Malware iis alterning my network settings

Hi!
I appreciate any help in advance...
Anyway, I downloaded and ran an unofficial build of mirc that had a backdoor. Now, when I do a netsh interface dump, I get strange entries in my network configuration. It was before as it added an Ethernet 21 connection before on IPv4. I have since disabled IPv6 for now.
I ran RogueKiller, which originally found a proxy that I deleted, TDSSKiller, McAfee Stinger [which did not find anything],

OTL.Txt 163.09KB 103 downloadsMalwarebytes, I cleaned my temp files, I did an in-place repair/upgrade of Windows...same problem. HELP!
# ----------------------------------
# IPv6 Configuration
# ----------------------------------
pushd interface ipv6

reset
set interface interface="Local Area Connection* 15" forwarding=disabled advertise=disabled mtu=1280 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled

popd
# End of IPv6 configuration

# ----------------------------------

OTL logfile created on: 8/19/2013 11:35:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zewolfe\Desktop\_SPECIAL_PROJECTS_\Security Tools\_Malware tools and reports\Malware progs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.86 Gb Total Physical Memory | 2.68 Gb Available Physical Memory | 34.08% Memory free
15.72 Gb Paging File | 10.41 Gb Available in Paging File | 66.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.47 Gb Total Space | 454.31 Gb Free Space | 49.57% Space Free | Partition Type: NTFS
Drive H: | 7.28 Gb Total Space | 0.01 Gb Free Space | 0.08% Space Free | Partition Type: NTFS

Computer Name: BANDERET2 | User Name: Zewolfe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/19 11:24:01 | 001,564,672 | ---- | M] (Don HO [email protected]) -- C:\Program Files (x86)\Notepad++\notepad++.exe
PRC - [2013/08/17 08:44:26 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/07 08:30:50 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2013/08/04 14:45:34 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/05/16 10:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot\SDTray.exe
PRC - [2013/05/16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot\SDUpdSvc.exe
PRC - [2013/05/16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot\SDFSSvc.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/01/03 21:38:00 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/10/05 14:57:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zewolfe\Desktop\_SPECIAL_PROJECTS_\Security Tools\_Malware tools and reports\Malware progs\OTL.exe
PRC - [2012/09/01 18:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/03/28 06:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2012/02/16 11:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2012/02/09 09:24:58 | 003,074,624 | ---- | M] (ContentWatch, Inc.) -- C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
PRC - [2012/02/09 09:24:58 | 000,676,416 | ---- | M] (ContentWatch, Inc.) -- C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
PRC - [2012/01/27 15:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2012/01/26 20:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

