Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible backdoor?


  • This topic is locked This topic is locked
22 replies to this topic

#1 zewolfe

zewolfe

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 09 August 2013 - 06:03 PM

Hi: I was dumb enough to run a program [mirc] that was compiled from an unknown source. Roguekiller identified a proxy, and I have these entries in the Minitoolbox log:

pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled siteprefixlength=0 nud=disabled routerdiscovery=disabled
managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0
advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="ethernet_23" address=192.168.174.1 mask=255.255.255.0
add address name="ethernet_23" address=192.168.80.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network-WFP LightWeight Filter-0000" address=192.168.66.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network-WFP LightWeight Filter-0000" address=192.168.150.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration
I have since run a bunch of anti-malware programs like Malwarebytes, etc, but these entries look suspicious. Also, Hijackthis shows missing system files like lsass.exe.

Thanks in advance for any help.

Attached File  attach.txt   18.66KB   1 downloadsAttached File  dds.txt   43.33KB   6 downloadsAttached File  hijackthis.log   18.44KB   1 downloadsAttached File  MiniToolbox-Result.txt   42.88KB   1 downloads

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by Zewolfe at 11:50:17 on 2013-08-09
#Option Extended Search is enabled.
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8049.3635 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\System32\svchost.exe -k LPDService
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Spybot\SDFSSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\System32\tcpsvcs.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Spybot\SDUpdSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot\SDWSCSvc.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\ico.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot\SDTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\vds.exe
C:\Program Files\mcafee.com\agent\McUpdate.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [stayfocused2] C:\Program Files (x86)\Stayfocused\stayfocused.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [cwcptray] C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot\SDTray.exe"
StartupFolder: C:\Users\Zewolfe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZILL~1.LNK - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
StartupFolder: C:\Users\Zewolfe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: &D&ownload &with BitComet - C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Users\Public\Portable\BitComet_1.36\tools\bitcometbho.dll/206
LSP: C:\Windows\System32\cwalsp.dll
Trusted Zone: dell.com
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
TCP: NameServer = 192.168.0.2
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A} : DHCPNameServer = 192.168.0.2
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\1437862697F505C6163656 : DHCPNameServer = 205.211.206.30 205.211.192.35
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\1437862697F584F6D656 : DHCPNameServer = 205.211.206.30 205.211.192.35
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\4556E64616 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\84F67616270246560214D6F627 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\C696E6B6379737 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\E45445745414256343 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F53F2CB8-A6E6-46E8-B13C-28A1C0F3459C} : NameServer = 4.2.2.1,4.2.2.2
TCP: Interfaces\{F53F2CB8-A6E6-46E8-B13C-28A1C0F3459C} : DHCPNameServer = 192.168.0.2
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Keyboard Suite Daemon] C:\Windows\System32\xManager\PELKBD.EXE
x64-Run: [Mouse Suite 98 Daemon] ICO.EXE
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-20 20:19; {FCE04E1F-9378-4f39-96F6-5689A9159E45}; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: 2013-08-03 08:29; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
FF - ExtSQL: 2013-08-06 10:52; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-6-20 647736]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-6-20 28216]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-10-16 20024]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-11-9 772944]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-11-9 342416]
R1 pfmfs_853;pfmfs_853;C:\Windows\System32\drivers\pfmfs_853.sys [2013-6-20 251128]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-7-18 659472]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-23 135984]
R2 CwAltaService20;ContentWatch;C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe [2012-9-12 3074624]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-25 14904]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-6-20 2451456]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-19 166720]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-23 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-1-3 174440]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-1-3 1017016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-1-3 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-1-3 182752]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot\SDFSSvc.exe [2013-8-8 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot\SDUpdSvc.exe [2013-8-8 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot\SDWSCSvc.exe [2013-8-8 171928]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-6-25 1695040]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2012-5-30 16168]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-25 365376]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-8-23 3342640]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-7-18 198144]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-12-13 747008]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-9 70112]
R3 dfmirage;dfmirage;C:\Windows\System32\drivers\dfmirage.sys [2013-6-29 36432]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-10-16 358456]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-10-16 791608]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-10-9 25528]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-11-9 309968]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-9 516608]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-2-18 337120]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-2-15 769168]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\drivers\usb3Hub.sys [2012-10-9 47072]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\drivers\xHCIPort.sys [2012-10-9 188896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-7-18 198144]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-8-4 197264]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-10-9 35256]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-2-18 95856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-8-23 272688]
S3 NessusMp60;Nessus NDIS 6.X MPR Protocol Driver;C:\Windows\System32\drivers\NessusMp60.sys [2013-7-26 46816]
S3 pksmouse;KS Mouse Suite Driver;C:\Windows\System32\drivers\pksmouse.SYS [2012-10-24 22528]
S3 pksusblf;KS USB Mouse Low Filter Driver;C:\Windows\System32\drivers\pksusblf.sys [2012-10-24 11776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-28 19456]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-6-25 315536]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-28 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-28 30208]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2012-10-18 105816]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-2 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-21 1014096]
S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-21 1304912]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-21 1104208]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
.
=============== Created Last 60 ================
.
2013-08-09 16:26:22 -------- d-----w- C:\Program Files\trend micro
2013-08-09 14:40:25 -------- d-----w- C:\Program Files\HitmanPro
2013-08-08 19:31:32 -------- d-----w- C:\Program Files\CCleaner
2013-08-08 18:29:33 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Malwarebytes
2013-08-08 13:16:18 -------- d-----w- C:\ProgramData\Simply Super Software
2013-08-08 11:54:19 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-08-08 11:53:30 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-08-08 11:53:21 -------- d-----w- C:\Program Files (x86)\Spybot
2013-08-07 17:35:27 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Dell
2013-08-07 01:50:06 345480 ----a-r- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Installer\{39935111-E42A-4306-A309-91B127DAFD45}\ARPPRODUCTICON.exe
2013-08-06 17:28:27 90624 ----a-w- C:\Windows\SysWow64\grep.exe
2013-08-06 17:28:27 105064 ----a-w- C:\Windows\SysWow64\ls.exe
2013-08-06 01:40:35 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Programs
2013-08-06 00:31:01 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\avidemux
2013-08-06 00:19:08 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\VidCoder
2013-08-05 03:37:45 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Emerge Desktop
2013-08-05 02:41:30 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\stayfocused2
2013-08-05 02:41:13 -------- d-----w- C:\Program Files (x86)\Stayfocused
2013-08-04 20:51:19 197264 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2013-07-27 23:10:58 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Microsoft_Corporation
2013-07-26 19:43:10 -------- d-----w- C:\ProgramData\Tenable
2013-07-26 19:43:10 -------- d-----w- C:\Program Files\Nessus
2013-07-26 19:42:00 46816 ----a-w- C:\Windows\System32\drivers\NessusMp60.sys
2013-07-26 16:12:33 238352 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2013-07-26 16:12:17 120080 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2013-07-26 16:12:12 -------- d-----w- C:\Program Files\Oracle
2013-07-25 16:10:23 -------- d-----w- C:\Users\Zewolfe\.MakeMKV
2013-07-24 15:23:59 -------- d-----w- C:\Users\Zewolfe\AppData\Local\uGet
2013-07-23 02:54:29 -------- d-----w- C:\ProgramData\Softland
2013-07-23 02:45:57 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Softland
2013-07-23 02:23:10 -------- d-----w- C:\Users\Zewolfe\.areca
2013-07-23 00:14:14 -------- d-----w- C:\Users\Zewolfe\.ipython
2013-07-22 22:17:54 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Rafal
2013-07-22 19:05:33 -------- d-----w- C:\ProgramData\APN
2013-07-22 18:44:32 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\xVideoServiceThief
2013-07-22 03:57:36 -------- d-----w- C:\ProgramData\AMMYY
2013-07-22 03:11:08 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Arnaud_Dovi
2013-07-22 03:09:46 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Duplicati
2013-07-16 19:46:25 -------- d-----w- C:\Users\Zewolfe\HP_USB_BAK
2013-07-15 04:01:56 -------- d-----w- C:\Windows\System32\MRT
2013-07-15 02:44:49 119808 ----a-r- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2013-07-15 02:44:49 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Apps
