[RESOLVED] Computer comprimised - Page 3
Page 3 of 4 FirstFirst 1234 LastLast
Results 31 to 45 of 58

Thread: [RESOLVED] Computer comprimised

  1. #31
    Join Date
    Mar 2014
    Posts
    557
    So I'm unable to download anything.

  2. #32
    Join Date
    Mar 2014
    Posts
    557
    The internet troubleshooter is telling me that my wireless security types do not match and I made sure with my company that they did.

  3. #33
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I'm not sure if I understand.
    You disconnected to add what password and why?

    What's the error?

  4. #34
    Join Date
    Mar 2014
    Posts
    557
    I wanted it so that every time anyone tried to log on to my network they would have to provide the password. I couldn't get it working after that. It tells me that the network security does not match. I called my provider and they said I had it all right. I've tried everything I can think of. Both of our other computers connect fine and I can get this one to connect if it's hooked up to an Ethernet cable.

  5. #35
    Join Date
    Mar 2014
    Posts
    557
    Exactly the error message says the settings saved on this computer for the network do not match the requirements of the network.

  6. #36
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Do you mean you went to your router setup page?

  7. #37
    Join Date
    Mar 2014
    Posts
    557
    I think I went to the manage wireless networks that use wireless network connection. I got into the properties and pulled up the security tab. I put in the security key and then it wouldn't let me back on. I probably should have called my provider instead, but when I did get ahold of them they walked me through trying to get back online by putting everything the way it was. They even tried changing the security key, but now neither the old one or the new one will let me. I just keep getting that same message over and over when I try to connect. Is this something you could help with or should I try to get a service call? I know I sound really naïve about computers and in truth I am. Sorry for all the trouble.

  8. #38
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Since I don't know anything about settings your ISP requires it'd be the best if they could get to your place and fix it up.
    Ultimately you can try to create new topic in Windows forum.

    Come back here when the issue is resolved and we'll continue.

  9. #39
    Join Date
    Mar 2014
    Posts
    557
    Ok, I will. Thank you.

  10. #40
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550

  11. #41
    Join Date
    Mar 2014
    Posts
    557
    I have my internet back up and running. My company says it was likely the virus that blocked me out. I'm going to go ahead and run those scans now and will post the logs as I get them.

  12. #42
    Join Date
    Mar 2014
    Posts
    557
    # AdwCleaner v3.022 - Report created 19/03/2014 at 08:52:35
    # Updated 13/03/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Angela - ANGELA-PC
    # Running from : C:\Users\Angela\Desktop\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    Service Deleted : BackupStack

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Program Files (x86)\BitLord 2
    [#] Folder Deleted : C:\Program Files (x86)\MyPC Backup
    Folder Deleted : C:\Users\Angela\AppData\Roaming\BitLord
    Folder Deleted : C:\Users\Angela\AppData\Roaming\OpenCandy

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16521


    -\\ Google Chrome v33.0.1750.154

    [ File : C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted : homepage
    Deleted : icon_url

    *************************

    AdwCleaner[R0].txt - [2150 octets] - [19/03/2014 08:51:56]
    AdwCleaner[S0].txt - [1668 octets] - [19/03/2014 08:52:35]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1728 octets] ##########

  13. #43
    Join Date
    Mar 2014
    Posts
    557
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.2 (02.20.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Angela on Wed 03/19/2014 at 9:02:04.14
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Wed 03/19/2014 at 9:07:27.21
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  14. #44
    Join Date
    Mar 2014
    Posts
    557
    OTL logfile created on: 3/19/2014 10:34:11 AM - Run 4
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Angela\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16521)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    5.91 Gb Total Physical Memory | 3.81 Gb Available Physical Memory | 64.44% Memory free
    11.82 Gb Paging File | 9.58 Gb Available in Paging File | 81.06% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 451.01 Gb Total Space | 343.09 Gb Free Space | 76.07% Space Free | Partition Type: NTFS