========== Modules (No Company Name) ==========

MOD - [2013/08/19 05:36:57 | 001,075,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\852636470bd3fbaba6cff6230e90eaaa\System.ServiceModel.Web.ni.dll
MOD - [2013/08/19 05:35:39 | 002,959,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\42906f66c63887b2f1b140eb1ea73919\System.IdentityModel.ni.dll
MOD - [2013/08/19 05:35:36 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\44695c46bbf1cef284a210664a03043e\System.ServiceModel.ni.dll
MOD - [2013/08/19 05:35:23 | 000,029,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\0d908b16e41ff0cbd3ddd6f6facd7817\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013/08/19 05:35:21 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\2f2b1bc379cd38841f05399944927d8f\IAStorCommon.ni.dll
MOD - [2013/08/19 05:34:57 | 000,366,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\a3b23c37c111913b6fb7f9ca7b0195d9\IAStorUtil.ni.dll
MOD - [2013/08/19 05:34:54 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\72227d58a04b80252053352dead3b9a3\System.ServiceModel.Internals.ni.dll
MOD - [2013/08/19 05:34:54 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\176ea254700896ee68956986b947ea9b\SMDiagnostics.ni.dll
MOD - [2013/08/19 05:34:53 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a46953d62d9923cfd393cb102df2e6ad\System.Runtime.Serialization.ni.dll
MOD - [2013/08/19 04:59:37 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\5f27b142c87d877c73ac245ab951a773\System.Windows.Forms.ni.dll
MOD - [2013/08/19 04:59:37 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MOD - [2013/08/19 04:59:34 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a35e871c52b7a7aee64c969c02acfaa0\System.Core.ni.dll
MOD - [2013/08/19 04:59:32 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2fd755147672c80dd4b13978933f8a3d\System.Configuration.ni.dll
MOD - [2013/08/19 04:59:30 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MOD - [2013/08/19 04:59:28 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MOD - [2013/08/19 04:59:23 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2013/08/17 08:44:26 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/07 08:30:51 | 002,244,504 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013/08/07 08:30:51 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013/08/07 08:30:51 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013/08/04 14:45:33 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/07/27 02:21:46 | 001,589,248 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\DSpellCheck.dll
MOD - [2013/05/16 10:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files (x86)\Spybot\snlFileFormats150.bpl
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot\DEC150.bpl
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/02/06 09:56:17 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll
MOD - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/11/22 11:16:48 | 000,081,920 | ---- | M] () -- C:\Windows\SysWOW64\wxcode_msw28u_wxjson_CW.dll
MOD - [2011/11/22 11:16:38 | 001,216,512 | ---- | M] () -- C:\Windows\SysWOW64\wxcode_msw28u_wxcurl_CW.dll
MOD - [2011/11/22 11:14:20 | 000,975,872 | ---- | M] () -- C:\Windows\SysWOW64\libxml2_CW.dll
MOD - [2011/11/22 11:09:30 | 000,151,552 | ---- | M] () -- C:\Windows\SysWOW64\libexpat.dll
MOD - [2011/11/22 10:51:56 | 002,916,352 | ---- | M] () -- C:\Windows\SysWOW64\wxmsw28u_core_vc_CW.dll
MOD - [2011/11/22 10:51:56 | 001,236,992 | ---- | M] () -- C:\Windows\SysWOW64\wxbase28u_vc_CW.dll
MOD - [2011/11/22 10:51:56 | 000,716,800 | ---- | M] () -- C:\Windows\SysWOW64\wxmsw28u_adv_vc_CW.dll
MOD - [2011/11/22 10:51:56 | 000,499,712 | ---- | M] () -- C:\Windows\SysWOW64\wxmsw28u_html_vc_CW.dll
MOD - [2011/11/22 10:51:56 | 000,135,168 | ---- | M] () -- C:\Windows\SysWOW64\wxbase28u_xml_vc_CW.dll
MOD - [2011/09/21 14:46:28 | 001,673,728 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
MOD - [2011/07/18 15:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
MOD - [2010/11/20 21:52:47 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\f0f10d0591d11a36ee2aa8ee2fbdb2bf\System.WorkflowServices.ni.dll
MOD - [2010/11/20 21:52:31 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\4782a5d2bc7d86895faf404a3470aacb\System.ServiceModel.Web.ni.dll
MOD - [2010/11/20 21:51:14 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\b4c60dd01be760ee0452df2c040de8fc\System.IdentityModel.ni.dll
MOD - [2010/11/20 21:51:12 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e2642bff810609f64343e53dddb6b59c\System.ServiceModel.ni.dll
MOD - [2010/11/20 21:49:37 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4a984a9ad59d14063bc6ae64a0c8f62a\System.Runtime.Serialization.ni.dll
MOD - [2010/11/20 21:49:37 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8218dc4808b77f3585fb048c61597af1\SMDiagnostics.ni.dll
MOD - [2010/11/20 21:49:35 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\70aac9dff3bdde548962557151c1ff49\System.Xml.Linq.ni.dll
MOD - [2010/11/20 21:49:32 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll
MOD - [2010/11/20 21:49:28 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\299d0b38053fd7cbd84bac2178c3703b\PresentationFramework.Aero.ni.dll
MOD - [2010/11/20 21:49:18 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2010/11/20 21:49:02 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2010/11/20 21:48:49 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010/11/20 21:48:42 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010/11/20 21:48:40 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2010/11/20 21:48:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2010/11/20 21:48:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010/11/20 21:48:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010/11/20 21:48:21 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010/11/20 21:48:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/05/08 16:49:16 | 000,174,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013/05/06 08:45:48 | 000,018,152 | ---- | M] (Tenable Network Security, Inc) [Disabled | Stopped] -- C:\Program Files\Nessus\nessus-service.exe -- (Tenable Nessus)