2013-07-11 18:19:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-07-11 18:19:59 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-11 18:19:59 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-11 18:19:59 1084928 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-07-11 02:07:38 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 02:07:38 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-11 02:07:38 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-11 02:07:38 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-11 02:07:38 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-11 02:07:38 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 02:07:38 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-11 02:07:38 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-11 02:07:38 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-11 02:07:37 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-11 02:07:37 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-11 02:01:55 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-11 02:01:52 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 02:01:52 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 02:01:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-11 02:01:04 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-10 03:33:59 4910088 ----a-w- C:\Windows\System32\D3DX9_37.dll
2013-07-10 03:33:59 3786760 ----a-w- C:\Windows\SysWow64\D3DX9_37.dll
2013-07-08 22:02:00 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\LockHunter
2013-07-08 22:01:42 -------- d-----w- C:\Program Files\LockHunter
2013-07-08 16:53:10 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Apple
2013-07-08 16:51:07 192000 ----a-w- C:\Windows\System32\iisRtl.dll
2013-07-08 16:51:06 55296 ----a-w- C:\Windows\System32\admwprox.dll
2013-07-08 16:51:06 154624 ----a-w- C:\Windows\SysWow64\iisRtl.dll
2013-07-08 16:51:05 50688 ----a-w- C:\Windows\SysWow64\admwprox.dll
2013-07-08 16:51:04 60928 ----a-w- C:\Windows\System32\ahadmin.dll
2013-07-08 16:51:04 26624 ----a-w- C:\Windows\SysWow64\ahadmin.dll
2013-07-08 16:51:04 16896 ----a-w- C:\Windows\System32\iisreset.exe
2013-07-08 16:51:04 15360 ----a-w- C:\Windows\SysWow64\iisreset.exe
2013-07-08 16:51:04 14848 ----a-w- C:\Windows\System32\wamregps.dll
2013-07-08 16:51:03 8192 ----a-w- C:\Windows\SysWow64\iisrstap.dll
2013-07-08 16:51:03 11264 ----a-w- C:\Windows\System32\iisrstap.dll
2013-07-08 16:51:03 10752 ----a-w- C:\Windows\SysWow64\wamregps.dll
2013-07-05 21:20:54 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Microsoft Corporation
2013-07-05 19:46:24 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\XnConvert
2013-07-05 16:31:30 -------- d-----w- C:\Users\Zewolfe\.aria2
2013-07-05 02:02:34 -------- d-----w- C:\ProgramData\MySQL
2013-07-05 01:52:39 -------- d-----w- C:\Program Files\runphp
2013-07-04 23:13:31 -------- d-----r- C:\Program Files (x86)\Skype
2013-07-04 21:57:00 146704 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2013-07-04 21:57:00 131856 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2013-07-04 21:56:58 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2013-06-29 18:37:26 40016 ----a-w- C:\Windows\System32\dfmirage.dll
2013-06-29 18:37:26 36432 ----a-w- C:\Windows\System32\drivers\dfmirage.sys
2013-06-29 18:29:11 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\TightVNC
2013-06-29 18:25:25 -------- d-----w- C:\Program Files\TightVNC
2013-06-26 23:03:46 -------- d-----w- C:\Program Files (x86)\Auralog
2013-06-26 14:37:04 2990080 ----a-w- C:\Users\Zewolfe\ntuser.dat.tmp
2013-06-26 14:33:46 -------- d-----w- C:\Program Files\Mz Registry Backup
2013-06-24 22:00:47 -------- d-----w- C:\Users\Zewolfe\AppData\Local\TextCrawler
2013-06-24 22:00:30 -------- d-----w- C:\Program Files (x86)\TextCrawler2
2013-06-24 16:58:16 -------- d-----w- C:\Users\Zewolfe\My Backup Files
2013-06-22 21:43:33 -------- d-----w- C:\vcredist
2013-06-22 17:24:52 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Apple Computer
2013-06-22 14:54:59 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Macromedia
2013-06-22 09:40:19 -------- d-----w- C:\Users\Zewolfe\.VirtualBox
2013-06-20 22:48:19 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\PeaZip
2013-06-20 22:43:21 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\RealNetworks
2013-06-20 22:41:36 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\HandBrake
2013-06-20 17:23:04 447864 ----a-w- C:\Windows\System32\drivers\Apfiltr.sys
2013-06-20 17:23:04 113048 ----a-w- C:\Windows\System32\Vxdif.dll
2013-06-20 17:15:07 647736 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2013-06-20 17:15:07 28216 ----a-w- C:\Windows\System32\drivers\iaStorF.sys
2013-06-20 16:59:50 9888912 ----a-w- C:\Windows\SysWow64\RtsUVStoricon.dll
2013-06-20 16:54:16 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-06-20 16:52:24 542208 ----a-w- C:\Windows\System32\drivers\stwrt64.sys
2013-06-20 16:52:23 672256 ------w- C:\Windows\System32\stapi64.dll
2013-06-20 16:52:23 499200 ----a-w- C:\Windows\System32\stcplx64.dll
2013-06-20 16:52:23 -------- d-----w- C:\Program Files\IDT
2013-06-20 14:15:25 -------- d-----w- C:\Program Files\Handbrake
2013-06-20 14:08:22 -------- d-----w- C:\Program Files\VidCoder
2013-06-20 13:42:57 -------- d-----w- C:\Program Files\GIMP 2
2013-06-20 13:37:04 -------- d-----w- C:\Program Files\Avidemux 2.6
2013-06-20 13:24:32 -------- d-----w- C:\Program Files\Alex Feinman
2013-06-20 13:22:41 -------- d-----w- C:\ProgramData\DonationCoder
2013-06-20 13:19:16 -------- d-----w- C:\Program Files (x86)\WinPcap
2013-06-19 20:33:22 -------- d--h--w- C:\ProgramData\CanonIJScan
2013-06-19 19:46:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-06-19 19:45:38 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 19:45:38 -------- d-----w- C:\Program Files\iTunes
2013-06-19 19:45:38 -------- d-----w- C:\Program Files\iPod
2013-06-19 19:45:38 -------- d-----w- C:\Program Files (x86)\iTunes
2013-06-19 19:44:23 -------- d-----w- C:\Program Files\Bonjour
2013-06-19 19:44:23 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-06-19 19:01:18 -------- d-----w- C:\Windows\en
2013-06-19 18:55:35 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\939bb2011ce6d1e06\DSETUP.dll
2013-06-19 18:55:35 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\939bb2011ce6d1e06\DXSETUP.exe
2013-06-19 18:55:35 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\939bb2011ce6d1e06\dsetup32.dll
2013-06-19 18:55:32 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90c94d8d1ce6d1e05\DSETUP.dll
2013-06-19 18:55:32 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90c94d8d1ce6d1e05\DXSETUP.exe
2013-06-19 18:55:32 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90c94d8d1ce6d1e05\dsetup32.dll
2013-06-19 18:55:02 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80711a891ce6d1e01\DSETUP.dll
2013-06-19 18:55:02 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80711a891ce6d1e01\DXSETUP.exe
2013-06-19 18:55:02 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80711a891ce6d1e01\dsetup32.dll
2013-06-19 18:07:06 -------- d-----w- C:\Windows\SysWow64\Adobe
2013-06-19 17:58:20 -------- d-----w- C:\Program Files (x86)\RealNetworks
2013-06-19 17:58:17 -------- d-----w- C:\ProgramData\RealNetworks
2013-06-19 17:57:46 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2013-06-19 15:43:35 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-12 18:02:39 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-12 17:56:54 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-12 17:56:54 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-11 18:19:54 -------- d-----w- C:\Downloads
2013-06-11 18:19:53 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\BitComet
2013-06-11 15:22:29 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Disruptive Innovations SARL
2013-06-11 15:22:29 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Disruptive Innovations SARL
2013-06-11 14:41:26 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\JAM Software
2013-06-10 20:12:21 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Mozilla
.
==================== Find6M ====================
.
2013-08-04 20:45:34 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-04 20:45:34 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-26 23:04:13 4608 ----a-w- C:\Windows\SysWow64\w95inf32.dll
2013-06-26 23:04:13 2272 ----a-w- C:\Windows\SysWow64\w95inf16.dll
2013-06-19 17:57:17 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-06-19 17:57:17 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-06-13 03:48:23 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-13 03:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-01 09:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 09:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 20:22:33 192888 ----a-w- C:\Windows\System32\pfmzipfs.dll
2013-04-10 20:22:32 155512 ----a-w- C:\Windows\System32\pfmshellfs.dll
2013-04-10 20:22:32 148344 ----a-w- C:\Windows\System32\pfmsocketfs.dll
2013-04-10 20:22:31 378232 ----a-w- C:\Windows\System32\pfmpfolderfs.dll
2013-04-10 20:22:31 180088 ----a-w- C:\Windows\pfolder.exe
2013-04-10 20:22:31 125304 ----a-w- C:\Windows\System32\pfmmosaicfs.dll
2013-04-10 20:22:31 119672 ----a-w- C:\Windows\System32\pfmredirfs.dll
2013-04-10 20:22:30 282488 ----a-w- C:\Windows\System32\pfmisofs.dll
2013-04-10 20:22:30 226680 ----a-w- C:\Windows\System32\pfmshx_853.dll
2013-04-10 20:22:28 198520 ----a-w- C:\Windows\SysWow64\pfmshx_853.dll
2013-04-10 20:19:23 71032 ----a-w- C:\Windows\SysWow64\pfmsyshost.exe
2013-04-10 20:19:23 71032 ----a-w- C:\Windows\SysWow64\pfmhost.exe
2013-04-10 20:19:21 388472 ----a-w- C:\Windows\SysWow64\pfmapi_853.dll
2013-04-10 20:19:19 251128 ----a-w- C:\Windows\System32\drivers\pfmfs_853.sys
2013-04-10 20:19:19 205176 ----a-w- C:\Windows\pfmstat.exe
2013-04-10 20:19:19 140664 ----a-w- C:\Windows\pftest.exe
2013-04-10 20:19:18 86904 ----a-w- C:\Windows\pfmsyshost.exe
2013-04-10 20:19:18 86904 ----a-w- C:\Windows\pfmhost.exe
2013-04-10 20:19:16 459640 ----a-w- C:\Windows\System32\pfmapi_853.dll
2013-04-10 20:19:15 120184 ----a-w- C:\Windows\pfm.exe
2013-04-10 20:19:02 141176 ----a-w- C:\Windows\ptramfs.exe
2013-04-10 20:19:01 146296 ----a-w- C:\Windows\System32\pfmramfs.dll
2013-04-10 20:17:59 101752 ----a-w- C:\Windows\SysWow64\ptdllrun1.exe
2013-04-10 20:17:54 127864 ----a-w- C:\Windows\System32\ptdllrun1.exe
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-03 19:37:38 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2013-04-03 19:34:58 342416 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2013-04-03 19:34:46 182752 ----a-w- C:\Windows\System32\mfevtps.exe
2013-04-03 19:33:06 772944 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2013-04-03 19:32:14 516608 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2013-04-03 19:31:36 309968 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2013-04-03 19:31:14 179664 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-01 01:49:40 98040 ----a-w- C:\Windows\SysWow64\Packet.dll
2013-03-01 01:49:36 107768 ----a-w- C:\Windows\System32\Packet.dll
2013-03-01 01:49:22 370424 ----a-w- C:\Windows\System32\wpcap.dll
2013-03-01 01:49:12 36600 ----a-w- C:\Windows\System32\drivers\npf.sys
2013-03-01 01:49:08 282360 ----a-w- C:\Windows\SysWow64\wpcap.dll
2013-03-01 01:47:36 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2013-02-27 06:02:44 111448 ----a-w- C:\Windows\System32\consent.exe
2013-02-27 05:48:00 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-02-27 05:47:10 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-02-27 04:49:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-02-18 13:46:58 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2013-02-18 13:46:56 95856 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2013-02-18 13:46:50 337120 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.
============= FINISH: 11:50:32.94 ===============