    Computer Name: ANGELA-PC | User Name: Angela | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/03/19 10:24:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTL.exe
    PRC - [2014/02/11 16:05:14 | 000,395,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
    PRC - [2014/02/11 11:54:18 | 002,239,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    PRC - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/12/13 06:16:54 | 000,769,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    PRC - [2013/01/08 11:26:56 | 000,577,536 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    PRC - [2011/05/19 02:16:48 | 000,995,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    PRC - [2011/05/19 02:16:46 | 001,335,360 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    PRC - [2011/05/19 02:16:36 | 000,921,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    PRC - [2011/05/19 02:16:34 | 000,839,744 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
    PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    PRC - [2010/11/17 12:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    PRC - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2010/11/05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2007/08/03 12:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    PRC - [2007/08/03 12:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014/02/13 09:56:58 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\22e28be773484a1432b513983661dbc0\IAStorUtil.ni.dll
    MOD - [2014/02/13 09:56:58 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b1f7b4e15aef3faf382db6ba14c81371\IAStorCommon.ni.dll
    MOD - [2014/02/13 08:49:40 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
    MOD - [2014/02/13 08:49:10 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
    MOD - [2014/02/13 08:49:02 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
    MOD - [2014/02/13 08:48:48 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
    MOD - [2014/02/13 08:48:42 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
    MOD - [2014/02/13 08:48:37 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
    MOD - [2014/02/13 08:48:35 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
    MOD - [2014/02/13 08:48:06 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
    MOD - [2014/02/11 16:09:42 | 032,733,080 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
    MOD - [2013/10/20 16:03:20 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
    MOD - [2007/03/13 11:28:36 | 000,823,296 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/02/28 23:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2014/01/15 04:43:50 | 005,100,392 | ---- | M] (Reimage®) [Auto | Running] -- C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe -- (ReimageRealTimeProtection)
    SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2011/09/15 19:41:28 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV:64bit: - [2011/09/15 19:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
    SRV:64bit: - [2011/09/15 19:24:52 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV:64bit: - [2011/09/15 10:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
    SRV:64bit: - [2011/06/03 13:51:38 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
    SRV:64bit: - [2011/01/25 04:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2009/03/03 05:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
    SRV - [2014/03/11 15:16:28 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2011/05/19 02:16:48 | 000,995,392 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
    SRV - [2011/05/19 02:16:46 | 001,335,360 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
    SRV - [2011/05/19 02:16:36 | 000,921,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
    SRV - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2014/03/16 09:07:09 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
    DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/09/18 03:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
    DRV:64bit: - [2011/09/15 10:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPALP)
    DRV:64bit: - [2011/09/15 10:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPAL)
    DRV:64bit: - [2011/07/19 19:54:06 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
    DRV:64bit: - [2011/07/19 16:13:42 | 000,282,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
    DRV:64bit: - [2011/06/21 16:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus)
    DRV:64bit: - [2011/06/21 16:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
    DRV:64bit: - [2011/06/16 14:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
    DRV:64bit: - [2011/05/19 02:17:04 | 000,053,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
    DRV:64bit: - [2011/05/19 02:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaud.sys -- (btmaudio)
    DRV:64bit: - [2011/05/13 03:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV:64bit: - [2011/04/10 14:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011/01/25 04:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/12/10 16:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV:64bit: - [2010/12/10 16:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
    DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2010/11/06 18:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2010/10/29 19:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2010/10/26 14:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010/09/21 10:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    IE - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    IE - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 13 9D CF 76 43 CF 01 [binary data]
    IE - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
    IE - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)