SRV:64bit: - [2013/04/11 10:30:50 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013/04/03 13:34:46 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/04/03 13:32:06 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/02/28 09:46:18 | 001,017,016 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/01/22 17:51:56 | 000,325,808 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/01/22 17:51:56 | 000,325,808 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/01/22 17:51:56 | 000,325,808 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/01/22 17:51:56 | 000,325,808 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/01/22 17:51:56 | 000,325,808 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2012/09/05 13:40:42 | 000,323,072 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012/08/23 16:05:12 | 003,342,640 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/08/23 16:04:28 | 000,272,688 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/08/23 16:04:00 | 000,629,040 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/08/23 16:03:14 | 000,149,296 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/08/23 13:39:38 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/07/18 00:52:16 | 000,659,472 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012/05/30 13:11:34 | 000,149,544 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 19:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009/07/13 19:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/07/13 19:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013/08/17 08:44:26 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot\SDUpdSvc.exe -- (SDUpdateService)
SRV - [2013/05/16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot\SDFSSvc.exe -- (SDScannerService)
SRV - [2013/05/15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Spybot\SDWSCSvc.exe -- (SDWSCService)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/02/28 19:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/13 03:02:15 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/03/28 06:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2012/02/16 11:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2012/02/09 09:24:58 | 003,074,624 | ---- | M] (ContentWatch, Inc.) [Auto | Running] -- C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe -- (CwAltaService20)
SRV - [2011/12/21 19:33:40 | 001,104,208 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/12/21 19:33:38 | 001,304,912 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/12/21 19:33:34 | 001,014,096 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/20 21:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 21:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/13 19:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/26 13:42:00 | 000,046,816 | ---- | M] (Tenable Network Security, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NessusMp60.sys -- (NessusMp60)
DRV:64bit: - [2013/07/04 15:57:00 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013/04/10 14:19:19 | 000,251,128 | ---- | M] (Pismo Technic Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pfmfs_853.sys -- (pfmfs_853)
DRV:64bit: - [2013/04/03 13:37:38 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/04/03 13:34:58 | 000,342,416 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/04/03 13:33:06 | 000,772,944 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/04/03 13:32:14 | 000,516,608 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/04/03 13:31:36 | 000,309,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/04/03 13:31:14 | 000,179,664 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/02/28 19:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/02/18 07:46:56 | 000,095,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2013/02/18 07:46:50 | 000,337,120 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/01/03 21:38:01 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013/01/03 21:38:01 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013/01/03 21:38:01 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/12/06 12:11:40 | 011,518,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/10/24 14:50:28 | 000,769,168 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/09/18 23:46:20 | 000,447,864 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2012/09/05 13:40:42 | 000,542,208 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/01 18:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 07:40:52 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/14 23:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012/05/30 13:10:50 | 000,016,168 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2012/05/28 10:28:18 | 000,197,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/02/01 17:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/12/14 13:26:56 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/12/13 10:26:20 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6F6B90A9-2C85-4A0F-81CA-7D9C0E4BB00F}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6F6B90A9-2C85-4A0F-81CA-7D9C0E4BB00F}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {877A4BFA-5235-4B0C-8D30-F1345A2FB43D}
IE - HKCU\..\SearchScopes\{877A4BFA-5235-4B0C-8D30-F1345A2FB43D}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{CAC447BD-6F74-41CA-AAD5-F1B7824B400C}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=en"
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.4.4
FF - prefs.js..extensions.enabledAddons: %7B7b1bf0b6-a1b9-42b0-b75d-252036438bdc%7D:6.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/08/18 21:40:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/08/18 21:42:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/18 21:40:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/08/18 21:40:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/18 21:40:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/08/18 21:40:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2013/06/18 17:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zewolfe\AppData\Roaming\Mozilla\Extensions