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by Zewolfe at 11:50:17 on 2013-08-09
#Option Extended Search is enabled.
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8049.3635 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\System32\svchost.exe -k LPDService
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Spybot\SDFSSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\System32\tcpsvcs.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Spybot\SDUpdSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot\SDWSCSvc.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\ico.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot\SDTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\vds.exe
C:\Program Files\mcafee.com\agent\McUpdate.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [stayfocused2] C:\Program Files (x86)\Stayfocused\stayfocused.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [cwcptray] C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot\SDTray.exe"
StartupFolder: C:\Users\Zewolfe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZILL~1.LNK - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
StartupFolder: C:\Users\Zewolfe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: &D&ownload &with BitComet - C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Users\Public\Portable\BitComet_1.36\tools\bitcometbho.dll/206
LSP: C:\Windows\System32\cwalsp.dll
Trusted Zone: dell.com
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
TCP: NameServer = 192.168.0.2
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A} : DHCPNameServer = 192.168.0.2
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\1437862697F505C6163656 : DHCPNameServer = 205.211.206.30 205.211.192.35
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\1437862697F584F6D656 : DHCPNameServer = 205.211.206.30 205.211.192.35
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\4556E64616 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\84F67616270246560214D6F627 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\C696E6B6379737 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D7972F88-35B7-4D16-B97D-75753058823A}\E45445745414256343 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F53F2CB8-A6E6-46E8-B13C-28A1C0F3459C} : NameServer = 4.2.2.1,4.2.2.2
TCP: Interfaces\{F53F2CB8-A6E6-46E8-B13C-28A1C0F3459C} : DHCPNameServer = 192.168.0.2
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Keyboard Suite Daemon] C:\Windows\System32\xManager\PELKBD.EXE
x64-Run: [Mouse Suite 98 Daemon] ICO.EXE
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-20 20:19; {FCE04E1F-9378-4f39-96F6-5689A9159E45}; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: 2013-08-03 08:29; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
FF - ExtSQL: 2013-08-06 10:52; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; C:\Users\Zewolfe\AppData\Roaming\Mozilla\Firefox\Profiles\eia19x6f.default-1375556196811\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-6-20 647736]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-6-20 28216]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-10-16 20024]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-11-9 772944]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-11-9 342416]
R1 pfmfs_853;pfmfs_853;C:\Windows\System32\drivers\pfmfs_853.sys [2013-6-20 251128]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-7-18 659472]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-23 135984]
R2 CwAltaService20;ContentWatch;C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe [2012-9-12 3074624]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-25 14904]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-6-20 2451456]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-19 166720]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-23 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-1-3 174440]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-3 325808]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-1-3 1017016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-1-3 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-1-3 182752]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot\SDFSSvc.exe [2013-8-8 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot\SDUpdSvc.exe [2013-8-8 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot\SDWSCSvc.exe [2013-8-8 171928]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-6-25 1695040]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2012-5-30 16168]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-25 365376]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-8-23 3342640]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-7-18 198144]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-12-13 747008]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-9 70112]
R3 dfmirage;dfmirage;C:\Windows\System32\drivers\dfmirage.sys [2013-6-29 36432]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-10-16 358456]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-10-16 791608]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-10-9 25528]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-11-9 309968]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-9 516608]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-2-18 337120]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-2-15 769168]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\drivers\usb3Hub.sys [2012-10-9 47072]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\drivers\xHCIPort.sys [2012-10-9 188896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-7-18 198144]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-8-4 197264]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-10-9 35256]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-2-18 95856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-8-23 272688]
S3 NessusMp60;Nessus NDIS 6.X MPR Protocol Driver;C:\Windows\System32\drivers\NessusMp60.sys [2013-7-26 46816]
S3 pksmouse;KS Mouse Suite Driver;C:\Windows\System32\drivers\pksmouse.SYS [2012-10-24 22528]
S3 pksusblf;KS USB Mouse Low Filter Driver;C:\Windows\System32\drivers\pksusblf.sys [2012-10-24 11776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-28 19456]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-6-25 315536]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-28 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-28 30208]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2012-10-18 105816]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-2 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-21 1014096]
S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-21 1304912]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-21 1104208]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
.
=============== Created Last 60 ================
.
2013-08-09 16:26:22 -------- d-----w- C:\Program Files\trend micro
2013-08-09 14:40:25 -------- d-----w- C:\Program Files\HitmanPro
2013-08-08 19:31:32 -------- d-----w- C:\Program Files\CCleaner
2013-08-08 18:29:33 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Malwarebytes
2013-08-08 13:16:18 -------- d-----w- C:\ProgramData\Simply Super Software
2013-08-08 11:54:19 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-08-08 11:53:30 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-08-08 11:53:21 -------- d-----w- C:\Program Files (x86)\Spybot
2013-08-07 17:35:27 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Dell
2013-08-07 01:50:06 345480 ----a-r- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Installer\{39935111-E42A-4306-A309-91B127DAFD45}\ARPPRODUCTICON.exe
2013-08-06 17:28:27 90624 ----a-w- C:\Windows\SysWow64\grep.exe
2013-08-06 17:28:27 105064 ----a-w- C:\Windows\SysWow64\ls.exe
2013-08-06 01:40:35 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Programs
2013-08-06 00:31:01 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\avidemux
2013-08-06 00:19:08 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\VidCoder
2013-08-05 03:37:45 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Emerge Desktop
2013-08-05 02:41:30 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\stayfocused2
2013-08-05 02:41:13 -------- d-----w- C:\Program Files (x86)\Stayfocused
2013-08-04 20:51:19 197264 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2013-07-27 23:10:58 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Microsoft_Corporation
2013-07-26 19:43:10 -------- d-----w- C:\ProgramData\Tenable
2013-07-26 19:43:10 -------- d-----w- C:\Program Files\Nessus
2013-07-26 19:42:00 46816 ----a-w- C:\Windows\System32\drivers\NessusMp60.sys
2013-07-26 16:12:33 238352 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2013-07-26 16:12:17 120080 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2013-07-26 16:12:12 -------- d-----w- C:\Program Files\Oracle
2013-07-25 16:10:23 -------- d-----w- C:\Users\Zewolfe\.MakeMKV
2013-07-24 15:23:59 -------- d-----w- C:\Users\Zewolfe\AppData\Local\uGet
2013-07-23 02:54:29 -------- d-----w- C:\ProgramData\Softland
2013-07-23 02:45:57 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Softland
2013-07-23 02:23:10 -------- d-----w- C:\Users\Zewolfe\.areca
2013-07-23 00:14:14 -------- d-----w- C:\Users\Zewolfe\.ipython
2013-07-22 22:17:54 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Rafal
2013-07-22 19:05:33 -------- d-----w- C:\ProgramData\APN
2013-07-22 18:44:32 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\xVideoServiceThief
2013-07-22 03:57:36 -------- d-----w- C:\ProgramData\AMMYY
2013-07-22 03:11:08 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Arnaud_Dovi
2013-07-22 03:09:46 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Duplicati
2013-07-16 19:46:25 -------- d-----w- C:\Users\Zewolfe\HP_USB_BAK
2013-07-15 04:01:56 -------- d-----w- C:\Windows\System32\MRT
2013-07-15 02:44:49 119808 ----a-r- C:\Users\Zewolfe\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2013-07-15 02:44:49 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Apps
