wuala OverlayIcons" = Wuala OverlayIcons

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface
    "GoToMeeting" = GoToMeeting 6.3.0.1468
    "Wuala" = Wuala

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:35 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/30/2014 7:50:06 AM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application AdwareRemover.exe, version 5.4.0.0, time stamp
    0x4f730d6b, faulting module engine.dll, version 5.4.0.0, time stamp 0x4f730d4e,
    exception code 0x40000015, fault offset 0x0018653c, process id 0x1b04, application
    start time 0x01cfabec5162f477.

    Error - 7/30/2014 7:50:49 AM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application AdwareRemover.exe, version 5.4.0.0, time stamp
    0x4f730d6b, faulting module engine.dll, version 5.4.0.0, time stamp 0x4f730d4e,
    exception code 0x40000015, fault offset 0x0018653c, process id 0x19d8, application
    start time 0x01cfabec6fdd1c07.

    Error - 7/30/2014 8:06:35 AM | Computer Name = capndavid200-PC | Source = Perflib | ID = 1010
    Description =

    Error - 7/30/2014 8:06:36 AM | Computer Name = capndavid200-PC | Source = Perflib | ID = 1008
    Description =

    Error - 7/30/2014 12:28:30 PM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application ApplePhotoStreams.exe, version 7.7.1.7, time
    stamp 0x516e136b, faulting module ApplePhotoStreams_main.dll, version 7.7.1.7, time
    stamp 0x5243dace, exception code 0xc0000005, fault offset 0x000dc4da, process id
    0x1654, application start time 0x01cfabee90ee2974.

    Error - 7/30/2014 4:37:12 PM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application GenieTimelineService.exe, version 2.0.195.243,
    time stamp 0x4d494446, faulting module RPCRT4.dll, version 6.0.6002.18882, time
    stamp 0x51dd2d9c, exception code 0xc0000096, fault offset 0x0000126c, process id
    0x80c, application start time 0x01cfabedfb02a534.

    [ Broadcom Wireless LAN Events ]
    Error - 4/15/2014 4:52:39 PM | Computer Name = CAPNDAVID200-PC | Source = WLAN-Tray | ID = 0
    Description = 15:52:39, Tue, Apr 15, 14 Error - Unable to gain access to user store


    [ Media Center Events ]
    Error - 2/23/2014 1:19:05 PM | Computer Name = capndavid200-PC | Source = MCUpdate | ID = 0
    Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
    due to an abandoned mutex.'.

    [ System Events ]
    Error - 7/30/2014 7:58:34 AM | Computer Name = capndavid200-PC | Source = DCOM | ID = 10010
    Description =

    Error - 7/30/2014 8:01:21 AM | Computer Name = capndavid200-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:03:40 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7011
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7009
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:06:42 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7022
    Description =


    < End of report >

  7. #7
    Member
    Join Date
    Dec 2008
    Location
    Austin, Texas
    Posts
    102
    Points
    4
    Blog Entries
    1

    Default OTL Log

    Here ye go Zep215....good luck, looks like greek to me..

    OTL logfile created on: 7/30/2014 9:08:08 PM - Run 8
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\capndavid2001\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.42% Memory free
    6.17 Gb Paging File | 3.98 Gb Available in Paging File | 64.49% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 136.47 Gb Total Space | 7.84 Gb Free Space | 5.74% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.49 Gb Free Space | 54.93% Space Free | Partition Type: NTFS

    Computer Name: CAPNDAVID200-PC | User Name: capndavid2001 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/07/30 21:05:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    PRC - [2014/06/18 20:58:36 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
    PRC - [2014/06/16 17:14:36 | 005,626,136 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    PRC - [2014/04/17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe
    PRC - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/10/31 14:47:38 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2013/10/31 14:47:20 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
    PRC - [2013/10/02 04:02:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    PRC - [2013/07/18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
    PRC - [2013/07/18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2013/07/18 16:49:24 | 000,995,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2012/09/07 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2010/07/04 20:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    PRC - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
    PRC - [2010/06/10 15:26:12 | 000,079,200 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\NetLogSvc.exe
    PRC - [2010/06/10 15:26:00 | 000,476,000 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\netcfgsvr.exe
    PRC - [2010/06/10 15:25:40 | 000,349,536 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\NetClientSvc.exe
    PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
    PRC - [2007/09/27 23:54:54 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    PRC - [2007/09/27 23:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
    PRC - [2007/09/27 23:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
    PRC - [2007/09/24 04:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
    PRC - [2007/09/24 04:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
    PRC - [2007/09/24 04:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
    PRC - [2007/09/24 04:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
    PRC - [2007/07/20 19:13:26 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
    PRC - [2007/07/11 09:15:58 | 000,202,800 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    PRC - [2007/07/11 09:15:38 | 000,198,704 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    PRC - [2007/06/27 18:03:18 | 000,125,952 | ---- | M] (Pinnacle Systems Inc.) -- C:\Program Files\Pinnacle\Drivers\pctvsvc.exe
    PRC - [2007/04/16 17:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
    PRC - [2007/03/15 13:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
    PRC - [1999/02/01 18:53:24 | 000,405,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\1033\MSOFFICE.EXE


    ========== Modules (No Company Name) ==========

    MOD - [2014/05/20 06:53:04 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\fbf434299b068c463296945c12845734\System.Runtime.Remoting.ni.dll
    MOD - [2014/03/08 20:53:51 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
    MOD - [2014/03/08 20:53:00 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
    MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2013/09/14 02:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
    MOD - [2013/09/14 02:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
    MOD - [2008/01/28 11:15:28 | 000,073,728 | ---- | M] () -- c:\Program Files\MyMorph\Mcmh.dll
    MOD - [2007/09/26 05:47:30 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
    MOD - [2007/03/21 14:33:40 | 000,065,536 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- C:\Windows\System32\WLTRYSVC.EXE %C:\Windows%\System32\bcmwltry.exe -- (wltrysvc)
    SRV - [2014/07/08 16:51:52 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/07/18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2013/07/18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2012/09/07 16:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
    SRV - [2010/06/10 15:26:12 | 000,079,200 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\NetLogSvc.exe -- (NetLogSvc)
    SRV - [2010/06/10 15:26:00 | 000,476,000 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\netcfgsvr.exe -- (netcfgsvr)
    SRV - [2010/06/10 15:25:40 | 000,349,536 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\NetClientSvc.exe -- (NetClientSvc)
    SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
    SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/09/27 23:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
    SRV - [2007/09/27 23:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
    SRV - [2007/07/11 09:15:58 | 000,202,800 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
    SRV - [2007/06/27 18:03:18 | 000,125,952 | ---- | M] () [Auto | Running] -- C:\Program Files\Pinnacle\PCTV To Go Setup Wizard\..\Drivers\pctvsvc.exe -- (pctvsvc)
    SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
    SRV - [2007/03/19 13:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [File_System | On_Demand | Stopped] -- system32\DRIVERS\SNDMon.sys -- (SNDMon)
    DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\pnarp.sys -- (pnarp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B5898220-7F72-4066-9483-77749B57B46C}\MpKsl4a6ddd76.sys -- (MpKsl4a6ddd76)
    DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\CAPNDA~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\CAPNDA~1\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2014/07/30 20:31:59 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
    DRV - [2014/05/12 07:26:04 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
    DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2013/06/18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/05/16 11:44:17 | 000,083,968 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swiwdmbx.sys -- (swiwdmbx)
    DRV - [2011/05/13 13:53:00 | 000,215,552 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swg3kser00.sys -- (swg3kser00)
    DRV - [2011/03/03 14:40:22 | 000,208,128 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8ua3.sys -- (SWNC8UA3)
    DRV - [2011/01/17 12:24:58 | 000,275,088 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cbfs3.sys -- (cbfs3)
    DRV - [2010/09/07 01:27:22 | 000,028,672 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PcaSp60.sys -- (PcaSp60)
    DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
    DRV - [2010/06/10 15:08:20 | 000,166,912 | ---- | M] (AT&T) [Kernel | System | Running] -- C:\Windows\System32\drivers\agnfilt.sys -- (agnfilt)
    DRV - [2010/04/26 21:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
    DRV - [2010/04/26 21:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus)
    DRV - [2010/04/26 21:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
    DRV - [2010/02/25 13:48:16 | 000,011,392 | ---- | M] (AT&T) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avpnnic.sys -- (avpnnic)
    DRV - [2009/09/28 09:55:38 | 000,052,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OXSDIDRV_x32.sys -- (OXSDIDRV_x32)
    DRV - [2008/08/22 10:05:42 | 000,026,760 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
    DRV - [2007/09/27 23:54:56 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
    DRV - [2007/09/24 04:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2007/06/27 18:03:18 | 000,347,904 | ---- | M] (Pinnacle Sytems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCTV_10.sys -- (HavaTV_10)
    DRV - [2007/06/27 18:03:18 | 000,347,904 | ---- | M] (Pinnacle Sytems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCTV.sys -- (HAVATV)
    DRV - [2007/06/27 18:03:18 | 000,025,088 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvbus.sys -- (pctvbus)
    DRV - [2007/06/27 18:03:18 | 000,016,384 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvkey.sys -- (BoosterKey)
    DRV - [2007/06/27 18:03:18 | 000,014,848 | ---- | M] (Pinnacle Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctvnet.sys -- (havanet)
    DRV - [2007/02/25 13:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
    DRV - [2006/11/27 02:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
    DRV - [2006/11/27 02:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2006/11/27 02:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2006/11/21 07:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
    DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
    DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
    DRV - [2006/10/05 18:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
    DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.duckduckgo
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fox Business | Business News & Stock Quotes - Saving & Investing
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 AB 03 61 56 73 CF 01 [binary data]
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\..\SearchScopes\{7CCA6552-433F-49F0-BC32-E896736B4338}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20131250,20028,0,18,0
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\capndavid2001\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

    [2013/12/10 21:39:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\capndavid2001\AppData\Roaming\Mozilla\Extensions

    O1 HOSTS File: ([2013/07/18 20:27:15 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
    O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [Akamai NetSession Interface] C:\Users\capndavid2001\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} https://172.25.75.24/auth/taweb.cab (Cisco NAC Web Agent Control)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} https://172.25.75.24/auth/CCALogin.CAB (CCAWebLogin Control)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25CCCF37-120D-4D4A-8F10-CFEA457F0E33}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CAA0F40-D16B-4DC4-A6CB-077BD9F28F0F}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{862AA2AE-2419-4156-A2FC-BE9019C79955}: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
    O24 - Desktop WallPaper: C:\Users\capndavid2001\Pictures\Vic and Me\014.JPG
    O24 - Desktop BackupWallPaper: C:\Users\capndavid2001\Pictures\Vic and Me\014.JPG
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/07/30 21:04:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    [2014/07/29 16:16:47 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    [2014/07/29 16:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    [2014/07/29 16:14:55 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
    [2014/07/29 16:14:52 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
    [2014/07/29 16:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
    [2014/07/29 16:10:51 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2014/07/29 16:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2014/07/28 18:30:36 | 000,000,000 | ---D | C] -- C:\Windows\TempC9F24143-61BD-58D9-18F4-84B57D61D954-Signatures
    [2014/07/28 18:29:43 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
    [2014/07/28 18:29:24 | 000,000,000 | ---D | C] -- C:\Users\capndavid2001\AppData\Local\PC_Drivers_Headquarters
    [2014/07/28 18:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Support
    [2014/07/28 18:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
    [2014/07/28 18:24:00 | 000,000,000 | ---D | C] -- C:\Windows\TempEA70F672-9CB8-7A18-335F-7489F83E2FA4-Signatures
    [2014/07/28 18:21:28 | 000,000,000 | ---D | C] -- C:\Windows\TempDBA005CD-DD70-A7BD-5BE2-DC154396DB54-Signatures
    [2014/07/28 18:19:59 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
    [2014/07/28 18:18:54 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
    [2014/07/28 18:18:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
    [2014/07/28 17:35:15 | 000,000,000 | ---D | C] -- C:\Windows\TempBC9B5420-9856-E526-ED6E-DD4FF270940D-Signatures
    [2014/07/28 17:32:57 | 000,000,000 | ---D | C] -- C:\Windows\Temp4FF00B39-24D4-D80E-702D-F5CF4319422A-Signatures
    [2014/07/28 17:16:16 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
    [2014/07/28 17:16:10 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2014/07/28 17:15:54 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2014/07/28 17:15:53 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2014/07/28 17:15:52 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2014/07/28 17:15:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2014/07/28 17:15:44 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2014/07/28 17:15:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2014/07/28 17:15:43 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2014/07/28 17:15:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2014/07/28 17:15:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2014/07/28 17:15:39 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2014/07/28 17:15:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2014/07/28 17:15:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

    ========== Files - Modified Within 30 Days ==========

    [2014/07/30 21:05:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\capndavid2001\Desktop\OTL.exe
    [2014/07/30 21:04:02 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/07/30 21:04:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/07/30 21:01:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/07/30 21:01:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/07/30 20:51:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/07/30 20:42:04 | 000,000,610 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2574564581-2394573384-1249639492-1000.job
    [2014/07/30 20:31:59 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    [2014/07/30 07:00:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/07/30 07:00:54 | 3208,732,672 | -HS- | M] () -- C:\hiberfil.sys
    [2014/07/30 06:59:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2014/07/30 06:54:07 | 001,365,551 | ---- | M] () -- C:\Users\capndavid2001\Desktop\adwcleaner_3.301.exe
    [2014/07/30 06:43:40 | 000,000,788 | ---- | M] () -- C:\Users\capndavid2001\Desktop\cbsidlm-cbsi213-Adware_Remover-ORG-75720238.exe - Shortcut.lnk
    [2014/07/29 16:15:37 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/07/28 18:32:18 | 000,002,113 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2014/07/28 18:28:10 | 000,002,168 | ---- | M] () -- C:\Users\Public\Desktop\Driver Support.lnk
    [2014/07/28 17:45:42 | 000,422,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2014/07/08 16:51:49 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2014/07/08 16:51:49 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

    ========== Files Created - No Company Name ==========

    [2014/07/30 06:53:36 | 001,365,551 | ---- | C] () -- C:\Users\capndavid2001\Desktop\adwcleaner_3.301.exe
    [2014/07/30 06:43:39 | 000,000,788 | ---- | C] () -- C:\Users\capndavid2001\Desktop\cbsidlm-cbsi213-Adware_Remover-ORG-75720238.exe - Shortcut.lnk
    [2014/07/29 16:15:37 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/07/28 18:28:10 | 000,002,168 | ---- | C] () -- C:\Users\Public\Desktop\Driver Support.lnk
    [2013/12/10 21:39:45 | 000,000,162 | ---- | C] () -- C:\Windows\Reimage.ini
    [2013/07/18 20:11:36 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2013/07/18 20:11:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2013/07/18 20:11:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2013/07/18 20:11:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2013/07/18 20:11:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2013/01/08 23:05:13 | 000,148,870 | ---- | C] () -- C:\Windows\hpoins19.dat
    [2013/01/08 23:04:51 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
    [2012/12/10 14:19:37 | 000,003,993 | ---- | C] () -- C:\Windows\checkip.dat
    [2012/11/11 10:23:17 | 000,798,720 | ---- | C] () -- C:\Windows\System32\FCPlayer.dll
    [2012/11/11 10:23:17 | 000,303,104 | ---- | C] () -- C:\Windows\System32\FCPlayer.exe
    [2012/11/11 10:23:17 | 000,180,224 | ---- | C] () -- C:\Windows\System32\FCNetLib.dll
    [2012/11/11 10:23:17 | 000,073,728 | ---- | C] () -- C:\Windows\System32\SearchLib.dll
    [2012/11/11 10:23:17 | 000,069,632 | ---- | C] () -- C:\Windows\System32\IPCamera.exe
    [2012/11/11 10:23:17 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FCSDK.dll
    [2012/03/28 15:07:43 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
    [2012/03/27 20:43:30 | 000,005,864 | ---- | C] () -- C:\Users\capndavid2001\AppData\Local\d3d9caps.dat
    [2012/03/09 10:55:51 | 000,870,128 | ---- | C] () -- C:\Users\capndavid2001\AppData\Roaming\mcs.rma
    [2012/03/08 12:41:00 | 000,057,344 | ---- | C] () -- C:\Users\capndavid2001\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/02/25 13:23:40 | 000,217,942 | ---- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

    ========== ZeroAccess Check ==========

    [2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >



    OTL Extras logfile created on: 7/30/2014 9:08:08 PM - Run 8
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\capndavid2001\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.42% Memory free
    6.17 Gb Paging File | 3.98 Gb Available in Paging File | 64.49% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 136.47 Gb Total Space | 7.84 Gb Free Space | 5.74% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 5.49 Gb Free Space | 54.93% Space Free | Partition Type: NTFS

    Computer Name: CAPNDAVID200-PC | User Name: capndavid2001 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = ComFile] -- "%1" %*
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00F49B2E-21F2-4C5A-A9C1-59ABD36EA66D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{1559BB74-62AE-4991-87CB-6DBA6759F08C}" = lport=445 | protocol=6 | dir=in | app=system |
    "{1D5D6AED-0CC0-4580-97F5-6302A5B3124D}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{1FE7A8FF-005B-4647-A53D-2B0CAA73F79D}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{1FFD85CD-9D68-4B0A-A72B-D71A0FEC8AB1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{2FE92060-96E7-4E77-A623-A7881DA731F1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{3F3C723D-09F7-45E8-A715-C329A37C11D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{3F91E591-1581-43E6-BF1A-12A75ED43EA5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{41F56659-25CB-4CE3-B984-C60F6900D1BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{4244CC59-0E7F-4C93-A4F0-4FF8F18E4C37}" = lport=1778 | protocol=17 | dir=in | name=pctv service |
    "{4B461AF4-AE5E-4B75-8BE1-815B7E594621}" = lport=1778 | protocol=17 | dir=in | name=pctv service |
    "{63097867-DC89-456B-96EB-CE31F14D506D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{7F5267D9-1084-4E2C-A420-63E8DCDB1895}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{806F6546-279B-4780-A90F-6F3CA35FB517}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{83004F41-C9C4-4661-86B7-B111EB0949AD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{8FC4BA35-FCA2-4F42-AA83-A6C2458BEE80}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{969D7BFF-5AF4-47A7-864F-EC2810BCA9E9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{A2A89208-28B3-4CB2-8112-9130DE0759F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AF0474CE-5CB1-47BD-A97D-8D547CDAAC8D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{C9CF6235-F6EA-47C0-8234-669329398B10}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D4854E8F-72CA-49B8-8542-1C39C0EAF978}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{E76D705A-6B06-4DE8-ABDA-B52B0B42E337}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{EF877196-1745-4F55-9D9B-CD21E255AB86}" = lport=10243 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04A971EE-6069-49B3-BD85-B10B89C7E24B}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "{05A28FED-720D-423A-B2A5-F5DC8CA6CF56}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{0899D5FC-9E8E-4C59-9EB9-DA8C37385FAF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{0A1E8647-9088-4BE0-8187-4A6D8FF2D805}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
    "{0C2418B1-50DF-4608-9179-EECB757DB9A6}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{0CA0F5DB-C5A8-4505-9948-35BA854BA849}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{10F1F1C8-DADF-4FC6-9366-0F44267D67AE}" = protocol=6 | dir=out | app=system |
    "{166158B2-626D-4D36-865E-31B06ABCE650}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{27B16B12-15EE-49A2-B119-B777BD99455E}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
    "{3443AF16-82CB-4D17-864C-E741B2D169D3}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
    "{349C65B7-CF62-4B6E-9E84-B480400FF43D}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
    "{3587AF70-726A-4DC2-9278-2A23F16E40E9}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
    "{38B4474C-38D3-4BBA-B4A3-A0307B52FB47}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{49DDA028-4557-448F-A0D3-5A3AAF210F29}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{4A11D219-93A3-4EB7-BE07-61EC4B317F0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{54B2061D-5E17-4106-871B-11350992582F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{5DF6FF92-3BDF-4245-83ED-220A6CFE3001}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
    "{61506E02-7A3F-456F-9520-6B1E5880A39D}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
    "{62676F7E-5871-41DD-934D-A7C9F52CCE69}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\qiswizard.exe |
    "{66125539-2602-470D-A56C-F2FBBA865960}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{6823EA88-64C7-42D0-9933-7BD91FF32A14}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
    "{6962F3C6-3E75-43AC-9D91-6575AA5DDC87}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
    "{72032D1F-64B3-4351-B977-B4B33078F0EA}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "{746215A5-DAFB-4E29-9185-1DBFF5C541C4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{757CCDEF-3324-4D46-B4D1-4A9D8CC9C51B}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "{7938BDFC-A3B3-4622-876C-CB78BEA948F4}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "{7B765400-D2D3-4ABF-AA5B-5AAFD7FAB5F7}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
    "{7F40835E-D464-440D-B46A-6328FF1EB57B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{976828FB-F910-4E35-92D9-2F42B647F32F}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\qiswizard.exe |
    "{9BAF7144-1EBE-4E8C-820C-F7A8169F185E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
    "{A0037EB3-234A-4050-A634-589340ED0AA8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{AE5A51FC-CFE8-4978-987E-DDB37E29F764}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
    "{B17E28E0-3A78-47F4-BB40-A407EBA33963}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C651FE76-5F42-48AD-B661-62F75C9DFF92}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{C9E3ECD9-0B99-4EB3-8702-AA6990CE97B7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{CDFEF342-B886-428D-BD89-5DE475D2F593}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{D9C88C48-E02F-4E08-B8C7-ABC2F05B0839}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\rescue.exe |
    "{DF8A33EF-F202-46A6-ABEF-0498F18C22CA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E23BCBC9-0AD9-4BAF-9569-ADDF0BAE2DED}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{E2D96D9A-E475-47C3-B2F1-F899B6FBBBB4}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
    "{E8BD7F61-D996-4268-9F3F-5C49D42BA03B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{F0A6D2FA-0B55-4AA2-9F8F-A5DEFB09137C}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
    "{F13066B1-DD11-4C02-AE44-BFD517F80B0B}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\rescue.exe |
    "{FA6B29EB-A5DF-445A-A680-31A5F04C6037}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{FCB1A46D-283C-4981-86B0-36D658EDE0D9}" = protocol=6 | dir=out | app=system |
    "{FE9E6389-612F-4F34-86C0-0F714FEC3B10}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
    "TCP Query User{2B3ACD0C-15AA-49E0-B61F-38D13C6FDCCA}C:\windows\system32\ipcamera.exe" = protocol=6 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "TCP Query User{663DBF95-8538-4F47-A99E-43BAC3E0AFD9}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{69A0CDA6-D08B-49C6-B96E-8EA6180A0057}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{7E0072B4-2BE2-4349-98DF-BEDF1521E740}C:\windows\system32\ipcamera.exe" = protocol=6 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "TCP Query User{B5715681-0BB1-420E-A7E4-94C07A85303D}C:\program files\asus\rt-n66r wireless router utilities\discovery.exe" = protocol=6 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "UDP Query User{07DE54B0-2A8B-4E4B-9376-90614A3836A8}C:\windows\system32\ipcamera.exe" = protocol=17 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "UDP Query User{402288E3-8BBC-4CF6-B034-E49907DBECFE}C:\windows\system32\ipcamera.exe" = protocol=17 | dir=in | app=c:\windows\system32\ipcamera.exe |
    "UDP Query User{6C519BAF-E215-4C03-A704-A6817B275FCD}C:\program files\asus\rt-n66r wireless router utilities\discovery.exe" = protocol=17 | dir=in | app=c:\program files\asus\rt-n66r wireless router utilities\discovery.exe |
    "UDP Query User{8BBC228B-0AC0-4915-9C2E-8C7E7828524B}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{FACADA1F-CE8B-4AED-8183-EA9F32EA84C8}C:\users\capndavid2001\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\capndavid2001\appdata\local\akamai\netsession_win.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
    "{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
    "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
    "{0BFCE729-2C99-4D94-944E-4B57878D3576}" = MyMorph
    "{0C141E39-BFED-40B3-ADA2-C58A6DC055E5}" = IP Camera Tool
    "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
    "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
    "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
    "{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
    "{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support
    "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
    "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
    "{21AED9AC-929B-446B-8DE9-6D808CC38783}" = PD Media Converter
    "{26A24AE4-039D-4CA4-87B4-2F83217045F0}" = Java 7 Update 45
    "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
    "{289CDCBA-1E82-460A-9DCA-E9FB6BAC1A42}" = SA30xx Device Manager
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
    "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
    "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{405ABBEB-8DF1-4174-86C0-DCB5E1C78F14}" = NetDeviceManager
    "{43BEEE26-01A8-4EEE-8632-2353261E3B55}" = RemoteComms driver
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
    "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
    "{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" = Driver Support
    "{59D268DF-CCA9-44C5-8F96-2E51BB34C829}" = Microsoft Security Client
    "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
    "{616445AF-BBCF-41C1-A4D6-8CFF171C182D}" = iTunes
    "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}" = iCloud
    "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
    "{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
    "{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
    "{8307E622-89E1-435A-BC8A-678C678F6A43}" = SA30xx Media Converter
    "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
    "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
    "{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
    "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
    "{9C767081-9DB1-4C02-AB02-0E692CFEDA41}" = ASUS RT-N66R Wireless Router Utilities
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
    "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
    "{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
    "{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
    "{B025BA0B-64A6-46DE-9D64-32965C83CCA9}" = Citrix Online Launcher
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
    "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
    "{C716522C-3731-4667-8579-40B098294500}" = Toolbox
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
    "{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
    "{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
    "{CC38C3D1-0359-4308-9DB8-194F8D92B2B6}" = PD Media Converter
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
    "{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
    "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
    "{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
    "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
    "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
    "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
    "{EFDD7E37-19B9-42BC-8200-4680F52ED786}" = AT&T Global Network Client LaptopConnect Edition
    "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
    "{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
    "{F7226FD8-04F4-45E8-B742-2F2C68B545BF}" = AT&T Global Network Client LaptopConnect Edition
    "{F804CAE5-50B2-4646-803A-A428325237CA}" = Driver Installer
    "{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
    "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
    "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
    "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
    "ConverterLite" = ConverterLite 1.6.6.0
    "ESET Online Scanner" = ESET Online Scanner v3
    "HP Imaging Device Functions" = HP Imaging Device Functions 8.0
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
    "HPExtendedCapabilities" = HP Customer Participation Program 8.0
    "HPOCR" = HP OCR Software 8.0
    "InstallShield_{0BFCE729-2C99-4D94-944E-4B57878D3576}" = MyMorph
    "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
    "MediaMonkey_is1" = MediaMonkey 3.2
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft Security Client" = Microsoft Security Essentials
    "Network MagicUninstall" = Network Magic
    "NoIPDUC" = No-IP DUC
    "PCTV To Go Player_is1" = PCTV To Go Player 1.7.0.231
    "PCTV To Go_is1" = PCTV To Go Setup Wizard 1.7.0.249
    "Rhapsody" = Rhapsody
    "VLC media player" = VLC media player 2.0.6
    "WinImage" = WinImage
    "Wuala CBFS" = Wuala CBFS
    "Wuala OverlayIcons" = Wuala OverlayIcons

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2574564581-2394573384-1249639492-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface
    "GoToMeeting" = GoToMeeting 6.3.0.1468
    "Wuala" = Wuala

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:32 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/29/2014 8:22:35 PM | Computer Name = capndavid200-PC | Source = MsiInstaller | ID = 11305
    Description =

    Error - 7/30/2014 7:50:06 AM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application AdwareRemover.exe, version 5.4.0.0, time stamp
    0x4f730d6b, faulting module engine.dll, version 5.4.0.0, time stamp 0x4f730d4e,
    exception code 0x40000015, fault offset 0x0018653c, process id 0x1b04, application
    start time 0x01cfabec5162f477.

    Error - 7/30/2014 7:50:49 AM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application AdwareRemover.exe, version 5.4.0.0, time stamp
    0x4f730d6b, faulting module engine.dll, version 5.4.0.0, time stamp 0x4f730d4e,
    exception code 0x40000015, fault offset 0x0018653c, process id 0x19d8, application
    start time 0x01cfabec6fdd1c07.

    Error - 7/30/2014 8:06:35 AM | Computer Name = capndavid200-PC | Source = Perflib | ID = 1010
    Description =

    Error - 7/30/2014 8:06:36 AM | Computer Name = capndavid200-PC | Source = Perflib | ID = 1008
    Description =

    Error - 7/30/2014 12:28:30 PM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application ApplePhotoStreams.exe, version 7.7.1.7, time
    stamp 0x516e136b, faulting module ApplePhotoStreams_main.dll, version 7.7.1.7, time
    stamp 0x5243dace, exception code 0xc0000005, fault offset 0x000dc4da, process id
    0x1654, application start time 0x01cfabee90ee2974.

    Error - 7/30/2014 4:37:12 PM | Computer Name = capndavid200-PC | Source = Application Error | ID = 1000
    Description = Faulting application GenieTimelineService.exe, version 2.0.195.243,
    time stamp 0x4d494446, faulting module RPCRT4.dll, version 6.0.6002.18882, time
    stamp 0x51dd2d9c, exception code 0xc0000096, fault offset 0x0000126c, process id
    0x80c, application start time 0x01cfabedfb02a534.

    [ Broadcom Wireless LAN Events ]
    Error - 4/15/2014 4:52:39 PM | Computer Name = CAPNDAVID200-PC | Source = WLAN-Tray | ID = 0
    Description = 15:52:39, Tue, Apr 15, 14 Error - Unable to gain access to user store


    [ Media Center Events ]
    Error - 2/23/2014 1:19:05 PM | Computer Name = capndavid200-PC | Source = MCUpdate | ID = 0
    Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
    due to an abandoned mutex.'.

    [ System Events ]
    Error - 7/30/2014 7:58:34 AM | Computer Name = capndavid200-PC | Source = DCOM | ID = 10010
    Description =

    Error - 7/30/2014 8:01:21 AM | Computer Name = capndavid200-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:02:59 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:03:40 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7011
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7009
    Description =

    Error - 7/30/2014 8:05:30 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 7/30/2014 8:06:42 AM | Computer Name = capndavid200-PC | Source = Service Control Manager | ID = 7022
    Description =


    < End of report >

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,167
    Points
    1305

    Default

    Drive C: | 136.47 Gb Total Space | 7.84 Gb Free Space | 5.74% Space Free | Partition Type: NTFS

    Better free up some space, or the drive will have issues, we need 20% free space you have 6% , other wise the log looks ok.

    That program you're trying to uninstall, I don't see it listed in the programs an Features list. Try uninstalling it in safe mode, or use revo uninstaller.

    Please download and install Revo Uninstaller Free
    • Double click Revo Uninstaller to run it.
    • From the list of programs double click on The Program to remove
    • When prompted if you want to uninstall click Yes.
    • Be sure the Moderate option is selected then click Next.
    • The program will run, If prompted again click Yes
    • when the built-in uninstaller is finished click on Next.
    • Once the program has searched for leftovers click Next.
    • Check/tick the bolded items only on the list then click Delete
    • when prompted click on Yes and then on next.
    • put a check on any folders that are found and select delete
    • when prompted select yes then on next
    • Once done click Finish.

  9. The Following User Says Thank You to zep516 For This Useful Post:


  10. #9
    Member
    Join Date
    Dec 2008
    Location
    Austin, Texas
    Posts
    102
    Points
    4
    Blog Entries
    1

    Default

    Wow Zep516 your advice was the answer....the application is removed and the PC is running smooth now. Thank you so much and I have never been disappointed when asking for help from this help2go site. Thanks so much.
    Any advice on how to free up memory is appreciated......

  11. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,167
    Points
    1305

    Default

    Hello


    Any advice on how to free up memory is appreciated
    Not memory, but hard drive space. Remove programs you're not using, move pictures, videos to an external drive etc ect.......

    Clean out your temporary internet files and temp files.

    Download TFC by OldTimer http://oldtimer.geekstogo.com/TFC.exe to your desktop.

    Double-click TFC.exe to run it.

    Note: If you are running on Vista, right-click on the file and choose Run As Administrator

    TFC will close all programs when run, so make sure you have saved all your work before you begin.

    * Click the Start button to begin the cleaning process.
    * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
    * Please let TFC run uninterrupted until it is finished.

    Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.