    ========== Chrome ==========

    CHR - Extension: No name found = C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: No name found = C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: No name found = C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: No name found = C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: No name found = C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
    CHR - Extension: No name found = C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2014/03/17 12:46:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
    O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
    O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
    O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
    O3:64bit: - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
    O3 - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
    O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
    O4 - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
    O4 - Startup: C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3674130756-1144773717-1238336968-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_27)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_27)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_27)
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/soft...02/CTSUEng.cab (Creative Software AutoUpdate)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.51.2)
    O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_51)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_51)
    O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/soft...3/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/soft...0321/CTPID.cab (Creative Software AutoUpdate Support Package)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.116.0.53 24.116.2.50
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DE346BF-6AF2-495C-B05C-3121B7F13499}: DhcpNameServer = 24.116.0.53 24.116.2.50
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2960C6E-C9B2-4A67-9CAA-AD90189E3AF1}: DhcpNameServer = 24.116.0.53 24.116.2.50
    O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
    O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/03/19 10:24:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTL.exe
    [2014/03/19 09:02:01 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
    [2014/03/19 08:51:50 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/03/19 08:31:10 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\Citrix
    [2014/03/17 18:00:25 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\ElevatedDiagnostics
    [2014/03/17 12:48:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2014/03/17 12:37:30 | 000,000,000 | ---D | C] -- C:\ComboFix
    [2014/03/17 08:43:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
    [2014/03/17 08:43:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
    [2014/03/17 08:43:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
    [2014/03/17 08:43:17 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2014/03/17 08:43:03 | 000,000,000 | ---D | C] -- C:\windows\erdnt
    [2014/03/17 08:07:00 | 000,000,000 | ---D | C] -- C:\Users\Angela\New folder
    [2014/03/16 10:51:40 | 000,439,296 | ---- | C] (Sendori) -- C:\windows\SysNative\plsapp64.dll
    [2014/03/16 10:51:38 | 000,354,592 | ---- | C] (Sendori) -- C:\windows\SysWow64\plsapp.dll
    [2014/03/16 10:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\CDB
    [2014/03/16 10:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
    [2014/03/16 10:45:14 | 000,000,000 | ---D | C] -- C:\rei
    [2014/03/16 10:41:23 | 000,000,000 | ---D | C] -- C:\Users\Angela\Desktop\mbar
    [2014/03/16 10:28:31 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Roaming\Python-Eggs
    [2014/03/16 09:23:16 | 000,000,000 | ---D | C] -- C:\FFOutput
    [2014/03/16 09:08:55 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
    [2014/03/16 09:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
    [2014/03/16 09:07:53 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Roaming\Paltalk
    [2014/03/16 09:07:05 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\Downloaded Installers
    [2014/03/16 08:29:39 | 000,000,000 | ---D | C] -- C:\Program Files\WOT
    [2014/03/16 08:29:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WOT
    [2014/03/15 18:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    [2014/03/15 02:38:49 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Roaming\Malwarebytes
    [2014/03/15 02:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2014/03/15 02:38:21 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\Programs
    [2014/03/14 19:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
    [2014/03/14 19:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
    [2014/03/14 16:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
    [2014/03/14 16:01:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
    [2014/03/14 14:14:31 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\LogMeIn Rescue Applet
    [2014/03/10 13:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\OutfoxTV
    [2014/03/10 13:40:04 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\SlimWare Utilities Inc
    [2014/02/25 15:56:52 | 000,000,000 | ---D | C] -- C:\windows\Migration

    ========== Files - Modified Within 30 Days ==========

    [2014/03/19 10:28:04 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/03/19 10:28:04 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/03/19 10:25:19 | 000,782,470 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
    [2014/03/19 10:25:19 | 000,662,634 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
    [2014/03/19 10:25:19 | 000,122,470 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
    [2014/03/19 10:24:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTL.exe
    [2014/03/19 10:20:48 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/03/19 10:20:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2014/03/19 10:20:22 | 463,871,999 | -HS- | M] () -- C:\hiberfil.sys
    [2014/03/19 10:16:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
    [2014/03/19 10:01:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/03/19 09:18:28 | 000,000,422 | ---- | M] () -- C:\windows\tasks\SystemToolsDailyTest.job
    [2014/03/19 08:50:57 | 001,950,720 | ---- | M] () -- C:\Users\Angela\Desktop\adwcleaner.exe
    [2014/03/19 08:31:09 | 000,103,272 | ---- | M] () -- C:\Users\Angela\GoToAssistDownloadHelper.exe
    [2014/03/17 17:29:07 | 000,025,003 | ---- | M] () -- C:\Users\Angela\Documents\Untitled 1.odt
    [2014/03/17 12:46:40 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
    [2014/03/17 09:08:22 | 000,002,198 | ---- | M] () -- C:\windows\epplauncher.mif
    [2014/03/17 08:44:03 | 000,001,162 | ---- | M] () -- C:\Users\Angela\Desktop\ComboFix - Shortcut.lnk
    [2014/03/16 10:46:48 | 000,000,163 | ---- | M] () -- C:\windows\Reimage.ini
    [2014/03/16 09:08:55 | 000,001,204 | ---- | M] () -- C:\Users\Angela\Desktop\Format Factory.lnk
    [2014/03/16 09:07:54 | 000,001,228 | ---- | M] () -- C:\Users\Angela\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
    [2014/03/16 09:07:09 | 000,016,152 | ---- | M] () -- C:\windows\SysNative\drivers\SWDUMon.sys
    [2014/03/15 17:40:21 | 003,901,952 | ---- | M] () -- C:\Users\Angela\Desktop\RogueKiller.exe
    [2014/03/13 11:49:43 | 000,008,307 | ---- | M] () -- C:\Users\Angela\Documents\Watched.odt
    [2014/03/12 18:06:19 | 004,962,896 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
    [2014/03/07 15:57:22 | 000,008,273 | ---- | M] () -- C:\Users\Angela\Documents\Watched Burnt Uncertain.odt
    [2014/03/01 10:35:16 | 000,009,452 | ---- | M] () -- C:\Users\Angela\Documents\Tomorrow.odt
    [2014/03/01 10:31:10 | 000,008,301 | ---- | M] () -- C:\Users\Angela\Documents\Watched Burnt Want.odt
    [2014/02/27 08:45:48 | 000,775,084 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
    [2014/02/26 17:41:38 | 000,014,336 | ---- | M] () -- C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== Files Created - No Company Name ==========