2013-07-11 18:19:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-07-11 18:19:59 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-11 18:19:59 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-11 18:19:59 1084928 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-07-11 02:07:38 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 02:07:38 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-11 02:07:38 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-11 02:07:38 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-11 02:07:38 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-11 02:07:38 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 02:07:38 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-11 02:07:38 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-11 02:07:38 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-11 02:07:37 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-11 02:07:37 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-11 02:01:55 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-11 02:01:52 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 02:01:52 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 02:01:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-11 02:01:04 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-10 03:33:59 4910088 ----a-w- C:\Windows\System32\D3DX9_37.dll
2013-07-10 03:33:59 3786760 ----a-w- C:\Windows\SysWow64\D3DX9_37.dll
2013-07-08 22:02:00 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\LockHunter
2013-07-08 22:01:42 -------- d-----w- C:\Program Files\LockHunter
2013-07-08 16:53:10 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Apple
2013-07-08 16:51:07 192000 ----a-w- C:\Windows\System32\iisRtl.dll
2013-07-08 16:51:06 55296 ----a-w- C:\Windows\System32\admwprox.dll
2013-07-08 16:51:06 154624 ----a-w- C:\Windows\SysWow64\iisRtl.dll
2013-07-08 16:51:05 50688 ----a-w- C:\Windows\SysWow64\admwprox.dll
2013-07-08 16:51:04 60928 ----a-w- C:\Windows\System32\ahadmin.dll
2013-07-08 16:51:04 26624 ----a-w- C:\Windows\SysWow64\ahadmin.dll
2013-07-08 16:51:04 16896 ----a-w- C:\Windows\System32\iisreset.exe
2013-07-08 16:51:04 15360 ----a-w- C:\Windows\SysWow64\iisreset.exe
2013-07-08 16:51:04 14848 ----a-w- C:\Windows\System32\wamregps.dll
2013-07-08 16:51:03 8192 ----a-w- C:\Windows\SysWow64\iisrstap.dll
2013-07-08 16:51:03 11264 ----a-w- C:\Windows\System32\iisrstap.dll
2013-07-08 16:51:03 10752 ----a-w- C:\Windows\SysWow64\wamregps.dll
2013-07-05 21:20:54 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Microsoft Corporation
2013-07-05 19:46:24 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\XnConvert
2013-07-05 16:31:30 -------- d-----w- C:\Users\Zewolfe\.aria2
2013-07-05 02:02:34 -------- d-----w- C:\ProgramData\MySQL
2013-07-05 01:52:39 -------- d-----w- C:\Program Files\runphp
2013-07-04 23:13:31 -------- d-----r- C:\Program Files (x86)\Skype
2013-07-04 21:57:00 146704 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2013-07-04 21:57:00 131856 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2013-07-04 21:56:58 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2013-06-29 18:37:26 40016 ----a-w- C:\Windows\System32\dfmirage.dll
2013-06-29 18:37:26 36432 ----a-w- C:\Windows\System32\drivers\dfmirage.sys
2013-06-29 18:29:11 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\TightVNC
2013-06-29 18:25:25 -------- d-----w- C:\Program Files\TightVNC
2013-06-26 23:03:46 -------- d-----w- C:\Program Files (x86)\Auralog
2013-06-26 14:37:04 2990080 ----a-w- C:\Users\Zewolfe\ntuser.dat.tmp
2013-06-26 14:33:46 -------- d-----w- C:\Program Files\Mz Registry Backup
2013-06-24 22:00:47 -------- d-----w- C:\Users\Zewolfe\AppData\Local\TextCrawler
2013-06-24 22:00:30 -------- d-----w- C:\Program Files (x86)\TextCrawler2
2013-06-24 16:58:16 -------- d-----w- C:\Users\Zewolfe\My Backup Files
2013-06-22 21:43:33 -------- d-----w- C:\vcredist
2013-06-22 17:24:52 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Apple Computer
2013-06-22 14:54:59 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Macromedia
2013-06-22 09:40:19 -------- d-----w- C:\Users\Zewolfe\.VirtualBox
2013-06-20 22:48:19 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\PeaZip
2013-06-20 22:43:21 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\RealNetworks
2013-06-20 22:41:36 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\HandBrake
2013-06-20 17:23:04 447864 ----a-w- C:\Windows\System32\drivers\Apfiltr.sys
2013-06-20 17:23:04 113048 ----a-w- C:\Windows\System32\Vxdif.dll
2013-06-20 17:15:07 647736 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2013-06-20 17:15:07 28216 ----a-w- C:\Windows\System32\drivers\iaStorF.sys
2013-06-20 16:59:50 9888912 ----a-w- C:\Windows\SysWow64\RtsUVStoricon.dll
2013-06-20 16:54:16 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-06-20 16:52:24 542208 ----a-w- C:\Windows\System32\drivers\stwrt64.sys
2013-06-20 16:52:23 672256 ------w- C:\Windows\System32\stapi64.dll
2013-06-20 16:52:23 499200 ----a-w- C:\Windows\System32\stcplx64.dll
2013-06-20 16:52:23 -------- d-----w- C:\Program Files\IDT
2013-06-20 14:15:25 -------- d-----w- C:\Program Files\Handbrake
2013-06-20 14:08:22 -------- d-----w- C:\Program Files\VidCoder
2013-06-20 13:42:57 -------- d-----w- C:\Program Files\GIMP 2
2013-06-20 13:37:04 -------- d-----w- C:\Program Files\Avidemux 2.6
2013-06-20 13:24:32 -------- d-----w- C:\Program Files\Alex Feinman
2013-06-20 13:22:41 -------- d-----w- C:\ProgramData\DonationCoder
2013-06-20 13:19:16 -------- d-----w- C:\Program Files (x86)\WinPcap
2013-06-19 20:33:22 -------- d--h--w- C:\ProgramData\CanonIJScan
2013-06-19 19:46:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-06-19 19:45:38 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 19:45:38 -------- d-----w- C:\Program Files\iTunes
2013-06-19 19:45:38 -------- d-----w- C:\Program Files\iPod
2013-06-19 19:45:38 -------- d-----w- C:\Program Files (x86)\iTunes
2013-06-19 19:44:23 -------- d-----w- C:\Program Files\Bonjour
2013-06-19 19:44:23 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-19 19:21:14 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-06-19 19:01:18 -------- d-----w- C:\Windows\en
2013-06-19 18:55:35 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\939bb2011ce6d1e06\DSETUP.dll
2013-06-19 18:55:35 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\939bb2011ce6d1e06\DXSETUP.exe
2013-06-19 18:55:35 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\939bb2011ce6d1e06\dsetup32.dll
2013-06-19 18:55:32 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90c94d8d1ce6d1e05\DSETUP.dll
2013-06-19 18:55:32 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90c94d8d1ce6d1e05\DXSETUP.exe
2013-06-19 18:55:32 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\90c94d8d1ce6d1e05\dsetup32.dll
2013-06-19 18:55:02 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80711a891ce6d1e01\DSETUP.dll
2013-06-19 18:55:02 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80711a891ce6d1e01\DXSETUP.exe
2013-06-19 18:55:02 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\80711a891ce6d1e01\dsetup32.dll
2013-06-19 18:07:06 -------- d-----w- C:\Windows\SysWow64\Adobe
2013-06-19 17:58:20 -------- d-----w- C:\Program Files (x86)\RealNetworks
2013-06-19 17:58:17 -------- d-----w- C:\ProgramData\RealNetworks
2013-06-19 17:57:46 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2013-06-19 15:43:35 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-12 18:02:39 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-12 17:56:54 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-12 17:56:54 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-11 18:19:54 -------- d-----w- C:\Downloads
2013-06-11 18:19:53 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\BitComet
2013-06-11 15:22:29 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\Disruptive Innovations SARL
2013-06-11 15:22:29 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Disruptive Innovations SARL
2013-06-11 14:41:26 -------- d-----w- C:\Users\Zewolfe\AppData\Roaming\JAM Software
2013-06-10 20:12:21 -------- d-----w- C:\Users\Zewolfe\AppData\Local\Mozilla
.
==================== Find6M ====================
.
2013-08-04 20:45:34 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-04 20:45:34 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-26 23:04:13 4608 ----a-w- C:\Windows\SysWow64\w95inf32.dll
2013-06-26 23:04:13 2272 ----a-w- C:\Windows\SysWow64\w95inf16.dll
2013-06-19 17:57:17 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-06-19 17:57:17 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-06-13 03:48:23 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-13 03:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-01 09:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 09:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 20:22:33 192888 ----a-w- C:\Windows\System32\pfmzipfs.dll
2013-04-10 20:22:32 155512 ----a-w- C:\Windows\System32\pfmshellfs.dll
2013-04-10 20:22:32 148344 ----a-w- C:\Windows\System32\pfmsocketfs.dll
2013-04-10 20:22:31 378232 ----a-w- C:\Windows\System32\pfmpfolderfs.dll
2013-04-10 20:22:31 180088 ----a-w- C:\Windows\pfolder.exe
2013-04-10 20:22:31 125304 ----a-w- C:\Windows\System32\pfmmosaicfs.dll
2013-04-10 20:22:31 119672 ----a-w- C:\Windows\System32\pfmredirfs.dll
2013-04-10 20:22:30 282488 ----a-w- C:\Windows\System32\pfmisofs.dll
2013-04-10 20:22:30 226680 ----a-w- C:\Windows\System32\pfmshx_853.dll
2013-04-10 20:22:28 198520 ----a-w- C:\Windows\SysWow64\pfmshx_853.dll
2013-04-10 20:19:23 71032 ----a-w- C:\Windows\SysWow64\pfmsyshost.exe
2013-04-10 20:19:23 71032 ----a-w- C:\Windows\SysWow64\pfmhost.exe
2013-04-10 20:19:21 388472 ----a-w- C:\Windows\SysWow64\pfmapi_853.dll
2013-04-10 20:19:19 251128 ----a-w- C:\Windows\System32\drivers\pfmfs_853.sys
2013-04-10 20:19:19 205176 ----a-w- C:\Windows\pfmstat.exe
2013-04-10 20:19:19 140664 ----a-w- C:\Windows\pftest.exe
2013-04-10 20:19:18 86904 ----a-w- C:\Windows\pfmsyshost.exe
2013-04-10 20:19:18 86904 ----a-w- C:\Windows\pfmhost.exe
2013-04-10 20:19:16 459640 ----a-w- C:\Windows\System32\pfmapi_853.dll
2013-04-10 20:19:15 120184 ----a-w- C:\Windows\pfm.exe
2013-04-10 20:19:02 141176 ----a-w- C:\Windows\ptramfs.exe