[2013/08/18 22:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions
[2013/08/18 22:07:00 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
[2013/08/17 08:34:25 | 000,002,109 | ---- | M] () (No name found) -- C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions\[email protected]
[2013/08/17 08:32:48 | 000,169,523 | ---- | M] () (No name found) -- C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions\[email protected]
[2013/08/17 08:38:51 | 000,004,525 | ---- | M] () (No name found) -- C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions\[email protected]
[2013/08/17 08:58:04 | 000,017,472 | ---- | M] () (No name found) -- C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2013/08/06 10:52:02 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/08/18 21:40:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/18 21:40:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/02/08 16:46:38 | 000,000,901 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Users\Public\Portable\BitComet_1.36\tools\bitcometbho.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Keyboard Suite Daemon] C:\Windows\SysNative\xManager\PELKBD.EXE (PRIMAX)
O4:64bit: - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\SysNative\ico.exe (Primax Electronics Ltd.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [cwcptray] C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [stayfocused2] C:\Program Files (x86)\Stayfocused\stayfocused.exe (Bytesignals)
O4 - Startup: C:\Users\Zewolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - res://C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddLink.htm File not found
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - res://C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddAllLink.htm File not found
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddLink.htm File not found
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddAllLink.htm File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Users\Public\Portable\BitComet_1.36\tools\bitcometbho.dll/206 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000024 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000025 - C:\Windows\SysNative\cwalsp64.dll (ContentWatch, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\SysWow64\cwalsp.dll (ContentWatch, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}: DhcpNameServer = 192.168.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F53F2CB8-A6E6-46E8-B13C-28A1C0F3459C}: DhcpNameServer = 192.168.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F53F2CB8-A6E6-46E8-B13C-28A1C0F3459C}: NameServer = 4.2.2.1,4.2.2.2
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/10 06:57:07 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/19 11:24:01 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/08/19 10:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/08/19 04:50:51 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/08/18 23:23:01 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/08/18 23:18:49 | 000,000,000 | ---D | C] -- C:\inetpub
[2013/08/18 23:10:04 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2013/08/18 22:48:01 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2013/08/18 21:28:55 | 000,000,000 | --SD | C] -- C:\Users\Zewolfe\AppData\Roaming\Microsoft
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Videos
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Saved Games
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Pictures
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Music
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Links
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Favorites
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Downloads
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Documents
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\Desktop
[2013/08/18 21:28:55 | 000,000,000 | R--D | C] -- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\AppData\Local\Temporary Internet Files
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Templates
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Start Menu
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\SendTo
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Recent
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\PrintHood
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\NetHood
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Documents\My Videos
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Documents\My Pictures
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Documents\My Music
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\My Documents
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Local Settings
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\AppData\Local\History
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Cookies
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\Application Data
[2013/08/18 21:28:55 | 000,000,000 | -HSD | C] -- C:\Users\Zewolfe\AppData\Local\Application Data
[2013/08/18 21:28:55 | 000,000,000 | -H-D | C] -- C:\Users\Zewolfe\AppData
[2013/08/18 21:28:55 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Local\Temp
[2013/08/18 21:28:55 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Local\Microsoft
[2013/08/18 21:28:55 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Media Center Programs
[2013/08/18 21:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2013/08/18 21:26:41 | 006,100,480 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2013/08/18 21:26:41 | 001,821,184 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNC64.cpl
[2013/08/18 21:26:41 | 001,008,472 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013/08/18 21:26:39 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2013/08/18 21:26:32 | 000,056,832 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
[2013/08/18 21:26:32 | 000,056,320 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
[2013/08/18 21:25:10 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/08/18 19:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Magical Jelly Bean
[2013/08/18 19:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
[2013/08/18 06:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UEFI Winflash
[2013/08/18 06:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UEFI Winflash
[2013/08/17 08:44:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/17 08:10:12 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Documents\Phoenix BIOS
[2013/08/17 07:45:46 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\PCDr
[2013/08/15 15:56:55 | 000,000,000 | ---D | C] -- C:\Windows\Favorites
[2013/08/15 15:56:53 | 000,000,000 | ---D | C] -- C:\Windows\Profiles
[2013/08/15 09:03:32 | 000,713,248 | ---- | C] (PortableApps.com) -- C:\Users\Zewolfe\Desktop\SMPlayer_Portable_MPlayer_Codec_Addon_1.1_online.paf.exe
[2013/08/14 17:38:09 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\Zewolfe\Desktop\dds.com
[2013/08/14 13:13:35 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Desktop\RMPrepUSB_Portable
[2013/08/14 12:57:33 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Desktop\usb110511
[2013/08/12 19:13:04 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Audacity
[2013/08/12 12:19:27 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Desktop\Win7-Setup
[2013/08/12 12:11:50 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Desktop\Win7
[2013/08/11 07:21:16 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Desktop\WinRepair
[2013/08/10 19:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2013/08/10 07:58:41 | 000,000,000 | ---D | C] -- C:\FRST
[2013/08/10 07:23:58 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/10 06:55:49 | 000,000,000 | ---D | C] -- C:\Autoruns
[2013/08/09 12:27:54 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\SecurityScans
[2013/08/09 12:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Baseline Security Analyzer 2
[2013/08/09 10:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/08/09 10:06:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/08/09 08:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/08/08 13:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/08/08 13:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/08/08 13:02:39 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Documents\ProcAlyzer Dumps
[2013/08/08 12:29:33 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Malwarebytes
[2013/08/08 07:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2013/08/08 05:54:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/08/08 05:53:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot
[2013/08/08 05:53:30 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/08/08 05:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot
[2013/08/07 11:35:27 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Dell
[2013/08/07 08:56:24 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Documents\Xirrus sidebar
[2013/08/07 08:54:32 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Documents\games
[2013/08/07 08:44:32 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Documents\Thunderbird Email
[2013/08/07 08:35:14 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Documents\Backup of David's Computers
[2013/08/07 08:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/08/06 11:28:27 | 000,105,064 | ---- | C] (Algin Technology LLC) -- C:\Windows\SysWow64\ls.exe
[2013/08/06 11:28:27 | 000,090,624 | ---- | C] (GNU) -- C:\Windows\SysWow64\grep.exe
[2013/08/05 19:40:35 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Local\Programs
[2013/08/05 18:31:01 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\avidemux
[2013/08/05 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\VidCoder
[2013/08/04 21:37:45 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Emerge Desktop
[2013/08/04 20:41:30 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\stayfocused2
[2013/08/04 20:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stayfocused
[2013/08/04 20:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stayfocused
[2013/08/04 14:51:19 | 000,197,264 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2013/08/03 12:56:44 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Documents\Old Firefox Data
[2013/07/27 17:10:58 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Local\Microsoft_Corporation
[2013/07/26 13:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tenable Network Security
[2013/07/26 13:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Tenable
[2013/07/26 13:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\Nessus
[2013/07/26 13:42:00 | 000,046,816 | ---- | C] (Tenable Network Security, Inc.) -- C:\Windows\SysNative\drivers\NessusMp60.sys
[2013/07/26 10:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013/07/26 10:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013/07/25 10:10:23 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\.MakeMKV
[2013/07/24 13:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cwRsync
[2013/07/24 09:23:59 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Local\uGet
[2013/07/22 20:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Softland
[2013/07/22 20:45:57 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Softland
[2013/07/22 20:38:26 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Backup
[2013/07/22 20:23:10 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\.areca
[2013/07/22 18:14:14 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\.ipython
[2013/07/22 16:17:54 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Rafal
[2013/07/22 12:44:32 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\xVideoServiceThief
[2013/07/21 22:07:40 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\Documents\Themes
[2013/07/21 21:11:08 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Arnaud_Dovi
[2013/07/21 21:09:46 | 000,000,000 | ---D | C] -- C:\Users\Zewolfe\AppData\Roaming\Duplicati

========== Files - Modified Within 30 Days ==========

[2013/08/19 10:14:08 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/19 10:14:08 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/19 10:07:42 | 000,831,714 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/19 10:07:42 | 000,695,878 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/19 10:07:42 | 000,136,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/19 09:59:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/19 09:59:07 | 2034,970,623 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/19 04:57:52 | 000,824,328 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/19 04:54:15 | 000,001,443 | ---- | M] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/19 04:51:28 | 000,001,236 | RHS- | M] () -- C:\Users\Zewolfe\ntuser.pol
[2013/08/19 01:38:26 | 000,115,640 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/08/19 01:38:26 | 000,115,640 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/08/19 01:11:13 | 000,022,840 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat
[2013/08/19 01:03:12 | 000,434,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/18 21:27:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2013/08/18 21:27:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2013/08/18 21:26:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/08/18 21:26:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2013/08/18 19:52:27 | 000,003,322 | ---- | M] () -- C:\Users\Zewolfe\Desktop\Windows Compatibility Report.htm
[2013/08/18 19:47:42 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013/08/18 19:47:42 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2013/08/18 19:00:36 | 000,001,112 | ---- | M] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\KeyFinder.lnk
[2013/08/17 09:16:36 | 000,001,699 | ---- | M] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\7zip.lnk
[2013/08/17 08:52:37 | 000,001,165 | ---- | M] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/08/17 08:36:08 | 000,758,480 | ---- | M] () -- C:\Users\Zewolfe\Desktop\freecorder8-setup.exe
[2013/08/16 21:55:45 | 171,796,163 | ---- | M] () -- C:\Users\Zewolfe\Desktop\David_interview_at_JS.webm
[2013/08/14 20:26:26 | 000,016,252 | ---- | M] () -- C:\Users\Zewolfe\Desktop\Eddy Barillas.html
[2013/08/12 21:36:59 | 000,000,114 | RH-- | M] () -- C:\Users\Zewolfe\Desktop\Stinger.opt
[2013/08/09 18:16:55 | 000,003,566 | ---- | M] () -- C:\Users\Zewolfe\Documents\serge-logins.kdbx
[2013/08/09 17:46:53 | 000,000,187 | ---- | M] () -- C:\Users\Zewolfe\Documents\serge-logins.key
[2013/08/09 12:27:35 | 000,002,048 | ---- | M] () -- C:\Uninstall.dat
[2013/08/09 12:25:24 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
[2013/08/08 14:01:05 | 000,001,040 | ---- | M] () -- C:\Users\Zewolfe\Desktop\_SecTools.lnk
[2013/08/08 09:08:48 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013/08/08 05:53:38 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/07 09:35:42 | 000,002,116 | ---- | M] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/08/04 20:41:26 | 000,001,073 | ---- | M] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\My Program.lnk
[2013/08/03 12:27:47 | 000,012,292 | -H-- | M] () -- C:\Users\Zewolfe\.DS_Store
[2013/08/03 09:25:27 | 000,000,016 | ---- | M] () -- C:\Users\Zewolfe\photorec.sig
[2013/07/26 13:42:00 | 000,046,816 | ---- | M] (Tenable Network Security, Inc.) -- C:\Windows\SysNative\drivers\NessusMp60.sys

========== Files Created - No Company Name ==========

[2013/08/19 04:54:15 | 000,001,415 | ---- | C] () -- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/08/19 04:53:58 | 000,001,449 | ---- | C] () -- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/08/19 04:51:28 | 000,001,236 | RHS- | C] () -- C:\Users\Zewolfe\ntuser.pol
[2013/08/19 04:47:16 | 2034,970,623 | -HS- | C] () -- C:\hiberfil.sys
[2013/08/18 21:28:55 | 000,000,290 | ---- | C] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/08/18 21:28:55 | 000,000,272 | ---- | C] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/08/18 21:28:30 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/08/18 21:28:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/08/18 21:28:17 | 000,824,328 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/18 21:27:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2013/08/18 21:27:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2013/08/18 21:26:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/08/18 21:26:41 | 000,340,476 | ---- | C] () -- C:\Windows\SysNative\W92HDM6ASKULL.mps
[2013/08/18 21:26:41 | 000,077,704 | ---- | C] () -- C:\Windows\SysNative\W92HDM6A.mps
[2013/08/18 21:26:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2013/08/18 19:52:27 | 000,003,322 | ---- | C] () -- C:\Users\Zewolfe\Desktop\Windows Compatibility Report.htm
[2013/08/18 19:00:36 | 000,001,112 | ---- | C] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\KeyFinder.lnk
[2013/08/18 08:20:07 | 000,157,601 | ---- | C] () -- C:\Users\Zewolfe\Desktop\Ley del Instituto Hondureño de la Niñez y la Familia IHNFA (actualizada-07).pdf
[2013/08/18 08:13:00 | 000,001,890 | ---- | C] () -- C:\Windows\diagwrn.xml
[2013/08/18 08:13:00 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2013/08/17 09:16:36 | 000,001,699 | ---- | C] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\7zip.lnk
[2013/08/17 08:36:25 | 000,758,480 | ---- | C] () -- C:\Users\Zewolfe\Desktop\freecorder8-setup.exe
[2013/08/16 12:24:18 | 171,796,163 | ---- | C] () -- C:\Users\Zewolfe\Desktop\David_interview_at_JS.webm
[2013/08/14 20:26:26 | 000,016,252 | ---- | C] () -- C:\Users\Zewolfe\Desktop\Eddy Barillas.html
[2013/08/14 13:05:46 | 006,595,081 | ---- | C] () -- C:\Users\Zewolfe\Desktop\RMPrepUSB_Portable_v2.1.706.zip
[2013/08/14 12:54:13 | 004,278,747 | ---- | C] () -- C:\Users\Zewolfe\Desktop\usb110511.zip
[2013/08/12 21:36:59 | 000,000,114 | RH-- | C] () -- C:\Users\Zewolfe\Desktop\Stinger.opt
[2013/08/09 18:12:11 | 000,003,566 | ---- | C] () -- C:\Users\Zewolfe\Documents\serge-logins.kdbx
[2013/08/09 17:46:53 | 000,000,187 | ---- | C] () -- C:\Users\Zewolfe\Documents\serge-logins.key
[2013/08/09 12:25:24 | 000,001,095 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Baseline Security Analyzer 2.2.lnk
[2013/08/09 12:25:24 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
[2013/08/08 14:01:05 | 000,001,040 | ---- | C] () -- C:\Users\Zewolfe\Desktop\_SecTools.lnk
[2013/08/08 08:39:19 | 000,002,048 | ---- | C] () -- C:\Uninstall.dat
[2013/08/08 05:53:38 | 000,001,206 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/08/08 05:53:38 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/07 09:45:20 | 000,001,165 | ---- | C] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/08/06 20:07:00 | 000,001,563 | ---- | C] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Vbx.lnk
[2013/08/04 20:41:26 | 000,001,073 | ---- | C] () -- C:\Users\Zewolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\My Program.lnk
[2013/08/03 11:27:41 | 000,012,292 | -H-- | C] () -- C:\Users\Zewolfe\.DS_Store
[2013/08/03 09:21:09 | 000,000,016 | ---- | C] () -- C:\Users\Zewolfe\photorec.sig
[2013/08/01 19:04:48 | 003,660,188 | ---- | C] () -- C:\Users\Zewolfe\Documents\_JVC Camcorder Manual_.PDF
[2013/07/09 12:51:56 | 000,000,266 | ---- | C] () -- C:\Users\Zewolfe\.bash_history
[2013/07/09 12:39:24 | 000,000,062 | ---- | C] () -- C:\Users\Zewolfe\.gitconfig
[2013/06/26 17:04:18 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2013/02/28 19:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2013/02/10 18:49:32 | 000,000,036 | ---- | C] () -- C:\Users\Zewolfe\.gtk-bookmarks
[2013/02/01 23:44:28 | 000,237,568 | R--- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2013/02/01 23:44:28 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.4.ini
[2013/02/01 16:24:24 | 000,000,046 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_urlsnooper_InstallInfo.dat
[2013/01/03 21:52:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013/01/03 21:52:28 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/12/13 17:29:22 | 000,000,467 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012/10/22 13:09:54 | 000,000,180 | ---- | C] () -- C:\Windows\lightworks.ini
[2012/09/12 20:35:04 | 000,975,872 | ---- | C] () -- C:\Windows\SysWow64\libxml2_CW.dll
[2012/09/12 20:35:04 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\libexpat.dll
[2012/09/12 20:35:03 | 002,916,352 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_core_vc_CW.dll
[2012/09/12 20:35:03 | 001,236,992 | ---- | C] () -- C:\Windows\SysWow64\wxbase28u_vc_CW.dll
[2012/09/12 20:35:03 | 001,216,512 | ---- | C] () -- C:\Windows\SysWow64\wxcode_msw28u_wxcurl_CW.dll
[2012/09/12 20:35:03 | 000,716,800 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_adv_vc_CW.dll
[2012/09/12 20:35:03 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_xrc_vc_CW.dll
[2012/09/12 20:35:03 | 000,499,712 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_html_vc_CW.dll
[2012/09/12 20:35:03 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\wxbase28u_xml_vc_CW.dll
[2012/09/12 20:35:03 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\wxbase28u_net_vc_CW.dll
[2012/09/12 20:35:03 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_media_vc_CW.dll
[2012/09/12 20:35:03 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\wxcode_msw28u_wxjson_CW.dll
[2012/06/25 10:33:36 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/06/25 10:33:35 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/01/10 19:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 21:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 21:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/18 22:06:49 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\.phlipple
[2013/08/18 22:06:50 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Arnaud_Dovi
[2013/08/18 22:06:50 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Audacity
[2013/08/18 22:06:50 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\avidemux
[2013/08/18 22:06:50 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\BitComet
[2013/08/18 22:06:50 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Canon
[2013/08/18 22:06:50 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Disruptive Innovations SARL
[2013/08/18 22:06:51 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Duplicati
[2013/08/18 22:06:51 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Emerge Desktop
[2013/08/18 22:06:51 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\HandBrake
[2013/08/18 22:06:51 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\ImgBurn
[2013/08/18 22:06:51 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\IrfanView
[2013/08/18 22:06:51 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\JAM Software
[2013/08/18 22:06:51 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\KompoZer
[2013/08/18 22:06:52 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\LockHunter
[2013/08/19 11:24:00 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Notepad++
[2013/08/18 22:07:00 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\PCDr
[2013/08/18 22:07:01 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\PeaZip
[2013/08/18 22:07:01 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\proDAD
[2013/08/18 22:07:01 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Rafal
[2013/08/18 22:07:02 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Softland
[2013/08/18 22:07:02 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Sony
[2013/08/18 22:07:03 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\stayfocused2
[2013/08/18 22:09:15 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Thunderbird
[2013/06/29 12:29:11 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\TightVNC
[2013/08/18 22:09:15 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Titler
[2013/08/18 22:09:15 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\Ulead Systems
[2013/08/18 22:09:20 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\VidCoder
[2013/08/18 22:09:22 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\XnConvert
[2013/08/18 22:09:22 | 000,000,000 | ---D | M] -- C:\Users\Zewolfe\AppData\Roaming\xVideoServiceThief

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 60 bytes -> C:\Users\Zewolfe\.DS_Store:AFP_AfpInfo

< End of report >

#1
zewolfe

Posted 19 August 2013 - 12:07 PM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us