    [2014/03/19 08:50:57 | 001,950,720 | ---- | C] () -- C:\Users\Angela\Desktop\adwcleaner.exe
    [2014/03/19 08:31:09 | 000,103,272 | ---- | C] () -- C:\Users\Angela\GoToAssistDownloadHelper.exe
    [2014/03/17 17:29:04 | 000,025,003 | ---- | C] () -- C:\Users\Angela\Documents\Untitled 1.odt
    [2014/03/17 08:44:03 | 000,001,162 | ---- | C] () -- C:\Users\Angela\Desktop\ComboFix - Shortcut.lnk
    [2014/03/17 08:43:25 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
    [2014/03/17 08:43:25 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
    [2014/03/17 08:43:25 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
    [2014/03/17 08:43:25 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
    [2014/03/17 08:43:25 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
    [2014/03/16 10:43:43 | 000,000,163 | ---- | C] () -- C:\windows\Reimage.ini
    [2014/03/16 09:08:55 | 000,001,204 | ---- | C] () -- C:\Users\Angela\Desktop\Format Factory.lnk
    [2014/03/16 09:07:54 | 000,001,228 | ---- | C] () -- C:\Users\Angela\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
    [2014/03/16 09:07:09 | 000,016,152 | ---- | C] () -- C:\windows\SysNative\drivers\SWDUMon.sys
    [2014/03/15 17:40:20 | 003,901,952 | ---- | C] () -- C:\Users\Angela\Desktop\RogueKiller.exe
    [2014/03/14 19:57:03 | 000,002,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    [2014/03/07 15:57:20 | 000,008,273 | ---- | C] () -- C:\Users\Angela\Documents\Watched Burnt Uncertain.odt
    [2014/03/01 10:31:08 | 000,008,301 | ---- | C] () -- C:\Users\Angela\Documents\Watched Burnt Want.odt
    [2014/01/11 09:52:01 | 000,001,456 | ---- | C] () -- C:\Users\Angela\AppData\Local\Adobe Save for Web 13.0 Prefs
    [2013/10/26 14:27:15 | 000,014,336 | ---- | C] () -- C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== ZeroAccess Check ==========

    [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2013/10/20 23:24:39 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\Fingertapps
    [2013/10/20 18:24:44 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\OpenOffice.org
    [2014/03/16 09:07:53 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\Paltalk
    [2013/10/22 14:00:46 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\PCDr
    [2014/03/16 10:28:31 | 000,000,000 | ---D | M] -- C:\Users\Angela\AppData\Roaming\Python-Eggs

    ========== Purity Check ==========



    < End of report >

  15. #45
    Join Date
    Mar 2014
    Posts
    557
    OTL Extras logfile created on: 3/19/2014 9:11:35 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Angela\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16521)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    5.91 Gb Total Physical Memory | 4.39 Gb Available Physical Memory | 74.27% Memory free
    11.82 Gb Paging File | 10.21 Gb Available in Paging File | 86.39% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 451.01 Gb Total Space | 343.12 Gb Free Space | 76.08% Space Free | Partition Type: NTFS