2013-04-10 20:19:01 146296 ----a-w- C:\Windows\System32\pfmramfs.dll
2013-04-10 20:17:59 101752 ----a-w- C:\Windows\SysWow64\ptdllrun1.exe
2013-04-10 20:17:54 127864 ----a-w- C:\Windows\System32\ptdllrun1.exe
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-03 19:37:38 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2013-04-03 19:34:58 342416 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2013-04-03 19:34:46 182752 ----a-w- C:\Windows\System32\mfevtps.exe
2013-04-03 19:33:06 772944 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2013-04-03 19:32:14 516608 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2013-04-03 19:31:36 309968 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2013-04-03 19:31:14 179664 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-01 01:49:40 98040 ----a-w- C:\Windows\SysWow64\Packet.dll
2013-03-01 01:49:36 107768 ----a-w- C:\Windows\System32\Packet.dll
2013-03-01 01:49:22 370424 ----a-w- C:\Windows\System32\wpcap.dll
2013-03-01 01:49:12 36600 ----a-w- C:\Windows\System32\drivers\npf.sys
2013-03-01 01:49:08 282360 ----a-w- C:\Windows\SysWow64\wpcap.dll
2013-03-01 01:47:36 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2013-02-27 06:02:44 111448 ----a-w- C:\Windows\System32\consent.exe
2013-02-27 05:48:00 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-02-27 05:47:10 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-02-27 04:49:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-02-18 13:46:58 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2013-02-18 13:46:56 95856 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2013-02-18 13:46:50 337120 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.
============= FINISH: 11:50:32.94 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/3/2012 12:46:19 AM
System Uptime: 8/9/2013 8:28:06 AM (3 hours ago)
.
Motherboard: Dell Inc. | | 023HTX
Processor: Intel® Core™ i7-3612QM CPU @ 2.10GHz | CPU Socket - U3E1 | 2101/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 916 GiB total, 481.191 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Bluetooth Device (Personal Area Network)
Device ID: BTH\MS_BTHPAN\7&21199F6D&0&2
Manufacturer: Microsoft
Name: Bluetooth Device (Personal Area Network)
PNP Device ID: BTH\MS_BTHPAN\7&21199F6D&0&2
Service: BthPan
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Bluetooth Device (RFCOMM Protocol TDI)
Device ID: BTH\MS_RFCOMM\7&21199F6D&0&0
Manufacturer: Microsoft
Name: Bluetooth Device (RFCOMM Protocol TDI)
PNP Device ID: BTH\MS_RFCOMM\7&21199F6D&0&0
Service: RFCOMM
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7) MUI
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 2.0.3
Avidemux 2.6
Bonjour
Boris Graffiti for Corel
Canon Easy-WebPrint EX
Canon IJ Scan Utility
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP230 series MP Drivers
Canon MP230 series On-screen Manual
Canon My Image Garden
Canon My Image Garden Design Files
Canon My Printer
Canon Quick Menu
CCleaner
CheckerBoard 1.72
Contents
Corel VideoStudio Pro Title Pack
Corel VideoStudio Ultimate X5
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Edoc Viewer
Dell Touchpad
DemoForge Mirage Driver for TightVNC 2.0
e-Sword
Exact Audio Copy 1.0beta3
FFmpeg v0.6.2 for Audacity
FreeFixer
GIMP 2.8.4
GNU Backgammon (MAIN branch, 20121023 code)
GnuWin32: Grep-2.5.4
GnuWin32: sed-4.2.1
HandBrake 0.9.9.1
HP Deskjet 2050 J510 series Basic Device Software
ICA
IDT Audio
ImgBurn
Intel PROSet Wireless
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Turbo Boost Technology Monitor 2.6
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® WiDi
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
IPM_VS_Pro
IrfanView (remove only)
ISCOM
ISO Recorder
iTunes
Java 7 Update 25
Java Auto Updater
Kensington SlimBlade Driver
LADSPA_plugins-win-0.4.15
LG PC Suite II
LG United Mobile Driver
LockHunter 2.0 beta 2, 64 bit
McAfee AntiVirus Plus
Media Go
Media Go Video Playback Engine 1.116.104.02020
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5 SDK
Microsoft Application Error Reporting
Microsoft Help Viewer 2.0
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Sync Framework 2.0 Core Components (x64) ENU
Microsoft Sync Framework 2.0 Provider Services (x64) ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
MozBackup 1.5.1
Mozilla Firefox 23.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.8 (x86 en-US)
Mp3tag v2.55a
MSVCRT
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Dell
Mz Registry Backup
Net Nanny Parental Controls
NewBlue Titler EX for Corel VSX5
Notepad++
NWZ-E460 WALKMAN Guide
OGS Mahjong 1.0.1
Oracle VM VirtualBox 4.2.16
Phlipple 0.8.5
Photo Common
Photo Gallery
Pismo File Mount Audit Package
PlayReady PC Runtime amd64
PlayStation®Network Downloader
PlayStation®Store
Prerequisites for SSDT
PRGrep
proDAD Mercalli 2.0
proDAD Route 4.0
proDAD Vitascene 2.0
Proxima Controller
Quickset64
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller All-In-One Windows Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
SameGame
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Setup
Share
Share64
Shared C Run-time for x64
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Skype™ 6.6
SmartSound Common Data
SmartSound Quicktracks 5
Spybot - Search & Destroy
Stayfocused version 2.2.6
swMSM
SyncToy 2.1 (x64)
System Requirements Lab for Intel
TELL ME MORE
Tenable Nessus (x64)
Tetra Blocks v1.54
TextCrawler 2.5
Update for (KB2504637)
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514)
URL Snooper v2.32.01
VidCoder 1.4.23 (x64)
VLC media player 2.0.7
VSClassic
VSHelp
VSUltimate
WaveAgent
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinPcap 4.1.3
Xml Viewer
.
==== Event Viewer Messages From Past Week ========
.
8/9/2013 8:28:32 AM, Error: Microsoft-Windows-IIS-APPHOSTSVC [9010] - The Application Host Helper Service encountered an error trying to access the root history directory 'C:\inetpub\history'. The directory either doesn't exist or the permissions on it don't allow the history service to access it. The config history feature is disabled for now and will be re-enabled after the issue is resolved. To resolve this issue, please ensure that the directory exists and that the Administrators group have read and write access to it. The data field contains the error number.
8/8/2013 9:10:19 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
8/8/2013 9:10:19 AM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/8/2013 9:09:19 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
8/8/2013 9:09:19 AM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/8/2013 9:05:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
8/8/2013 9:03:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service Bluetooth Device Monitor with arguments "" in order to run the server: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}
8/8/2013 9:02:56 AM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
8/8/2013 9:02:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
8/8/2013 9:02:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
8/8/2013 9:02:40 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
8/8/2013 9:02:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/8/2013 9:02:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/8/2013 9:02:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/8/2013 9:02:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
8/8/2013 8:55:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
8/8/2013 8:55:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
8/8/2013 8:55:19 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
8/8/2013 8:54:09 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
8/8/2013 8:53:54 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr VBoxDrv VBoxUSBMon Wanarpv6
8/8/2013 8:53:51 AM, Error: Service Control Manager [7001] - The LPD Service service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.
8/8/2013 8:53:51 AM, Error: Service Control Manager [7001] - The HomeGroup Listener service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
8/8/2013 5:44:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
8/8/2013 3:50:01 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR5.
8/8/2013 3:41:12 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR4.
8/8/2013 1:36:08 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
8/8/2013 1:30:00 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
8/7/2013 9:54:55 AM, Error: Service Control Manager [7034] - The Virtual Disk service terminated unexpectedly. It has done this 1 time(s).
8/5/2013 12:13:36 AM, Error: volmgr [45] - The system could not sucessfully load the crash dump driver.
8/5/2013 11:05:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® PROSet/Wireless Zero Configuration Service service to connect.
8/5/2013 11:05:49 AM, Error: Service Control Manager [7000] - The Intel® PROSet/Wireless Zero Configuration Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/5/2013 10:36:11 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
8/5/2013 10:29:43 AM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
8/5/2013 10:29:43 AM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
8/5/2013 10:29:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McAfee SiteAdvisor Service service.
8/5/2013 10:29:31 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Firewall Core Service service to connect.
8/5/2013 10:29:31 AM, Error: Service Control Manager [7000] - The McAfee Firewall Core Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/4/2013 2:45:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Proxy Service service to connect.
8/4/2013 2:45:44 PM, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/4/2013 2:45:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Personal Firewall Service service to connect.
8/4/2013 2:45:42 PM, Error: Service Control Manager [7000] - The McAfee Personal Firewall Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/4/2013 2:45:41 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Home Network service to connect.
8/4/2013 2:45:41 PM, Error: Service Control Manager [7000] - The McAfee Home Network service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

Logfile of HijackThis v1.99.1
Scan saved at 3:53:12 PM, on 8/9/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)

Running processes:
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot\SDTray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
F:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Users\Public\Portable\BitComet_1.36\tools\bitcometbho.dll (file missing)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [cwcptray] C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot\SDTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [stayfocused2] C:\Program Files (x86)\Stayfocused\stayfocused.exe
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Users\Public\Portable\BitComet_1.36\BitComet_x64.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Users\Public\Portable\BitComet_1.36\tools\bitcometbho.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O15 - Trusted Zone: *.dell.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F53F2CB8-A6E6-46E8-B13C-28A1C0F3459C}: NameServer = 4.2.2.1,4.2.2.2
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: ContentWatch (CwAltaService20) - ContentWatch, Inc. - C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: McAfee Home Network (HomeNetSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc (file missing)
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Intel® Turbo Boost Technology Monitor 2.6 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

MiniToolBox by Farbar Version: 13-07-2013
Ran by Zewolfe (administrator) on 09-08-2013 at 16:11:13
Running from "C:\Users\Zewolfe\Desktop\_SPECIAL_PROJECTS_\Security Tools\Malware tools and reports"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 2230 = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="ethernet_23" address=192.168.174.1 mask=255.255.255.0
add address name="ethernet_23" address=192.168.80.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network-WFP LightWeight Filter-0000" address=192.168.66.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network-WFP LightWeight Filter-0000" address=192.168.150.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Banderet2
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 5C-F9-DD-41-96-3D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::24c1:b8ff:8f28:1614%21(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 09, 2013 3:45:15 PM
Lease Expires . . . . . . . . . . : Saturday, August 10, 2013 3:45:15 PM
Default Gateway . . . . . . . . . : 192.168.0.2
DHCP Server . . . . . . . . . . . : 192.168.0.2
DHCPv6 IAID . . . . . . . . . . . : 559741405
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-B0-21-CB-68-5D-43-6D-3F-D0
DNS Servers . . . . . . . . . . . : 4.2.2.1
4.2.2.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
Physical Address. . . . . . . . . : 68-5D-43-6D-3F-D0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d0e2:24bb:462b:19ae%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 09, 2013 3:45:54 PM
Lease Expires . . . . . . . . . . : Saturday, August 10, 2013 3:45:54 PM
Default Gateway . . . . . . . . . : 192.168.0.2
DHCP Server . . . . . . . . . . . : 192.168.0.2
DHCPv6 IAID . . . . . . . . . . . : 191388995
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-B0-21-CB-68-5D-43-6D-3F-D0
DNS Servers . . . . . . . . . . . : 192.168.0.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-38-A5
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e906:f9d5:91fc:92e7%28(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 638058535
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-B0-21-CB-68-5D-43-6D-3F-D0
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D7972F88-35B7-4D16-B97D-75753058823A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.amnethn.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F53F2CB8-A6E6-46E8-B13C-28A1C0F3459C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {3081333B-6019-40F9-AE57-2577EB1596A7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:18e8:8a4:414a:1d96(Preferred)
Link-local IPv6 Address . . . . . : fe80::18e8:8a4:414a:1d96%23(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{146184E4-6463-42E2-ABAB-98F710B52EFA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.134.102] with 32 bytes of data:
Reply from 74.125.134.102: bytes=32 time=223ms TTL=42
Reply from 74.125.134.102: bytes=32 time=254ms TTL=42

Ping statistics for 74.125.134.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 223ms, Maximum = 254ms, Average = 238ms

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=228ms TTL=45
Reply from 98.139.183.24: bytes=32 time=234ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 228ms, Maximum = 234ms, Average = 231ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
21...5c f9 dd 41 96 3d ......Realtek PCIe FE Family Controller
11...68 5d 43 6d 3f d0 ......Intel® Centrino® Wireless-N 2230
28...08 00 27 00 38 a5 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
23...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.2 192.168.0.12 276
0.0.0.0 0.0.0.0 192.168.0.2 192.168.0.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.12 276
192.168.0.0 255.255.255.0 On-link 192.168.0.3 281
192.168.0.3 255.255.255.255 On-link 192.168.0.3 281
192.168.0.12 255.255.255.255 On-link 192.168.0.12 276
192.168.0.255 255.255.255.255 On-link 192.168.0.12 276
192.168.0.255 255.255.255.255 On-link 192.168.0.3 281
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 192.168.0.12 276
224.0.0.0 240.0.0.0 On-link 192.168.0.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 192.168.0.12 276
255.255.255.255 255.255.255.255 On-link 192.168.0.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
23 58 ::/0 On-link
1 306 ::1/128 On-link
23 58 2001::/32 On-link
23 306 2001:0:9d38:6ab8:18e8:8a4:414a:1d96/128
On-link
28 276 fe80::/64 On-link
21 276 fe80::/64 On-link
11 281 fe80::/64 On-link
23 306 fe80::/64 On-link
23 306 fe80::18e8:8a4:414a:1d96/128
On-link
21 276 fe80::24c1:b8ff:8f28:1614/128
On-link
11 281 fe80::d0e2:24bb:462b:19ae/128
On-link
28 276 fe80::e906:f9d5:91fc:92e7/128
On-link
1 306 ff00::/8 On-link
23 306 ff00::/8 On-link
28 276 ff00::/8 On-link
21 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 02 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 03 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 04 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 05 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 06 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 07 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 08 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 09 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 10 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 11 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 12 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
Catalog9 25 C:\Windows\system32\cwalsp.dll [1053760] (ContentWatch, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 02 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 03 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 04 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 05 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 06 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 07 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 08 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 09 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 10 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 11 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 12 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 20 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 21 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 22 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 23 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 24 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)
x64-Catalog9 25 C:\Windows\System32\cwalsp64.dll [1550848] (ContentWatch, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/09/2013 03:45:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2013 10:39:37 AM) (Source: Application Error) (User: )
Description: Faulting application name: cz8i1g0d.exe, version: 2.1.19163.0, time stamp: 0x515d31f0
Faulting module name: cz8i1g0d.exe, version: 2.1.19163.0, time stamp: 0x515d31f0
Exception code: 0xc0000005
Fault offset: 0x0008c9be
Faulting process id: 0x1318
Faulting application start time: 0xcz8i1g0d.exe0
Faulting application path: cz8i1g0d.exe1
Faulting module path: cz8i1g0d.exe2
Report Id: cz8i1g0d.exe3

Error: (08/09/2013 08:28:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2013 08:18:17 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (08/09/2013 08:02:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2013 01:55:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2013 01:42:01 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 10.0.9200.16635 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 247c

Start Time: 01ce946f51b0d08d

Termination Time: 3

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 94f7b2aa-0062-11e3-95f6-5cf9dd41963d

Error: (08/08/2013 09:08:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2013 08:55:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2013 08:11:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/09/2013 03:45:15 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (08/09/2013 03:45:09 PM) (Source: APPHOSTSVC) (User: )
Description: The Application Host Helper Service encountered an error trying to access the root history directory 'C:\inetpub\history'. The directory either doesn't exist or the permissions on it don't allow the history service to access it. The config history feature is disabled for now and will be re-enabled after the issue is resolved. To resolve this issue, please ensure that the directory exists and that the Administrators group have read and write access to it. The data field contains the error number.

Error: (08/09/2013 01:45:47 PM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (08/09/2013 08:28:32 AM) (Source: APPHOSTSVC) (User: )
Description: The Application Host Helper Service encountered an error trying to access the root history directory 'C:\inetpub\history'. The directory either doesn't exist or the permissions on it don't allow the history service to access it. The config history feature is disabled for now and will be re-enabled after the issue is resolved. To resolve this issue, please ensure that the directory exists and that the Administrators group have read and write access to it. The data field contains the error number.

Error: (08/09/2013 08:01:32 AM) (Source: APPHOSTSVC) (User: )
Description: The Application Host Helper Service encountered an error trying to access the root history directory 'C:\inetpub\history'. The directory either doesn't exist or the permissions on it don't allow the history service to access it. The config history feature is disabled for now and will be re-enabled after the issue is resolved. To resolve this issue, please ensure that the directory exists and that the Administrators group have read and write access to it. The data field contains the error number.

Error: (08/08/2013 03:50:01 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR5.

Error: (08/08/2013 03:50:00 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR5.

Error: (08/08/2013 03:49:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR5.

Error: (08/08/2013 03:41:12 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR4.

Error: (08/08/2013 03:41:11 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR4.


Microsoft Office Sessions:
=========================
Error: (08/09/2013 03:45:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2013 10:39:37 AM) (Source: Application Error)(User: )
Description: cz8i1g0d.exe2.1.19163.0515d31f0cz8i1g0d.exe2.1.19163.0515d31f0c00000050008c9be131801ce951eea765ec4C:\Users\Zewolfe\Desktop\_SPECIAL_PROJECTS_\Security Tools\cz8i1g0d.exeC:\Users\Zewolfe\Desktop\_SPECIAL_PROJECTS_\Security Tools\cz8i1g0d.exe46eeb72f-0112-11e3-9b62-5cf9dd41963d

Error: (08/09/2013 08:28:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2013 08:18:17 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (08/09/2013 08:02:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2013 01:55:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2013 01:42:01 PM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.16635247c01ce946f51b0d08d3C:\Program Files\Internet Explorer\iexplore.exe94f7b2aa-0062-11e3-95f6-5cf9dd41963d

Error: (08/08/2013 09:08:55 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2013 08:55:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2013 08:11:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2013-08-04 14:44:07.328
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore_3_8\VSC7419.tmp\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-04 14:44:07.326
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore_3_8\VSC7419.tmp\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-04 14:44:07.323
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore_3_8\VSC7419.tmp\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-04 14:44:07.262
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore_3_8\VSC7419.tmp\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-09 09:33:48.743
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-09 09:33:48.696
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-09 09:33:48.634
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-09 09:33:48.575
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-09 09:18:16.182
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-09 09:18:16.179
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.5.0.1060)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) MUI (Version: 10.1.7)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0.3 (Version: 2.0.3)
Avidemux 2.6 (Version: 2.6.1.8321)
Bonjour (Version: 3.0.0.10)
Boris Graffiti for Corel (Version: 5.40.0700)
Canon Easy-WebPrint EX (Version: 1.3.5.0)
Canon IJ Scan Utility
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (Version: 4.0.0)
Canon MP230 series MP Drivers (Version: 1.00)
Canon MP230 series On-screen Manual (Version: 7.5.0)
Canon My Image Garden (Version: 1.0.0)
Canon My Image Garden Design Files (Version: 1.0.0)
Canon My Printer (Version: 3.0.0)
Canon Quick Menu (Version: 2.0.0)
CCleaner (Version: 4.04)
CheckerBoard 1.72
Contents (Version: 15.0.0.258)
Corel VideoStudio Pro Title Pack (Version: 1.00.0000)
Corel VideoStudio Ultimate X5 (Version: 15.2.0.10)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.67)
Dell DataSafe Local Backup (Version: 9.4.67)
Dell Edoc Viewer (Version: 1.0.0)
Dell Touchpad (Version: 8.1200.101.214)
DemoForge Mirage Driver for TightVNC 2.0 (Version: 2.0)
e-Sword (Version: 10.01.0000)
Exact Audio Copy 1.0beta3 (Version: 1.0beta3)
FFmpeg v0.6.2 for Audacity
FreeFixer (Version: 1.04)
GIMP 2.8.4 (Version: 2.8.4)
GNU Backgammon (MAIN branch, 20121023 code)
GnuWin32: Grep-2.5.4 (Version: 2.5.4)
GnuWin32: sed-4.2.1 (Version: 4.2.1)
HandBrake 0.9.9.1 (Version: 0.9.9.1)
HP Deskjet 2050 J510 series Basic Device Software (Version: 28.0.1313.0)
ICA (Version: 15.0.0.258)
IDT Audio (Version: 1.0.6426.0)
ImgBurn (Version: 2.5.8.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1008)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2932)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.3.0.0398)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.0.0.0090)
Intel® Rapid Storage Technology (Version: 11.6.0.1030)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Turbo Boost Technology Monitor 2.6 (Version: 2.6.2.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.6.245)
Intel® WiDi (Version: 3.5.40.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.03.1000.1637)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
IPM_VS_Pro (Version: 15.0)
IrfanView (remove only) (Version: 4.35)
ISCOM (Version: 15.0.0.258)
ISO Recorder (Version: 3.1.0)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Kensington SlimBlade Driver
LADSPA_plugins-win-0.4.15
LG PC Suite II (Version: 2.00.0000)
LG United Mobile Driver (Version: 3.6.0.0)
LockHunter 2.0 beta 2, 64 bit
McAfee AntiVirus Plus (Version: 12.8.310)
Media Go (Version: 2.4.256)
Media Go Video Playback Engine 1.116.104.02020 (Version: 1.116.104.02020)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Baseline Security Analyzer 2.2 (Version: 2.2.2170)
Microsoft Help Viewer 2.0 (Version: 2.0.50727)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (Version: 2.0.1578.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Movie Maker (Version: 16.4.3508.0205)
MozBackup 1.5.1
Mozilla Firefox 23.0 (x86 en-US) (Version: 23.0)
Mozilla Maintenance Service (Version: 23.0)
Mozilla Thunderbird 17.0.8 (x86 en-US) (Version: 17.0.8)
Mp3tag v2.55a (Version: v2.55a)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Dell (Version: 3.3.6261.27)
Mz Registry Backup (Version: 2.1.0)
Net Nanny Parental Controls (Version: 6.5)
NewBlue Titler EX for Corel VSX5 (Version: 1.0)
Notepad++ (Version: 6.3.2)
NWZ-E460 WALKMAN Guide (Version: 2.0.2.04130)
OGS Mahjong 1.0.1 (Version: 1.0.1)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16)
Phlipple 0.8.5
Photo Gallery (Version: 16.4.3508.0205)
Pismo File Mount Audit Package
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayStation®Network Downloader (Version: 2.07.00849)
PlayStation®Store (Version: 4.14.6.15183)
Prerequisites for SSDT (Version: 11.0.2100.60)
PRGrep
proDAD Mercalli 2.0 (Version: 2.0.96)
proDAD Route 4.0 (Version: 4.0.192.1)
proDAD Vitascene 2.0 (Version: 2.0.179)
Proxima Controller (Version: 1.1)
Quickset64 (Version: 11.1.37)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.2)
Realtek Ethernet Controller All-In-One Windows Driver (Version: 7.65.1025.2012)
Realtek USB 2.0 Card Reader (Version: 6.1.8400.39030)
RealUpgrade 1.1 (Version: 1.1.0)
SameGame (Version: 1.1.0)
Setup (Version: 15.0.0.258)
Share (Version: 15.0.0.258)
Share64 (Version: 15.0.0.258)
Shared C Run-time for x64 (Version: 10.0.0)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Skype™ 6.6 (Version: 6.6.106)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.6)
Spybot - Search & Destroy (Version: 2.1.19)
Stayfocused version 2.2.6 (Version: 2.2.6)
swMSM (Version: 12.0.0.1)
SyncToy 2.1 (x64) (Version: 2.1.0)
System Requirements Lab for Intel (Version: 4.5.13.0)
TELL ME MORE
Tenable Nessus (x64) (Version: 5.2.1.24021)
Tetra Blocks v1.54
TextCrawler 2.5 (Version: 2.5)
Update for (KB2504637) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514) (Version: 11.0.50727)
URL Snooper v2.32.01
VidCoder 1.4.23 (x64) (Version: 1.4.23)
VLC media player 2.0.7 (Version: 2.0.7)
VSClassic (Version: 15.0.0.258)
VSHelp (Version: 15.0.0.258)
VSUltimate (Version: 15.0.0.258)
WaveAgent (Version: 1.17)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live Essentials (Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
Windows Live Writer (Version: 16.4.3508.0205)
Windows Live Writer Resources (Version: 16.4.3508.0205)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.3 (Version: 4.1.0.2980)
Xml Viewer (Version: 3)

========================= Devices: ================================

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 8048.93 MB
Available physical RAM: 4725.02 MB
Total Pagefile: 16096.05 MB
Available Pagefile: 12626.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.11 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:916.47 GB) (Free:477.96 GB) NTFS
3 Drive f: (DOSBOOT) (Removable) (Total:0.48 GB) (Free:0.12 GB) FAT32

========================= Users: ========================================

User accounts for \\BANDERET2

Administrator Guest Serge
Zewolfe

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================


**** End of log ****

Edited by Oh My, 20 August 2013 - 10:37 PM.
Logs posted


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 10,131 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:04 PM

Posted 14 August 2013 - 06:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/503836 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 zewolfe

zewolfe
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 14 August 2013 - 06:42 PM

Hi:

I can't run DDS right now, but I still have the same problem.  I do have a Windows 7 Install DVD that I can install to USB for now.

 

the following lines in my network config should be there as far as I know and I don't know what is causing them or how to get rid of them!

 

set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled siteprefixlength=0 nud=disabled routerdiscovery=disabled  
managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0  
advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="ethernet_23" address=192.168.174.1 mask=255.255.255.0
add address name="ethernet_23" address=192.168.80.1 mask=255.255.255.0

 

 

--Serge



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 16,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:04 PM

Posted 20 August 2013 - 10:40 PM

Greetings Serge and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.
Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 zewolfe

zewolfe
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 21 August 2013 - 09:07 AM

Hi Gary:
I appreciate any help you can give as I am at wit's end!  I will not do anything until I get further instructions from you. Again, thanks for your time, and "talk" to you soon.

 

--Serge



#6 zewolfe

zewolfe
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 21 August 2013 - 09:10 AM

Sorry, hit wrong button, this is a little confusing.

Hi Gary:
I appreciate any help you can give as I am at wit's end!  I will not do anything until I get further instructions from you. Again, I thank you for your time.

 

Serge



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 16,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:04 PM

Posted 21 August 2013 - 10:55 PM

Hi Serge,

Sorry for the delay, I was not notified of your response. Please do this for me.

===================================================

Run Combofix in Vista/7

--------------------

Combofix is a very powerful tool and special attention must be taken to allow it to work properly. Please pay careful attention to the following instructions.

sUBs, the author of Combofix, recommends you to uninstall AVG or CA Internet Security before running the program. If you have either of these programs on your computer please uninstall them using AppRemover which can be downloaded here. We will be sure to reinstall the Antivirus program once we are finished using Combofix.
  • Please download ComboFix from one of these locations:

BleepingComputer
ForoSpyware

  • Save Combofix.exe to your Desktop <-- Important!!!
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts. It is important you do not mouseclick while the program is running or it may stall.
Note #1: Often times it may appear as if ComboFix has stopped working. To verify it is still running please do one of the following below. If, based on the below, you have concluded ComboFix has stopped running please stop and advise me.
  • Check your computer clock. If it is still running then so is ComboFix
  • Open Task Manager and select the Applications Tab. If the status of AutoScan is Running, then ComboFix is running
  • Open Task Manager and select the Processes Tab. Under Image Name look for files ending in .3xe. If there are fluctuating numbers under CPU and Mem Usage then ComboFix is running
Note #2: If you receive the following error "Illegal operation attempted on a registery key that has been marked for deletion" please just restart your computer to resolve this issue

If Combofix fails to run properly using the above instructions please attempt the following:
  • Right click on the Combofix icon on your desktop and select Delete
  • Download a new copy but rename it to freshcopy.exe first, then save it to your desktop
  • Now download RKill.exe (or RKill renamed as iExplore.exe if the first one doesn't work properly) and save it to your desktop
  • Restart your computer in Safe Mode
  • Right click on RKill (or iExplore) and select Run as Administrator. If you are using Windows XP simply double click the icon
  • A black DOS screen should flash and disappear. If not, try to launch the program with the second file. If neither works please stop and let me know
  • When RKill is finished running you will be presented with a text file and a copy will be saved on your desktop. Copy and paste the contents of this report in your reply
  • Do not reboot your computer
  • Double click the freshcopy.exe icon (renamed Combofix file)
  • When finished, it will produce a log. Please copy and paste the C:\Combofix.txt log information in your next reply
  • If you disabled your antivirus please enable it again. If you uninstalled it please wait for instructions to reinstall it
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Combofix log

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 zewolfe

zewolfe
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 23 August 2013 - 09:24 AM

Hi Gary:

Thanks for all your help.  I tried to run Combofix, but I got an "Incompatible OS" error.  I have Windows 64 bit Home Premium, and I think ComboFix is a 32 bit only program.  What would you like  me to do next?

 

 

--Serge :bounce:



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 16,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:04 PM

Posted 23 August 2013 - 12:22 PM

Hi Serge,

It looks like Combofix is being blocked by malicious software. Please run this program.

===================================================

RogueKiller by Tigzy

--------------------
  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • For Vista/7 users right click on the icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • When prompted, Click Scan
  • A report should open and a copy of the report will be placed on your desktop
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it winlogon.exe (or winlogon.com) and try again
  • Copy and paste the contents of the report in your reply
===================================================

Run TDSSKiller by Kaspersky on Windows 8/7/Vista

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • If you desire you may print out and follow the instructions for performing a scan.
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • RogueKiller log
  • TDSSKiller log

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 zewolfe

zewolfe
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 23 August 2013 - 03:05 PM

Hi Gary:

Thanks for your directions:  It may take a day or two to get back to you as I am in the middle of a Video Editing project, and that will take several hours to encode.  Probably 8 - 12, believe it or not!  At that point, I can proceed.  Thanks for your patience.

 

--Serge



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 16,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:04 PM

Posted 23 August 2013 - 04:00 PM

No problem at all. Thanks for the heads up.
Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 zewolfe

zewolfe
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 26 August 2013 - 10:20 AM

Hi Gary:

I will have to send two posts as the system complained that both of them together was too long.

Here is the RogueKiller log:

RogueKiller V8.6.5 _x64_ [Aug  5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Zewolfe [Admin rights]
Mode : Scan -- Date : 08/24/2013 16:03:04
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost
::1             localhost
127.0.0.1       localhost
127.0.0.1       localhost
127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ATA WDC WD10JPVT-75A SCSI Disk Device +++++
--- User ---
[MBR] 9b4f6d3a91855f55fae01737059333f8
[BSP] 2ac659e255d5a25955144b65a87b9f3c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31539200 | Size: 938468 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ATA WDC WD10JPVT-75A SCSI Disk Device +++++
--- User ---
[MBR] d77c1e56d893291d8c0f9fff92848bec
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 8192 | Size: 7456 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_08242013_160304.txt >>



Next: TDSS report.

Thanks..Serge



#13 zewolfe

zewolfe
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 26 August 2013 - 10:25 AM

Hi Gary:

I have to attach the TDSS log, as Bleeping computers is still complaining it is too long.  The summary is that no threats were detected.

Again, thanks for your time.

--Serge



#14 zewolfe

zewolfe
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 26 August 2013 - 10:27 AM

Hmmm..did attaching it not work???Attached File  TDSS.txt   291.92KB   3 downloads



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 16,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:04 PM

Posted 26 August 2013 - 03:35 PM

Hi Serge,

Are you experiencing any symptoms or is it just that you are concerned about some results in the reports?

Please run this.

===================================================

ListParts by Farbar for 64 bit Systems

--------------------
  • Please download ListParts64.exe (for 64 bit systems), or and save it to your desktop
  • Double click the icon to launch the program
  • Select Run
  • Select Scan
  • Select OK and wait for a Result - Notepad document to open on your desktop
  • Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Symptoms?
  • ListParts

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users