    Computer Name: ANGELA-PC | User Name: Angela | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{033F169A-3838-4CD8-B65D-9D11758D7C70}" = lport=445 | protocol=6 | dir=in | app=system |
    "{0633FD5C-DCCF-4FBD-9D32-B0D2BC23070F}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{154882E5-5BA5-4734-8949-24F65E20D9C1}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{1A80FBE1-7730-45D6-A68A-18A2D250D180}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{22A3BEA4-EE2C-4806-B525-FEBEAC16A9CB}" = rport=137 | protocol=17 | dir=out | app=system |
    "{23D43D9E-C951-4569-9D28-45F062651C12}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{35C21D04-A436-4118-993D-33A389AD8B4E}" = rport=445 | protocol=6 | dir=out | app=system |
    "{5A4A74E4-7282-430B-8E6D-E538C8255186}" = rport=138 | protocol=17 | dir=out | app=system |
    "{621B9C3A-8F42-4118-A366-7AB119810E9C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{6E2D5302-8ACA-4D2A-8113-7AF64F4FA6BE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{7E7E21F7-EF01-458D-B083-795DC4C7C253}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{8B656CD8-6026-4C51-A00A-B4B02C63965F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{932A9358-BD54-49F0-82DA-6543A08F953E}" = lport=139 | protocol=6 | dir=in | app=system |
    "{9ADDAED7-EB2E-4726-B27B-FA4AA335B3DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{9ED25E5C-5D7F-4274-B5FA-0A39D9407229}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{B02303C9-0FA4-4068-8EA4-A3BCE4534BB9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{B7D75407-77E3-4FA5-B154-A3C665C63C92}" = lport=137 | protocol=17 | dir=in | app=system |
    "{BB81D029-6921-4844-A4F6-EF2B315F20C3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D6DE0538-124C-480B-A7F0-2BC922BA1AAE}" = lport=138 | protocol=17 | dir=in | app=system |
    "{D7C019C8-877A-4E19-941C-03A35869EFDD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E74F5026-EA46-4CA1-92F9-AAFF49ADCDC4}" = rport=139 | protocol=6 | dir=out | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{15D8110C-BA18-465A-9BF5-D54703105AA6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{1D7370A9-4B2E-4F88-860A-049D5DAAC927}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{1E1F4D8D-C25D-4DAC-B4CF-C1517D7EA76C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2CF735EC-85AA-4D10-AC3E-4784413AFA0E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{3B460180-5BE9-4503-9282-C7A20C3E7374}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{49BC8FA1-9311-40C2-88A1-DB298381E82C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{51E5B5BC-CBE7-4A7C-B945-B5182D795853}" = protocol=6 | dir=in | app=c:\users\angela\appdata\local\microsoft\windows\temporary internet files\content.ie5\dbdzet3m\bittorrent.exe |
    "{62BD35AE-E127-4BEF-B3FF-C490530A0AA7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{6AB6F3A5-A5F6-4F7F-85DE-C56876BF56F2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{7696917B-5B84-459E-919D-D09CAE3F6FEA}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
    "{7A08BFDE-FA8D-48C5-A8FB-0C2D2C553901}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{7BB40EC4-F450-455F-85F4-E880F1B87116}" = protocol=6 | dir=out | app=system |
    "{897AC498-72A4-4149-8F53-E658057F2D69}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{9E576DA3-5555-4F3D-AA01-C50C9DCA3C0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{A1B25DF8-4A3E-4811-80CA-C88D5F7F4F9F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{A322352A-BB91-45F1-8E4F-69DF5A05D987}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
    "{A5E9B63B-6A76-45F7-9108-517782F5ECC6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{AA160E2D-8FD4-4B63-9E2F-6C286DE3FEC8}" = protocol=17 | dir=in | app=c:\users\angela\appdata\local\microsoft\windows\temporary internet files\content.ie5\dbdzet3m\bittorrent.exe |
    "{AF7132C7-8313-4DD2-963D-E2E5D9C7ED28}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
    "{B4A626FE-DCC8-4B88-9048-9C1F416432D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C753BC0F-7587-414F-94C1-753940B8E8B0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{D0ACB864-560A-4311-A608-7AE0AFDEF2A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{D122B53C-55EB-482A-BFE3-751AAE9DD699}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
    "{DD81EA03-DB74-4CA5-AD9D-A94139E82955}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{E03ACF60-3E1A-4F28-B959-443B8C85A55F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{E5A10623-6E25-428B-B3CE-C9E34803D34B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{EB5DC5B2-B002-4C42-8EAD-D20D13D937DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{EBD3EA01-FE7C-453D-9E0F-70F1D4017A8E}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
    "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
    "{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel(R) PROSet/Wireless WiFi Software
    "{2DD71ACB-552D-402C-9529-7906ACB95C30}" = Adobe Photoshop Lightroom 5.3 64-bit
    "{373B90E1-A28C-434C-92B6-7281AFA6115A}" = WOT for Internet Explorer
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
    "Dell Support Center" = Dell Support Center
    "Microsoft Security Client" = Microsoft Security Essentials
    "ProInst" = Intel PROSet Wireless
    "Reimage Repair" = Reimage Repair

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
    "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
    "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
    "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
    "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
    "{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
    "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1033}" = Nero 8
    "{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
    "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
    "{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
    "{CC8E0363-B20C-4792-8A1C-8DF5E01B68A6}" = GoGear VIBE Device Manager
    "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
    "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Adobe AIR" = Adobe AIR
    "Adobe Creative Cloud" = Adobe Creative Cloud
    "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
    "Advanced Audio FX Engine" = Advanced Audio FX Engine
    "Dell Webcam Central" = Dell Webcam Central
    "FormatFactory" = FormatFactory 3.3.3.0
    "Google Chrome" = Google Chrome
    "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "ProInst" = Intel PROSet Wireless
    "Revo Uninstaller" = Revo Uninstaller 1.95

    < End of report >

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •