Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
I have a "COM Surrogate" in task manager and malwarebytes can't find it
Message
<blockquote data-quote="spuncky" data-source="post: 355561" data-attributes="member: 34609"><p>MBAR log:</p><p></p><p></p><p></p><p>Malwarebytes Anti-Rootkit BETA 1.09.1.1004</p><p><a href="http://www.malwarebytes.org" target="_blank">www.malwarebytes.org</a></p><p></p><p>Database version:</p><p> main: v2015.03.01.03</p><p> rootkit: v2015.02.25.01</p><p></p><p>Windows 8.1 x64 NTFS</p><p>Internet Explorer 11.0.9600.17631</p><p>Jacob :: JACOB-PC [administrator]</p><p></p><p>3/1/2015 10:08:38 AM</p><p>mbar-log-2015-03-01 (10-08-38).txt</p><p></p><p>Scan type: Quick scan</p><p>Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken</p><p>Scan options disabled: </p><p>Objects scanned: 359401</p><p>Time elapsed: 23 minute(s), 58 second(s)</p><p></p><p>Memory Processes Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Memory Modules Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Keys Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Values Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Data Items Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Folders Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Files Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Physical Sectors Detected: 0</p><p>(No malicious items detected)</p><p></p><p>(end)</p><p></p><p></p><p></p><p>System log:</p><p></p><p></p><p>---------------------------------------</p><p>Malwarebytes Anti-Rootkit BETA 1.09.1.1004</p><p></p><p>(c) Malwarebytes Corporation 2011-2012</p><p></p><p>OS version: 6.3.9200 Windows 8.1 x64</p><p></p><p>Account is Administrative</p><p></p><p>Internet Explorer version: 11.0.9600.17631</p><p></p><p>File system is: NTFS</p><p>Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED</p><p>CPU speed: 1.696000 GHz</p><p>Memory total: 8516689920, free: 5488238592</p><p></p><p>Downloaded database version: v2015.03.01.03</p><p>Downloaded database version: v2015.02.25.01</p><p>Downloaded database version: v2014.12.06.01</p><p>Initializing...</p><p>======================</p><p>This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.</p><p>=======================================</p><p>This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.</p><p>Initializing...</p><p>======================</p><p>This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.</p><p>Initializing...</p><p>======================</p><p>------------ Kernel report ------------</p><p> 03/01/2015 10:08:26</p><p>------------ Loaded modules -----------</p><p>\SystemRoot\system32\ntoskrnl.exe</p><p>\SystemRoot\system32\hal.dll</p><p>\SystemRoot\system32\kd.dll</p><p>\SystemRoot\system32\mcupdate_GenuineIntel.dll</p><p>\SystemRoot\System32\drivers\werkernel.sys</p><p>\SystemRoot\System32\drivers\CLFS.SYS</p><p>\SystemRoot\System32\drivers\tm.sys</p><p>\SystemRoot\system32\PSHED.dll</p><p>\SystemRoot\system32\BOOTVID.dll</p><p>\SystemRoot\system32\CI.dll</p><p>\SystemRoot\System32\drivers\msrpc.sys</p><p>\SystemRoot\system32\drivers\Wdf01000.sys</p><p>\SystemRoot\system32\drivers\WDFLDR.SYS</p><p>\SystemRoot\System32\Drivers\acpiex.sys</p><p>\SystemRoot\System32\Drivers\WppRecorder.sys</p><p>\SystemRoot\System32\drivers\ACPI.sys</p><p>\SystemRoot\System32\drivers\WMILIB.SYS</p><p>\SystemRoot\System32\Drivers\cng.sys</p><p>\SystemRoot\System32\drivers\msisadrv.sys</p><p>\SystemRoot\System32\drivers\pci.sys</p><p>\SystemRoot\System32\drivers\vdrvroot.sys</p><p>\SystemRoot\system32\drivers\pdc.sys</p><p>\SystemRoot\System32\drivers\partmgr.sys</p><p>\SystemRoot\System32\drivers\spaceport.sys</p><p>\SystemRoot\System32\drivers\volmgr.sys</p><p>\SystemRoot\System32\drivers\volmgrx.sys</p><p>\SystemRoot\System32\drivers\mountmgr.sys</p><p>\SystemRoot\System32\drivers\iaStorA.sys</p><p>\SystemRoot\System32\drivers\storport.sys</p><p>\SystemRoot\System32\drivers\EhStorClass.sys</p><p>\SystemRoot\system32\drivers\fltmgr.sys</p><p>\SystemRoot\System32\drivers\fileinfo.sys</p><p>\SystemRoot\System32\Drivers\Wof.sys</p><p>\SystemRoot\system32\drivers\mfehidk.sys</p><p>\SystemRoot\System32\Drivers\Ntfs.sys</p><p>\SystemRoot\System32\Drivers\ksecdd.sys</p><p>\SystemRoot\System32\drivers\pcw.sys</p><p>\SystemRoot\System32\Drivers\Fs_Rec.sys</p><p>\SystemRoot\system32\drivers\ndis.sys</p><p>\SystemRoot\system32\drivers\NETIO.SYS</p><p>\SystemRoot\System32\Drivers\ksecpkg.sys</p><p>\SystemRoot\System32\drivers\tcpip.sys</p><p>\SystemRoot\System32\drivers\fwpkclnt.sys</p><p>\SystemRoot\system32\DRIVERS\wfplwfs.sys</p><p>\SystemRoot\system32\drivers\mfewfpk.sys</p><p>\SystemRoot\System32\DRIVERS\fvevol.sys</p><p>\SystemRoot\System32\drivers\volsnap.sys</p><p>\SystemRoot\System32\drivers\rdyboost.sys</p><p>\SystemRoot\System32\Drivers\mup.sys</p><p>\SystemRoot\System32\drivers\intelpep.sys</p><p>\SystemRoot\System32\drivers\disk.sys</p><p>\SystemRoot\System32\drivers\CLASSPNP.SYS</p><p>\SystemRoot\System32\Drivers\crashdmp.sys</p><p>\SystemRoot\System32\drivers\cdrom.sys</p><p>\SystemRoot\System32\Drivers\Null.SYS</p><p>\SystemRoot\System32\Drivers\Beep.SYS</p><p>\SystemRoot\System32\drivers\BasicRender.sys</p><p>\SystemRoot\System32\drivers\dxgkrnl.sys</p><p>\SystemRoot\System32\drivers\watchdog.sys</p><p>\SystemRoot\System32\drivers\dxgmms1.sys</p><p>\SystemRoot\System32\drivers\BasicDisplay.sys</p><p>\SystemRoot\System32\Drivers\Npfs.SYS</p><p>\SystemRoot\System32\Drivers\Msfs.SYS</p><p>\SystemRoot\system32\DRIVERS\tdx.sys</p><p>\SystemRoot\system32\DRIVERS\TDI.SYS</p><p>\SystemRoot\System32\DRIVERS\netbt.sys</p><p>\SystemRoot\system32\drivers\afd.sys</p><p>\SystemRoot\system32\DRIVERS\pacer.sys</p><p>\SystemRoot\system32\DRIVERS\vwififlt.sys</p><p>\SystemRoot\system32\DRIVERS\netbios.sys</p><p>\SystemRoot\system32\DRIVERS\rdbss.sys</p><p>\SystemRoot\system32\DRIVERS\wanarp.sys</p><p>\SystemRoot\system32\drivers\nsiproxy.sys</p><p>\SystemRoot\System32\drivers\npsvctrig.sys</p><p>\SystemRoot\System32\drivers\mssmbios.sys</p><p>\SystemRoot\System32\Drivers\dfsc.sys</p><p>\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys</p><p>\SystemRoot\system32\DRIVERS\ahcache.sys</p><p>\SystemRoot\System32\drivers\CompositeBus.sys</p><p>\SystemRoot\system32\DRIVERS\kdnic.sys</p><p>\SystemRoot\System32\drivers\umbus.sys</p><p>\SystemRoot\System32\drivers\CmBatt.sys</p><p>\SystemRoot\System32\drivers\BATTC.SYS</p><p>\SystemRoot\system32\DRIVERS\igdkmd64.sys</p><p>\SystemRoot\System32\drivers\HDAudBus.sys</p><p>\SystemRoot\System32\drivers\USBXHCI.SYS</p><p>\SystemRoot\System32\drivers\ucx01000.sys</p><p>\SystemRoot\system32\DRIVERS\TeeDriverx64.sys</p><p>\SystemRoot\system32\DRIVERS\RtsPer.sys</p><p>\SystemRoot\system32\DRIVERS\rtwlane.sys</p><p>\SystemRoot\System32\drivers\vwifibus.sys</p><p>\SystemRoot\system32\DRIVERS\Rt630x64.sys</p><p>\SystemRoot\System32\drivers\usbehci.sys</p><p>\SystemRoot\System32\drivers\USBPORT.SYS</p><p>\SystemRoot\System32\drivers\i8042prt.sys</p><p>\SystemRoot\system32\DRIVERS\SynTP.sys</p><p>\SystemRoot\system32\DRIVERS\USBD.SYS</p><p>\SystemRoot\System32\drivers\kbdclass.sys</p><p>\SystemRoot\System32\drivers\mouclass.sys</p><p>\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys</p><p>\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys</p><p>\SystemRoot\System32\drivers\WirelessButtonDriver64.sys</p><p>\SystemRoot\System32\drivers\HIDCLASS.SYS</p><p>\SystemRoot\System32\drivers\HIDPARSE.SYS</p><p>\SystemRoot\System32\drivers\wmiacpi.sys</p><p>\SystemRoot\System32\drivers\intelppm.sys</p><p>\SystemRoot\System32\drivers\NdisVirtualBus.sys</p><p>\SystemRoot\System32\drivers\swenum.sys</p><p>\SystemRoot\System32\drivers\ks.sys</p><p>\SystemRoot\System32\drivers\iwdbus.sys</p><p>\SystemRoot\System32\drivers\rdpbus.sys</p><p>\SystemRoot\system32\DRIVERS\clwvd.sys</p><p>\SystemRoot\system32\drivers\ksthunk.sys</p><p>\SystemRoot\System32\drivers\usbhub.sys</p><p>\SystemRoot\system32\DRIVERS\portcls.sys</p><p>\SystemRoot\system32\DRIVERS\drmk.sys</p><p>\SystemRoot\System32\drivers\UsbHub3.sys</p><p>\SystemRoot\system32\drivers\RTKVHD64.sys</p><p>\SystemRoot\system32\drivers\mfeavfk.sys</p><p>\SystemRoot\system32\drivers\mfefirek.sys</p><p>\SystemRoot\system32\DRIVERS\mfencbdc.sys</p><p>\SystemRoot\System32\drivers\usbccgp.sys</p><p>\SystemRoot\System32\Drivers\usbvideo.sys</p><p>\SystemRoot\System32\Drivers\fastfat.SYS</p><p>\SystemRoot\System32\drivers\hidusb.sys</p><p>\SystemRoot\System32\Drivers\dump_diskdump.sys</p><p>\SystemRoot\System32\Drivers\dump_iaStorA.sys</p><p>\SystemRoot\System32\Drivers\dump_dumpfve.sys</p><p>\SystemRoot\System32\win32k.sys</p><p>\SystemRoot\System32\drivers\monitor.sys</p><p>\SystemRoot\System32\TSDDD.dll</p><p>\SystemRoot\System32\cdd.dll</p><p>\SystemRoot\system32\drivers\luafv.sys</p><p>\SystemRoot\system32\DRIVERS\lltdio.sys</p><p>\SystemRoot\system32\DRIVERS\nwifi.sys</p><p>\SystemRoot\system32\DRIVERS\ndisuio.sys</p><p>\SystemRoot\system32\DRIVERS\rspndr.sys</p><p>\SystemRoot\System32\drivers\condrv.sys</p><p>\SystemRoot\system32\drivers\HTTP.sys</p><p>\SystemRoot\system32\DRIVERS\bowser.sys</p><p>\SystemRoot\System32\drivers\mpsdrv.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb20.sys</p><p>\SystemRoot\system32\DRIVERS\vwifimp.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb10.sys</p><p>\SystemRoot\system32\drivers\Ndu.sys</p><p>\SystemRoot\system32\drivers\peauth.sys</p><p>\SystemRoot\System32\Drivers\secdrv.SYS</p><p>\SystemRoot\System32\DRIVERS\srvnet.sys</p><p>\SystemRoot\System32\drivers\tcpipreg.sys</p><p>\SystemRoot\system32\drivers\mfeapfk.sys</p><p>\SystemRoot\System32\DRIVERS\srv2.sys</p><p>\SystemRoot\System32\DRIVERS\srv.sys</p><p>\SystemRoot\system32\DRIVERS\tunnel.sys</p><p>\SystemRoot\system32\drivers\WudfPf.sys</p><p>\SystemRoot\system32\drivers\cfwids.sys</p><p>\??\C:\Windows\system32\drivers\mbamchameleon.sys</p><p>\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys</p><p>----------- End -----------</p><p>Done!</p><p></p><p>Scan started</p><p>Database versions:</p><p> main: v2015.03.01.03</p><p> rootkit: v2015.02.25.01</p><p></p><p><<<2>>></p><p>Physical Sector Size: 512</p><p>Drive: 0, DevicePointer: 0xffffe000ce3d15e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xffffe000ce3d0040, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xffffe000ce3d15e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xffffe000cc5a2e50, DeviceName: Unknown, DriverName: \Driver\ACPI\</p><p>DevicePointer: 0xffffe000cc5a2260, DeviceName: \Device\0000002a\, DriverName: \Driver\iaStorA\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p><<<2>>></p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...</p><p>File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)</p><p>Done!</p><p>Drive 0</p><p>This is a System drive</p><p>Scanning MBR on drive 0...</p><p>Inspecting partition table:</p><p>This drive is a GPT Drive.</p><p>MBR Signature: 55AA</p><p>Disk Signature: 159542BB</p><p></p><p>GPT Protective MBR Partition information:</p><p></p><p> Partition 0 type is EFI-GPT (0xee)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 1 Numsec = 4294967295</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>GPT Partition information:</p><p></p><p> GPT Header Signature 4546492050415254</p><p> GPT Header Revision 65536 Size 92 CRC 1737689788</p><p> GPT Header CurrentLba = 1 BackupLba 976773167</p><p> GPT Header FirstUsableLba 34 LastUsableLba 976773134</p><p> GPT Header Guid e889530c-a73f-4139-931d-f3514484ddfe</p><p> GPT Header Contains 128 partition entries starting at LBA 2</p><p> GPT Header Partition entry size = 128</p><p></p><p> Backup GPT header Signature 4546492050415254</p><p> Backup GPT header Revision 65536 Size 92 CRC 1737689788</p><p> Backup GPT header CurrentLba = 976773167 BackupLba 1</p><p> Backup GPT header FirstUsableLba 34 LastUsableLba 976773134</p><p> Backup GPT header Guid e889530c-a73f-4139-931d-f3514484ddfe</p><p> Backup GPT header Contains 128 partition entries starting at LBA 976773135</p><p> Backup GPT header Partition entry size = 128</p><p></p><p> Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 85c75882-b0f2-41bf-9bf1-6939bebd7c6d</p><p> FirstLBA 2048 Last LBA 1333247</p><p> Attributes 1</p><p> Partition Name Basic data partition</p><p></p><p> Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b</p><p> Partition ID c01a6486-66a5-4da1-83cf-67234ffd83ce</p><p> FirstLBA 1333248 Last LBA 1865727</p><p> Attributes 0</p><p> Partition Name EFI system partition</p><p></p><p> GPT Partition 1 is bootable</p><p> Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae</p><p> Partition ID 3a5bb6dd-77da-453b-b4d4-3f352af3757e</p><p> FirstLBA 1865728 Last LBA 2127871</p><p> Attributes 0</p><p> Partition Name Microsoft reserved partition</p><p></p><p> Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7</p><p> Partition ID b4a0a528-8c48-4e28-af38-7d54fc3ceec2</p><p> FirstLBA 2127872 Last LBA 932636671</p><p> Attributes 0</p><p> Partition Name Basic data partition</p><p></p><p> Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7</p><p> Partition ID 1127fbe8-b1c7-4478-a5aa-2d589730ef14</p><p> FirstLBA 932636672 Last LBA 976762879</p><p> Attributes 1</p><p> Partition Name Basic data partition</p><p></p><p>Disk Size: 500107862016 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>Scan finished</p><p>=======================================</p><p></p><p></p><p>Removal queue found; removal started</p><p>Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...</p><p>Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...</p><p>Removal finished</p><p></p><p></p><p>Not sure if you want me to upload the file of the next two or just paste, so i'll paste:</p><p></p><p>FRST:</p><p></p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015</p><p>Ran by Jacob (administrator) on JACOB-PC on 01-03-2015 10:55:27</p><p>Running from C:\Users\Jaottmer\Desktop</p><p>Loaded Profiles: Jacob (Available profiles: Jacob)</p><p>Platform: Windows 8.1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11 (Default browser: Chrome)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe</p><p>(Microsoft Corporation) C:\Windows\System32\wlanext.exe</p><p>(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe</p><p>(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dasHost.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe</p><p>(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe</p><p>(McAfee, Inc.) C:\Windows\System32\mfevtps.exe</p><p>() C:\Windows\SysWOW64\PnkBstrA.exe</p><p>() C:\Windows\SysWOW64\PnkBstrB.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe</p><p>(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe</p><p>() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxsrvc.exe</p><p>(Intel Corporation) C:\Windows\System32\hkcmd.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxpers.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe</p><p>(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe</p><p>(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe</p><p>(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe</p><p>(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe</p><p>(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe</p><p>(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe</p><p>(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor)</p><p>HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch</p><p>HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2825456 2015-02-07] (Synaptics Incorporated)</p><p>HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)</p><p>HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)</p><p>HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Development Company, L.P.)</p><p>Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)</p><p>HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\...\Run: [Power2GoExpress8] => NA</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://g.msn.com/HPNOT14/1" target="_blank">http://g.msn.com/HPNOT14/1</a></p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = <a href="http://g.msn.com/HPNOT14/1" target="_blank">http://g.msn.com/HPNOT14/1</a></p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://g.msn.com/HPNOT14/1" target="_blank">http://g.msn.com/HPNOT14/1</a></p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://g.msn.com/HPNOT14/1" target="_blank">http://g.msn.com/HPNOT14/1</a></p><p>HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://g.msn.com/HPNOT14/1" target="_blank">http://g.msn.com/HPNOT14/1</a></p><p>HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://g.msn.com/HPNOT14/1" target="_blank">http://g.msn.com/HPNOT14/1</a></p><p>HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = <a href="http://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome" target="_blank">http://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome</a></p><p>HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = <a href="http://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome" target="_blank">http://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome</a></p><p>SearchScopes: HKLM -> {3DF3560B-E9FA-452D-8782-053A354BEC29} URL = <a href="http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}" target="_blank">http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}</a></p><p>SearchScopes: HKLM-x32 -> {3DF3560B-E9FA-452D-8782-053A354BEC29} URL = <a href="http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}" target="_blank">http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}</a></p><p>SearchScopes: HKU\S-1-5-21-1398835333-2482015856-2196344950-1001 -> {3DF3560B-E9FA-452D-8782-053A354BEC29} URL = <a href="http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}" target="_blank">http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}</a></p><p>BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)</p><p>BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)</p><p>BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)</p><p>BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)</p><p>BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)</p><p>Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)</p><p>Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)</p><p>Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.254</p><p></p><p>FireFox:</p><p>========</p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()</p><p>FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()</p><p>FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()</p><p>FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)</p><p>FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)</p><p>FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin HKU\S-1-5-21-1398835333-2482015856-2196344950-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jaottmer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)</p><p>FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor</p><p>FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-01-23]</p><p>FF HKLM-x32\...\Firefox\Extensions: [<a href="mailto:firefox@bho.com">firefox@bho.com</a>] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt</p><p>FF Extension: HP SimplePass - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-02-07]</p><p></p><p>Chrome: </p><p>=======</p><p>CHR Profile: C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1</p><p>CHR Extension: (Google Slides) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-30]</p><p>CHR Extension: (Google Docs) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-30]</p><p>CHR Extension: (Google Drive) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-30]</p><p>CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-30]</p><p>CHR Extension: (YouTube) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-30]</p><p>CHR Extension: (Google Search) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-30]</p><p>CHR Extension: (Google Sheets) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-30]</p><p>CHR Extension: (SiteAdvisor) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-23]</p><p>CHR Extension: (Google Wallet) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-30]</p><p>CHR Extension: (Gmail) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-30]</p><p>CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-28]</p><p>CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - <a href="http://clients2.google.com/service/update2/crx" target="_blank">http://clients2.google.com/service/update2/crx</a></p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)</p><p>S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)</p><p>R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)</p><p>R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)</p><p>R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]</p><p>R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Development Company, L.P.)</p><p>R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)</p><p>R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]</p><p>S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)</p><p>R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)</p><p>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)</p><p>S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)</p><p>S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)</p><p>R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-19] (McAfee, Inc.)</p><p>R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)</p><p>R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)</p><p>R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)</p><p>S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.)</p><p>R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)</p><p>R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)</p><p>R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)</p><p>R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)</p><p>R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)</p><p>R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed]</p><p>R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-12-26] ()</p><p>R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-12-26] ()</p><p>R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)</p><p>R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2015-02-07] (Synaptics Incorporated)</p><p>S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)</p><p>S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)</p><p>S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)</p><p>R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)</p><p>S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)</p><p>S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)</p><p>S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)</p><p>R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)</p><p>R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)</p><p>R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)</p><p>S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)</p><p>R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)</p><p>R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)</p><p>R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)</p><p>S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)</p><p>R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)</p><p>R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506072 2014-06-20] (Realsil Semiconductor Corporation)</p><p>R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3636440 2014-12-25] (Realtek Semiconductor Corporation )</p><p>S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)</p><p>R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2015-02-07] (Synaptics Incorporated)</p><p>S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)</p><p>S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)</p><p>R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)</p><p>U3 MSK80Service; No ImagePath</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2015-03-01 10:55 - 2015-03-01 10:56 - 00021536 _____ () C:\Users\Jaottmer\Desktop\FRST.txt</p><p>2015-03-01 10:08 - 2015-03-01 10:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)</p><p>2015-03-01 10:06 - 2015-03-01 10:54 - 00000000 ____D () C:\Users\Jaottmer\Desktop\mbar</p><p>2015-03-01 10:05 - 2015-03-01 10:06 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Jaottmer\Downloads\mbar-1.09.1.1004.exe</p><p>2015-03-01 09:36 - 2015-03-01 10:55 - 00000000 ____D () C:\FRST</p><p>2015-03-01 09:36 - 2015-03-01 09:36 - 02092544 _____ (Farbar) C:\Users\Jaottmer\Desktop\FRST64.exe</p><p>2015-03-01 09:17 - 2015-03-01 09:17 - 00003164 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJacob</p><p>2015-03-01 09:17 - 2015-03-01 09:17 - 00000350 _____ () C:\Windows\Tasks\HPCeeScheduleForJacob.job</p><p>2015-03-01 09:15 - 2015-03-01 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee</p><p>2015-03-01 08:31 - 2015-03-01 10:08 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2015-03-01 08:31 - 2015-03-01 10:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys</p><p>2015-03-01 08:31 - 2015-03-01 08:31 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2015-03-01 08:31 - 2015-03-01 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2015-03-01 08:31 - 2015-03-01 08:31 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2015-03-01 08:31 - 2015-03-01 08:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2015-03-01 08:31 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys</p><p>2015-03-01 08:31 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys</p><p>2015-03-01 08:30 - 2015-03-01 08:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jaottmer\Downloads\mbam-setup-2.0.4.1028.exe</p><p>2015-02-25 20:05 - 2015-02-25 20:05 - 00001071 _____ () C:\Users\Public\Desktop\MuseScore.lnk</p><p>2015-02-25 20:05 - 2015-02-25 20:05 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\MusE</p><p>2015-02-25 20:05 - 2015-02-25 20:05 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\MusE</p><p>2015-02-25 20:05 - 2015-02-25 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore</p><p>2015-02-25 20:05 - 2015-02-25 20:05 - 00000000 ____D () C:\Program Files (x86)\MuseScore</p><p>2015-02-25 20:03 - 2015-02-25 20:04 - 38678632 _____ () C:\Users\Jaottmer\Downloads\MuseScore-1.3.exe</p><p>2015-02-24 17:29 - 2014-12-13 15:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls</p><p>2015-02-24 17:29 - 2014-12-13 15:28 - 00513488 _____ () C:\Windows\system32\locale.nls</p><p>2015-02-22 18:53 - 2015-02-22 21:01 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\Skype</p><p>2015-02-22 18:53 - 2015-02-22 18:53 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk</p><p>2015-02-22 18:53 - 2015-02-22 18:53 - 00000000 ___RD () C:\Program Files (x86)\Skype</p><p>2015-02-22 18:53 - 2015-02-22 18:53 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Skype</p><p>2015-02-22 18:53 - 2015-02-22 18:53 - 00000000 ____D () C:\ProgramData\Skype</p><p>2015-02-22 18:53 - 2015-02-22 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype</p><p>2015-02-22 18:50 - 2015-02-22 18:50 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Jaottmer\Downloads\SkypeSetup.exe</p><p>2015-02-21 17:03 - 2015-02-21 18:02 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\PFStaticIP</p><p>2015-02-21 17:02 - 2015-02-21 18:04 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\PortForward.com</p><p>2015-02-21 17:02 - 2015-02-21 17:02 - 03618904 _____ (Portforward, LLC) C:\Users\Jaottmer\Downloads\setup-network-utilities.exe</p><p>2015-02-21 17:02 - 2015-02-21 17:02 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Downloaded Installations</p><p>2015-02-19 16:28 - 2015-02-19 16:28 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Steam</p><p>2015-02-15 17:10 - 2015-02-15 17:41 - 85017511 _____ () C:\Users\Jaottmer\Downloads\The Strokes - Room on Fire (mp3boo.com).zip</p><p>2015-02-15 16:51 - 2015-02-15 17:21 - 80724454 _____ () C:\Users\Jaottmer\Downloads\Real Estate - Atlas (mp3boo.com).zip</p><p>2015-02-15 16:41 - 2015-02-15 17:14 - 106041818 _____ () C:\Users\Jaottmer\Downloads\Arctic Monkeys - AM (mp3boo.com).zip</p><p>2015-02-15 16:24 - 2015-02-15 16:24 - 00001772 _____ () C:\Users\Public\Desktop\iTunes.lnk</p><p>2015-02-15 16:24 - 2015-02-15 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes</p><p>2015-02-15 16:23 - 2015-02-15 16:23 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7</p><p>2015-02-15 16:23 - 2015-02-15 16:23 - 00000000 ____D () C:\Program Files\iTunes</p><p>2015-02-15 16:23 - 2015-02-15 16:23 - 00000000 ____D () C:\Program Files\iPod</p><p>2015-02-15 16:23 - 2015-02-15 16:23 - 00000000 ____D () C:\Program Files (x86)\iTunes</p><p>2015-02-15 08:47 - 2015-02-15 08:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA</p><p>2015-02-12 21:02 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2015-02-12 21:02 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2015-02-11 18:30 - 2015-01-19 12:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll</p><p>2015-02-11 18:30 - 2015-01-15 16:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys</p><p>2015-02-11 18:30 - 2015-01-15 16:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys</p><p>2015-02-11 18:30 - 2015-01-13 22:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll</p><p>2015-02-11 18:30 - 2015-01-13 21:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll</p><p>2015-02-11 18:30 - 2015-01-13 16:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll</p><p>2015-02-11 18:30 - 2015-01-13 16:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll</p><p>2015-02-11 18:30 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll</p><p>2015-02-11 18:30 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2015-02-11 18:30 - 2015-01-11 19:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2015-02-11 18:30 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2015-02-11 18:30 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2015-02-11 18:30 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2015-02-11 18:30 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2015-02-11 18:30 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2015-02-11 18:30 - 2015-01-10 03:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe</p><p>2015-02-11 18:30 - 2015-01-10 03:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll</p><p>2015-02-11 18:30 - 2015-01-10 02:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll</p><p>2015-02-11 18:30 - 2015-01-10 02:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys</p><p>2015-02-11 18:30 - 2015-01-10 01:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll</p><p>2015-02-11 18:30 - 2015-01-10 00:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll</p><p>2015-02-11 18:30 - 2014-12-19 02:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll</p><p>2015-02-11 18:30 - 2014-12-19 02:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll</p><p>2015-02-11 18:30 - 2014-12-08 21:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll</p><p>2015-02-11 18:30 - 2014-12-08 19:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll</p><p>2015-02-11 18:30 - 2014-12-08 17:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml</p><p>2015-02-08 16:41 - 2015-02-08 17:41 - 00000000 ____D () C:\Users\Jaottmer\Documents\Blender</p><p>2015-02-08 16:41 - 2015-02-08 16:41 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\Blender Foundation</p><p>2015-02-08 15:39 - 2015-02-08 15:39 - 00000000 ____D () C:\Users\Jaottmer\.thumbnails</p><p>2015-02-08 15:37 - 2015-02-08 15:37 - 00001920 _____ () C:\Users\Public\Desktop\Blender.lnk</p><p>2015-02-08 15:37 - 2015-02-08 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation</p><p>2015-02-08 15:36 - 2015-02-08 15:36 - 00000000 ____D () C:\Program Files\Blender Foundation</p><p>2015-02-08 15:34 - 2015-02-08 15:36 - 64542509 _____ () C:\Users\Jaottmer\Downloads\blender-2.73a-windows64.exe</p><p>2015-02-07 16:48 - 2015-02-07 16:48 - 00750832 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll</p><p>2015-02-07 16:48 - 2015-02-07 16:48 - 00548592 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys</p><p>2015-02-07 16:48 - 2015-02-07 16:48 - 00407792 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll</p><p>2015-02-07 16:48 - 2015-02-07 16:48 - 00255216 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll</p><p>2015-02-07 16:48 - 2015-02-07 16:48 - 00208624 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo20.dll</p><p>2015-02-07 16:48 - 2015-02-07 16:48 - 00031472 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys</p><p>2015-02-07 16:41 - 2015-02-07 16:41 - 00002986 _____ () C:\Windows\System32\Tasks\Start SimplePass</p><p>2015-02-07 16:41 - 2015-02-07 16:41 - 00002912 _____ () C:\Windows\System32\Tasks\Start OPBHOBroker</p><p>2015-02-07 16:41 - 2014-09-26 16:17 - 00002986 _____ () C:\Windows\SysWOW64\Start_SimplePass.xml</p><p>2015-02-07 16:41 - 2014-09-26 16:17 - 00002924 _____ () C:\Windows\SysWOW64\Start_OPBHOBrokerDesktop.xml</p><p>2015-02-07 16:41 - 2014-09-26 16:17 - 00002912 _____ () C:\Windows\SysWOW64\Start_OPBHOBroker.xml</p><p>2015-02-07 16:41 - 2014-02-26 01:31 - 00001608 _____ () C:\Windows\SysWOW64\optskcpl.xml</p><p>2015-02-07 16:33 - 2015-02-07 16:33 - 00003154 _____ () C:\Windows\System32\Tasks\YCMServiceAgent</p><p>2015-02-07 16:33 - 2014-01-27 21:58 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys</p><p>2015-02-07 16:15 - 2013-11-12 14:25 - 00091912 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualDrive.sys</p><p>2015-02-06 17:46 - 2015-02-06 17:48 - 47045505 _____ () C:\Users\Jaottmer\Downloads\l4d2_-helms_deep-_reborn_21.zip</p><p>2015-02-06 16:30 - 2015-02-06 16:30 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Brice_Lambson</p><p>2015-02-06 16:28 - 2015-02-06 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows</p><p>2015-02-06 16:28 - 2015-02-06 16:28 - 00000000 ____D () C:\Program Files\Image Resizer for Windows</p><p>2015-02-06 16:28 - 2015-02-06 16:28 - 00000000 ____D () C:\Program Files (x86)\Image Resizer for Windows</p><p>2015-02-06 16:27 - 2015-02-06 16:27 - 00922057 _____ (Brice Lambson) C:\Users\Jaottmer\Downloads\ImageResizerSetup.exe</p><p>2015-02-06 16:10 - 2015-02-06 16:10 - 04621120 _____ () C:\Users\Jaottmer\Downloads\l4d2_fiddy_louis_1.0.zip</p><p>2015-02-06 11:02 - 2015-02-06 11:02 - 13304461 _____ () C:\Users\Jaottmer\Downloads\l4d2_l4d2_plants_vs_zombies_4.0.zip</p><p>2015-02-01 18:09 - 2015-02-01 18:10 - 30916079 _____ () C:\Users\Jaottmer\Downloads\Jan30_Sec10_4_Day1.wmv</p><p>2015-01-31 15:08 - 2014-04-15 17:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll</p><p>2015-01-31 15:08 - 2014-04-15 17:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2015-03-01 10:35 - 2014-12-24 20:25 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2015-03-01 10:27 - 2015-01-19 14:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job</p><p>2015-03-01 10:02 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sru</p><p>2015-03-01 09:31 - 2015-01-06 18:54 - 00004972 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JACOB-PC-Jacob Jacob-PC</p><p>2015-03-01 09:28 - 2014-12-24 20:15 - 02079873 _____ () C:\Windows\WindowsUpdate.log</p><p>2015-03-01 09:15 - 2014-12-24 20:26 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1398835333-2482015856-2196344950-1001</p><p>2015-03-01 09:15 - 2014-12-24 20:23 - 00000000 ____D () C:\Users\Jaottmer\Documents\Youcam</p><p>2015-03-01 09:11 - 2014-12-28 11:31 - 00000000 ____D () C:\Users\Jaottmer\OneDrive</p><p>2015-03-01 09:11 - 2014-12-24 20:25 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2015-03-01 09:09 - 2014-03-18 03:44 - 00025636 _____ () C:\Windows\PFRO.log</p><p>2015-03-01 09:09 - 2013-08-22 08:46 - 00027850 _____ () C:\Windows\setupact.log</p><p>2015-03-01 09:09 - 2013-08-22 08:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT</p><p>2015-03-01 09:08 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\BBI</p><p>2015-03-01 09:01 - 2014-12-25 07:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log</p><p>2015-03-01 08:54 - 2014-03-31 19:07 - 00000000 ____D () C:\SWSetup</p><p>2015-03-01 08:38 - 2014-12-24 20:41 - 00000000 ____D () C:\Program Files (x86)\Steam</p><p>2015-03-01 08:22 - 2014-12-26 11:59 - 00000000 ____D () C:\ProgramData\Package Cache</p><p>2015-02-28 21:05 - 2014-12-25 08:28 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\FEZ</p><p>2015-02-28 13:54 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\AppReadiness</p><p>2015-02-27 20:27 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM</p><p>2015-02-26 19:46 - 2013-08-22 09:20 - 00000000 ____D () C:\Windows\CbsTemp</p><p>2015-02-23 19:51 - 2014-03-18 03:53 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI</p><p>2015-02-22 18:56 - 2014-12-24 20:23 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\CyberLink</p><p>2015-02-22 18:49 - 2014-12-24 20:20 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Packages</p><p>2015-02-20 16:36 - 2014-12-24 20:26 - 00002170 _____ () C:\Users\Public\Desktop\Google Chrome.lnk</p><p>2015-02-20 16:31 - 2015-01-06 18:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15</p><p>2015-02-15 16:59 - 2014-08-27 00:10 - 00000000 ____D () C:\Windows\Hewlett-Packard</p><p>2015-02-15 16:23 - 2014-12-24 20:50 - 00000000 ____D () C:\Program Files\Common Files\Apple</p><p>2015-02-15 08:48 - 2014-12-26 10:15 - 00000000 ____D () C:\Users\Jaottmer\Documents\My Games</p><p>2015-02-12 20:51 - 2013-08-22 08:44 - 00538808 _____ () C:\Windows\system32\FNTCACHE.DAT</p><p>2015-02-12 20:47 - 2014-12-26 09:43 - 00000000 ____D () C:\Windows\system32\MRT</p><p>2015-02-12 20:43 - 2014-12-26 09:43 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p>2015-02-08 15:39 - 2014-12-24 20:20 - 00000000 ____D () C:\Users\Jaottmer</p><p>2015-02-08 08:24 - 2014-12-30 14:55 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\CyberLink</p><p>2015-02-07 18:09 - 2014-08-27 01:11 - 00000000 ____D () C:\Users\Public\Documents\CyberLink</p><p>2015-02-07 16:50 - 2014-08-27 00:04 - 00013678 _____ () C:\Windows\DPINST.LOG</p><p>2015-02-07 16:50 - 2014-08-27 00:04 - 00001336 _____ () C:\Windows\Synaptics.log</p><p>2015-02-07 16:42 - 2014-07-18 02:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard</p><p>2015-02-07 16:40 - 2014-07-18 02:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection</p><p>2015-02-07 16:33 - 2014-08-27 00:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat</p><p>2015-02-07 16:31 - 2014-08-27 00:18 - 00000000 ____D () C:\Program Files (x86)\CyberLink</p><p>2015-02-07 16:23 - 2014-08-27 00:28 - 00000000 ____D () C:\Users\Public\CyberLink</p><p>2015-02-07 16:21 - 2014-12-30 14:55 - 00000000 ____D () C:\Users\Jaottmer\Documents\CyberLink</p><p>2015-02-07 16:21 - 2014-08-27 00:18 - 00000000 ____D () C:\ProgramData\CyberLink</p><p>2015-02-07 16:15 - 2014-07-18 02:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools</p><p>2015-02-07 14:00 - 2014-12-25 07:48 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt</p><p>2015-02-06 16:30 - 2014-12-24 20:25 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA</p><p>2015-02-06 16:30 - 2014-12-24 20:25 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore</p><p>2015-02-04 17:27 - 2015-01-19 14:06 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater</p><p>2015-02-03 13:31 - 2014-12-26 10:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe</p><p>2015-02-03 13:31 - 2014-12-26 10:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2015-01-31 14:20 - 2015-01-26 20:14 - 00000000 ____D () C:\Users\Jaottmer\Documents\High School</p><p></p><p>==================== Files in the root of some directories =======</p><p></p><p>2014-12-25 08:29 - 2014-12-25 02:02 - 0012005 _____ () C:\Users\Jaottmer\AppData\Roaming\alsoft.ini</p><p>2015-01-18 14:03 - 2015-01-18 14:03 - 0007602 _____ () C:\Users\Jaottmer\AppData\Local\Resmon.ResmonCfg</p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\Jaottmer\AppData\Local\Temp\COMAP.EXE</p><p>C:\Users\Jaottmer\AppData\Local\Temp\Extract.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\jre-8u31-windows-au.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP67263.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP67334.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP68864.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69229.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69393.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69401.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69404.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69448.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69559.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69718.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69748.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69840.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP69888.exe</p><p>C:\Users\Jaottmer\AppData\Local\Temp\SP70439.exe</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2015-02-18 18:39</p><p></p><p>==================== End Of Log ============================</p><p></p><p></p><p>Addition:</p><p></p><p></p><p></p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015</p><p>Ran by Jacob at 2015-03-01 10:56:22</p><p>Running from C:\Users\Jaottmer\Desktop</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}</p><p>AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)</p><p>Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)</p><p>Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)</p><p>Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)</p><p>Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation)</p><p>Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)</p><p>Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)</p><p>Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)</p><p>Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)</p><p>Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)</p><p>CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)</p><p>Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)</p><p>CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4608 - CyberLink Corp.)</p><p>CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)</p><p>CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3912 - CyberLink Corp.)</p><p>CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.)</p><p>DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden</p><p>DOOM 3 (HKLM-x32\...\Steam App 9050) (Version: - id Software)</p><p>DOOM 3: Resurrection of Evil (HKLM-x32\...\Steam App 9070) (Version: - id Software)</p><p>Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)</p><p>Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)</p><p>Fallout 3 Patch v1.8 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 1.8 - )</p><p>Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)</p><p>FEZ (HKLM-x32\...\Steam App 224760) (Version: - Polytron Corporation)</p><p>Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)</p><p>Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden</p><p>Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden</p><p>HP Documentation (HKLM-x32\...\{DCB0919F-F0A6-4C63-800F-B6825D6C0434}) (Version: 1.1.0.0 - Hewlett-Packard)</p><p>HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)</p><p>HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard)</p><p>HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)</p><p>HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company)</p><p>HP Utility Center (HKLM\...\{82E6836B-9400-4965-9FD2-46BD64D8BE41}) (Version: 2.4.7 - Hewlett-Packard Company)</p><p>HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)</p><p>Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden</p><p>Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)</p><p>Inst5675 (Version: 8.01.27 - Softex Inc.) Hidden</p><p>Inst5676 (Version: 8.01.27 - Softex Inc.) Hidden</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)</p><p>Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)</p><p>iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)</p><p>Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)</p><p>Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)</p><p>Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)</p><p>Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)</p><p>McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)</p><p>McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.)</p><p>Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)</p><p>Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)</p><p>Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4693.1002 - Microsoft Corporation)</p><p>Microsoft OneDrive (HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)</p><p>MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)</p><p>Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden</p><p>Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden</p><p>Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden</p><p>Only If (HKLM-x32\...\Steam App 298260) (Version: - Creability)</p><p>OpenAL (HKLM-x32\...\OpenAL) (Version: - )</p><p>Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)</p><p>PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)</p><p>Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.)</p><p>Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)</p><p>REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.41 - REALTEK Semiconductor Corp.)</p><p>Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)</p><p>Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)</p><p>swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden</p><p>Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.15.1 - Synaptics Incorporated)</p><p>System Requirements Lab Detection (HKLM-x32\...\{E7146BE5-A523-4C01-98F6-841589D2CC01}) (Version: 2.2.4.0 - Husdawg, LLC)</p><p>Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)</p><p>The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)</p><p>The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)</p><p>The Way of Life (HKLM-x32\...\Steam App 310370) (Version: - Fabio Ferrara)</p><p>TI-Nspire™ Student Software (HKLM-x32\...\{F46F949B-755F-4BEF-A4B9-7B3B73D0104A}) (Version: 3.9.0.463 - Texas Instruments Inc.)</p><p>Unity Web Player (HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)</p><p></p><p>==================== Custom CLSID (selected items): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-1398835333-2482015856-2196344950-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()</p><p>CustomCLSID: HKU\S-1-5-21-1398835333-2482015856-2196344950-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jaottmer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>06-02-2015 16:28:10 Image Resizer for Windows</p><p>12-02-2015 17:38:22 Windows Update</p><p>15-02-2015 08:46:57 Installed Microsoft XNA Framework Redistributable 4.0</p><p>25-02-2015 20:16:41 Scheduled Checkpoint</p><p>01-03-2015 08:21:23 Intel® Driver Update Utility</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p></p><p>Task: {0895B656-81E7-4C45-909A-E34E8BDE78E0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)</p><p>Task: {1B19F3B3-7967-40F9-A59A-90900AF4FCB5} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-09-27] (Hewlett-Packard)</p><p>Task: {1F09D08A-8335-4365-AD93-F2322E2C9275} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-09-27] (Hewlett-Packard)</p><p>Task: {2704F656-FC47-4896-8628-4DE9B493ABDA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)</p><p>Task: {28A25C53-5428-4699-8623-01CDDC6A1C45} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)</p><p>Task: {39A82E0B-F282-4721-9E6D-80B4DCACC6A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)</p><p>Task: {3F9D3238-A110-4A17-A5E4-F4EBC35374C6} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-09-27] (Hewlett-Packard)</p><p>Task: {4587D178-B04F-458C-9C6F-8ABE7E820229} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-10-28] (CyberLink Corp.)</p><p>Task: {48C0B3D8-8231-41BC-BC7E-3B7DA91ABD91} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)</p><p>Task: {5D5CE42D-E9D3-43DF-AAE4-DD6284D8FAA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)</p><p>Task: {6FF05AD0-038F-40A4-AEC5-BC6991DD5558} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JACOB-PC-Jacob Jacob-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-01-06] (Microsoft Corporation)</p><p>Task: {845F555F-CA03-4052-B5F2-5AE04E9895EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)</p><p>Task: {8FCF0C80-7F17-4756-A93F-1EDB0A609F6A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-12] (Microsoft Corporation)</p><p>Task: {996158B2-9836-437C-80E9-52F67C650F35} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)</p><p>Task: {C2B63198-3720-4B72-B90B-A2C2C622EF6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.)</p><p>Task: {C342F004-0091-42F3-A46C-9312203CF441} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.)</p><p>Task: {C779A861-F0DE-4B8C-8591-F03E4006BD12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)</p><p>Task: {CA0CE2C2-6579-48DE-8867-6C563FC0ECD1} - System32\Tasks\HPCeeScheduleForJacob => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)</p><p>Task: {DA22D57A-2DBF-4FA0-A0E5-9C062F084B06} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-02-07] (Synaptics Incorporated)</p><p>Task: {E0F67A2F-37F6-4C06-A758-05853D05277A} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1398835333-2482015856-2196344950-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe</p><p>Task: {EF64F7EB-7664-45FA-8E14-5C5657CEB138} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-13] (Microsoft Corporation)</p><p>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\HPCeeScheduleForJacob.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe</p><p></p><p>==================== Loaded Modules (whitelisted) ==============</p><p></p><p>2014-09-27 13:40 - 2014-09-27 13:40 - 02150400 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll</p><p>2014-09-27 13:39 - 2014-09-27 13:39 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll</p><p>2014-09-27 13:39 - 2014-09-27 13:39 - 00035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll</p><p>2014-09-27 13:39 - 2014-09-27 13:39 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll</p><p>2014-09-27 13:48 - 2014-09-27 13:48 - 00420432 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll</p><p>2014-09-27 13:48 - 2014-09-27 13:48 - 00746064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll</p><p>2014-12-26 11:37 - 2012-12-06 13:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll</p><p>2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll</p><p>2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll</p><p>2015-01-06 18:47 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll</p><p>2014-12-26 19:45 - 2014-12-26 19:45 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe</p><p>2014-12-26 19:45 - 2014-12-26 19:45 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe</p><p>2015-02-20 16:29 - 2014-12-23 13:53 - 08898728 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll</p><p>2014-09-27 13:42 - 2014-09-27 13:42 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe</p><p>2015-01-07 16:48 - 2015-01-07 16:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll</p><p>2014-08-27 00:05 - 2013-09-03 19:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll</p><p>2015-02-20 16:35 - 2015-02-17 16:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll</p><p>2015-02-20 16:35 - 2015-02-17 16:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll</p><p>2015-02-20 16:35 - 2015-02-17 16:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll</p><p>2015-02-20 16:35 - 2015-02-17 16:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll</p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p>AlternateDataStreams: C:\Users\Jaottmer\OneDrive:ms-properties</p><p>AlternateDataStreams: C:\Users\Jaottmer\OneDrive.old:ms-properties</p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"</p><p></p><p>==================== EXE Association (whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p></p><p>==================== Other Areas ============================</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jaottmer\Pictures\boxes-cube-fez-game-minimalistic-1920x1080.jpg</p><p>DNS Servers: 192.168.1.254</p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items ==</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"</p><p>HKLM\...\StartupApproved\Run: => "iTunesHelper"</p><p>HKLM\...\StartupApproved\Run32: => "iTunesHelper"</p><p>HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\...\StartupApproved\Run: => "Power2GoExpress8"</p><p></p><p>==================== Accounts: =============================</p><p></p><p>Administrator (S-1-5-21-1398835333-2482015856-2196344950-500 - Administrator - Disabled)</p><p>Guest (S-1-5-21-1398835333-2482015856-2196344950-501 - Limited - Disabled)</p><p>HomeGroupUser$ (S-1-5-21-1398835333-2482015856-2196344950-1003 - Limited - Enabled)</p><p>Jacob (S-1-5-21-1398835333-2482015856-2196344950-1001 - Administrator - Enabled) => C:\Users\Jaottmer</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (03/01/2015 10:28:59 AM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: bc</p><p></p><p>Start Time: 01d0543c1b0d37cf</p><p></p><p>Termination Time: 4294967295</p><p></p><p>Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe</p><p></p><p>Report Id: 0eec6a00-c030-11e4-826d-3863bba1e190</p><p></p><p>Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe</p><p></p><p>Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1</p><p></p><p>Error: (02/28/2015 03:05:08 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/27/2015 08:28:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/26/2015 07:56:05 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/25/2015 08:12:11 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/24/2015 07:57:42 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)</p><p>Description: Chrome has encountered a fatal error.</p><p>ver=40.0.2214.115;lang=;guid=66DC89E147AE42CEBD8FDF2880FF4A3D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\01052305-a1c8-44be-97f4-4a6ba7667eeb.dmp</p><p></p><p>Error: (02/24/2015 05:09:41 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/24/2015 05:06:18 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: iTunes.exe, version: 12.1.0.71, time stamp: 0x54c76235</p><p>Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737</p><p>Exception code: 0xc000041d</p><p>Fault offset: 0x0000000000008b9c</p><p>Faulting process id: 0x1fe44</p><p>Faulting application start time: 0xiTunes.exe0</p><p>Faulting application path: iTunes.exe1</p><p>Faulting module path: iTunes.exe2</p><p>Report Id: iTunes.exe3</p><p>Faulting package full name: iTunes.exe4</p><p>Faulting package-relative application ID: iTunes.exe5</p><p></p><p>Error: (02/24/2015 05:03:45 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)</p><p>Description: Chrome has encountered a fatal error.</p><p>ver=40.0.2214.115;lang=;guid=66DC89E147AE42CEBD8FDF2880FF4A3D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\e9c688bf-080f-4676-b4b3-0e8604953a26.dmp</p><p></p><p>Error: (02/24/2015 05:03:34 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program Netflix.exe version 2.9.0.29 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 21da0</p><p></p><p>Start Time: 01d05086133dc778</p><p></p><p>Termination Time: 4294967295</p><p></p><p>Application Path: C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8\Netflix.exe</p><p></p><p>Report Id: 5aa4c7c2-bc79-11e4-826c-3863bba1e190</p><p></p><p>Faulting package full name: 4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8</p><p></p><p>Faulting package-relative application ID: App</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (03/01/2015 09:06:43 AM) (Source: DCOM) (EventID: 10010) (User: JACOB-PC)</p><p>Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}</p><p></p><p>Error: (03/01/2015 09:06:43 AM) (Source: DCOM) (EventID: 10010) (User: JACOB-PC)</p><p>Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}</p><p></p><p>Error: (02/27/2015 08:27:18 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)</p><p>Description: 1053mcpltsvcUnavailable{20966775-18A4-4299-B8E3-772C336B52A7}</p><p></p><p>Error: (02/27/2015 08:27:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The McAfee Platform Services service failed to start due to the following error: </p><p>%%1053</p><p></p><p>Error: (02/27/2015 08:27:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )</p><p>Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.</p><p></p><p>Error: (02/27/2015 08:27:18 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)</p><p>Description: 1053mcpltsvcUnavailable{20966775-18A4-4299-B8E3-772C336B52A7}</p><p></p><p>Error: (02/27/2015 08:27:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The McAfee Platform Services service failed to start due to the following error: </p><p>%%1053</p><p></p><p>Error: (02/27/2015 08:27:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )</p><p>Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.</p><p></p><p>Error: (02/24/2015 07:53:56 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)</p><p>Description: 1053mcpltsvcUnavailable{20966775-18A4-4299-B8E3-772C336B52A7}</p><p></p><p>Error: (02/24/2015 07:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The McAfee Platform Services service failed to start due to the following error: </p><p>%%1053</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (03/01/2015 10:28:59 AM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: LiveComm.exe17.5.9600.20689bc01d0543c1b0d37cf4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe0eec6a00-c030-11e4-826d-3863bba1e190microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1</p><p></p><p>Error: (02/28/2015 03:05:08 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/27/2015 08:28:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/26/2015 07:56:05 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/25/2015 08:12:11 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/24/2015 07:57:42 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)</p><p>Description: Chrome has encountered a fatal error.</p><p>ver=40.0.2214.115;lang=;guid=66DC89E147AE42CEBD8FDF2880FF4A3D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\01052305-a1c8-44be-97f4-4a6ba7667eeb.dmp</p><p></p><p>Error: (02/24/2015 05:09:41 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )</p><p>Description: Subscription licensing service failed: -1073415161</p><p></p><p>Error: (02/24/2015 05:06:18 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: iTunes.exe12.1.0.7154c76235KERNELBASE.dll6.3.9600.1741554505737c000041d0000000000008b9c1fe4401d05086596d5e09C:\Program Files\iTunes\iTunes.exeC:\Windows\system32\KERNELBASE.dllbcb5325a-bc79-11e4-826c-3863bba1e190</p><p></p><p>Error: (02/24/2015 05:03:45 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)</p><p>Description: Chrome has encountered a fatal error.</p><p>ver=40.0.2214.115;lang=;guid=66DC89E147AE42CEBD8FDF2880FF4A3D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\e9c688bf-080f-4676-b4b3-0e8604953a26.dmp</p><p></p><p>Error: (02/24/2015 05:03:34 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: Netflix.exe2.9.0.2921da001d05086133dc7784294967295C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8\Netflix.exe5aa4c7c2-bc79-11e4-826c-3863bba1e1904DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8App</p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz</p><p>Percentage of memory in use: 32%</p><p>Total physical RAM: 8122.15 MB</p><p>Available physical RAM: 5473.96 MB</p><p>Total Pagefile: 9402.15 MB</p><p>Available Pagefile: 6564.05 MB</p><p>Total Virtual: 131072 MB</p><p>Available Virtual: 131071.85 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (Windows) (Fixed) (Total:443.7 GB) (Free:321.74 GB) NTFS</p><p>Drive d: (RECOVERY) (Fixed) (Total:21.04 GB) (Free:2.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 465.8 GB) (Disk ID: 159542BB)</p><p></p><p>Partition: GPT Partition Type.</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="spuncky, post: 355561, member: 34609"] MBAR log: Malwarebytes Anti-Rootkit BETA 1.09.1.1004 [URL="http://www.malwarebytes.org"]www.malwarebytes.org[/URL] Database version: main: v2015.03.01.03 rootkit: v2015.02.25.01 Windows 8.1 x64 NTFS Internet Explorer 11.0.9600.17631 Jacob :: JACOB-PC [administrator] 3/1/2015 10:08:38 AM mbar-log-2015-03-01 (10-08-38).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 359401 Time elapsed: 23 minute(s), 58 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) System log: --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.09.1.1004 (c) Malwarebytes Corporation 2011-2012 OS version: 6.3.9200 Windows 8.1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17631 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 1.696000 GHz Memory total: 8516689920, free: 5488238592 Downloaded database version: v2015.03.01.03 Downloaded database version: v2015.02.25.01 Downloaded database version: v2014.12.06.01 Initializing... ====================== This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue. ======================================= This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue. Initializing... ====================== This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue. Initializing... ====================== ------------ Kernel report ------------ 03/01/2015 10:08:26 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\iaStorA.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\System32\drivers\EhStorClass.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\system32\drivers\mfewfpk.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\System32\drivers\CmBatt.sys \SystemRoot\System32\drivers\BATTC.SYS \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\system32\DRIVERS\TeeDriverx64.sys \SystemRoot\system32\DRIVERS\RtsPer.sys \SystemRoot\system32\DRIVERS\rtwlane.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys \SystemRoot\System32\drivers\WirelessButtonDriver64.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\iwdbus.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\system32\DRIVERS\clwvd.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\system32\DRIVERS\portcls.sys \SystemRoot\system32\DRIVERS\drmk.sys \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\mfeavfk.sys \SystemRoot\system32\drivers\mfefirek.sys \SystemRoot\system32\DRIVERS\mfencbdc.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_iaStorA.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\drivers\mfeapfk.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\drivers\cfwids.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys ----------- End ----------- Done! Scan started Database versions: main: v2015.03.01.03 rootkit: v2015.02.25.01 <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffe000ce3d15e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe000ce3d0040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000ce3d15e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xffffe000cc5a2e50, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xffffe000cc5a2260, DeviceName: \Device\0000002a\, DriverName: \Driver\iaStorA\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1) Done! Drive 0 This is a System drive Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 159542BB GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 4294967295 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 1737689788 GPT Header CurrentLba = 1 BackupLba 976773167 GPT Header FirstUsableLba 34 LastUsableLba 976773134 GPT Header Guid e889530c-a73f-4139-931d-f3514484ddfe GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 1737689788 Backup GPT header CurrentLba = 976773167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 976773134 Backup GPT header Guid e889530c-a73f-4139-931d-f3514484ddfe Backup GPT header Contains 128 partition entries starting at LBA 976773135 Backup GPT header Partition entry size = 128 Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 85c75882-b0f2-41bf-9bf1-6939bebd7c6d FirstLBA 2048 Last LBA 1333247 Attributes 1 Partition Name Basic data partition Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID c01a6486-66a5-4da1-83cf-67234ffd83ce FirstLBA 1333248 Last LBA 1865727 Attributes 0 Partition Name EFI system partition GPT Partition 1 is bootable Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID 3a5bb6dd-77da-453b-b4d4-3f352af3757e FirstLBA 1865728 Last LBA 2127871 Attributes 0 Partition Name Microsoft reserved partition Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID b4a0a528-8c48-4e28-af38-7d54fc3ceec2 FirstLBA 2127872 Last LBA 932636671 Attributes 0 Partition Name Basic data partition Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 1127fbe8-b1c7-4478-a5aa-2d589730ef14 FirstLBA 932636672 Last LBA 976762879 Attributes 1 Partition Name Basic data partition Disk Size: 500107862016 bytes Sector size: 512 bytes Done! Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam... Removal finished Not sure if you want me to upload the file of the next two or just paste, so i'll paste: FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015 Ran by Jacob (administrator) on JACOB-PC on 01-03-2015 10:55:27 Running from C:\Users\Jaottmer\Desktop Loaded Profiles: Jacob (Available profiles: Jacob) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2825456 2015-02-07] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Development Company, L.P.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\...\Run: [Power2GoExpress8] => NA ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://g.msn.com/HPNOT14/1[/URL] HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [URL]http://g.msn.com/HPNOT14/1[/URL] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://g.msn.com/HPNOT14/1[/URL] HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://g.msn.com/HPNOT14/1[/URL] HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://g.msn.com/HPNOT14/1[/URL] HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://g.msn.com/HPNOT14/1[/URL] HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [URL]http://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome[/URL] HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [URL]http://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome[/URL] SearchScopes: HKLM -> {3DF3560B-E9FA-452D-8782-053A354BEC29} URL = [URL]http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}[/URL] SearchScopes: HKLM-x32 -> {3DF3560B-E9FA-452D-8782-053A354BEC29} URL = [URL]http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}[/URL] SearchScopes: HKU\S-1-5-21-1398835333-2482015856-2196344950-1001 -> {3DF3560B-E9FA-452D-8782-053A354BEC29} URL = [URL]http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}[/URL] BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1398835333-2482015856-2196344950-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jaottmer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-01-23] FF HKLM-x32\...\Firefox\Extensions: [[email]firefox@bho.com[/email]] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt FF Extension: HP SimplePass - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-02-07] Chrome: ======= CHR Profile: C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-30] CHR Extension: (Google Docs) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-30] CHR Extension: (Google Drive) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-30] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-30] CHR Extension: (YouTube) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-30] CHR Extension: (Google Search) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-30] CHR Extension: (Google Sheets) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-30] CHR Extension: (SiteAdvisor) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-23] CHR Extension: (Google Wallet) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-30] CHR Extension: (Gmail) - C:\Users\Jaottmer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-30] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-28] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - [URL]http://clients2.google.com/service/update2/crx[/URL] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed] R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-19] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-12-26] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-12-26] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2015-02-07] (Synaptics Incorporated) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506072 2014-06-20] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3636440 2014-12-25] (Realtek Semiconductor Corporation ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2015-02-07] (Synaptics Incorporated) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) U3 MSK80Service; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-01 10:55 - 2015-03-01 10:56 - 00021536 _____ () C:\Users\Jaottmer\Desktop\FRST.txt 2015-03-01 10:08 - 2015-03-01 10:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-03-01 10:06 - 2015-03-01 10:54 - 00000000 ____D () C:\Users\Jaottmer\Desktop\mbar 2015-03-01 10:05 - 2015-03-01 10:06 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Jaottmer\Downloads\mbar-1.09.1.1004.exe 2015-03-01 09:36 - 2015-03-01 10:55 - 00000000 ____D () C:\FRST 2015-03-01 09:36 - 2015-03-01 09:36 - 02092544 _____ (Farbar) C:\Users\Jaottmer\Desktop\FRST64.exe 2015-03-01 09:17 - 2015-03-01 09:17 - 00003164 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJacob 2015-03-01 09:17 - 2015-03-01 09:17 - 00000350 _____ () C:\Windows\Tasks\HPCeeScheduleForJacob.job 2015-03-01 09:15 - 2015-03-01 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2015-03-01 08:31 - 2015-03-01 10:08 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-01 08:31 - 2015-03-01 10:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-01 08:31 - 2015-03-01 08:31 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-03-01 08:31 - 2015-03-01 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-03-01 08:31 - 2015-03-01 08:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-01 08:31 - 2015-03-01 08:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-01 08:31 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-01 08:31 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-01 08:30 - 2015-03-01 08:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jaottmer\Downloads\mbam-setup-2.0.4.1028.exe 2015-02-25 20:05 - 2015-02-25 20:05 - 00001071 _____ () C:\Users\Public\Desktop\MuseScore.lnk 2015-02-25 20:05 - 2015-02-25 20:05 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\MusE 2015-02-25 20:05 - 2015-02-25 20:05 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\MusE 2015-02-25 20:05 - 2015-02-25 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore 2015-02-25 20:05 - 2015-02-25 20:05 - 00000000 ____D () C:\Program Files (x86)\MuseScore 2015-02-25 20:03 - 2015-02-25 20:04 - 38678632 _____ () C:\Users\Jaottmer\Downloads\MuseScore-1.3.exe 2015-02-24 17:29 - 2014-12-13 15:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-24 17:29 - 2014-12-13 15:28 - 00513488 _____ () C:\Windows\system32\locale.nls 2015-02-22 18:53 - 2015-02-22 21:01 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\Skype 2015-02-22 18:53 - 2015-02-22 18:53 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk 2015-02-22 18:53 - 2015-02-22 18:53 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-02-22 18:53 - 2015-02-22 18:53 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Skype 2015-02-22 18:53 - 2015-02-22 18:53 - 00000000 ____D () C:\ProgramData\Skype 2015-02-22 18:53 - 2015-02-22 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-02-22 18:50 - 2015-02-22 18:50 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Jaottmer\Downloads\SkypeSetup.exe 2015-02-21 17:03 - 2015-02-21 18:02 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\PFStaticIP 2015-02-21 17:02 - 2015-02-21 18:04 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\PortForward.com 2015-02-21 17:02 - 2015-02-21 17:02 - 03618904 _____ (Portforward, LLC) C:\Users\Jaottmer\Downloads\setup-network-utilities.exe 2015-02-21 17:02 - 2015-02-21 17:02 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Downloaded Installations 2015-02-19 16:28 - 2015-02-19 16:28 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Steam 2015-02-15 17:10 - 2015-02-15 17:41 - 85017511 _____ () C:\Users\Jaottmer\Downloads\The Strokes - Room on Fire (mp3boo.com).zip 2015-02-15 16:51 - 2015-02-15 17:21 - 80724454 _____ () C:\Users\Jaottmer\Downloads\Real Estate - Atlas (mp3boo.com).zip 2015-02-15 16:41 - 2015-02-15 17:14 - 106041818 _____ () C:\Users\Jaottmer\Downloads\Arctic Monkeys - AM (mp3boo.com).zip 2015-02-15 16:24 - 2015-02-15 16:24 - 00001772 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-02-15 16:24 - 2015-02-15 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-02-15 16:23 - 2015-02-15 16:23 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-02-15 16:23 - 2015-02-15 16:23 - 00000000 ____D () C:\Program Files\iTunes 2015-02-15 16:23 - 2015-02-15 16:23 - 00000000 ____D () C:\Program Files\iPod 2015-02-15 16:23 - 2015-02-15 16:23 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-02-15 08:47 - 2015-02-15 08:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2015-02-12 21:02 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-12 21:02 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-11 18:30 - 2015-01-19 12:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2015-02-11 18:30 - 2015-01-15 16:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 18:30 - 2015-01-15 16:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 18:30 - 2015-01-13 22:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-02-11 18:30 - 2015-01-13 21:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-02-11 18:30 - 2015-01-13 16:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 18:30 - 2015-01-13 16:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 18:30 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 18:30 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 18:30 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 18:30 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 18:30 - 2015-01-11 20:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-02-11 18:30 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-11 18:30 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 18:30 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 18:30 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 18:30 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 18:30 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 18:30 - 2015-01-11 19:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-02-11 18:30 - 2015-01-11 19:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-02-11 18:30 - 2015-01-11 19:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-02-11 18:30 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 18:30 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 18:30 - 2015-01-11 19:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 18:30 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 18:30 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 18:30 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 18:30 - 2015-01-11 19:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-02-11 18:30 - 2015-01-11 19:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-02-11 18:30 - 2015-01-11 19:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-02-11 18:30 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 18:30 - 2015-01-11 19:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-02-11 18:30 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 18:30 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 18:30 - 2015-01-11 19:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 18:30 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 18:30 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 18:30 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 18:30 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 18:30 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 18:30 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 18:30 - 2015-01-10 03:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 18:30 - 2015-01-10 03:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-02-11 18:30 - 2015-01-10 02:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-02-11 18:30 - 2015-01-10 02:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 18:30 - 2015-01-10 01:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 18:30 - 2015-01-10 00:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 18:30 - 2014-12-19 02:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 18:30 - 2014-12-19 02:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 18:30 - 2014-12-08 21:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 18:30 - 2014-12-08 19:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 18:30 - 2014-12-08 17:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml 2015-02-08 16:41 - 2015-02-08 17:41 - 00000000 ____D () C:\Users\Jaottmer\Documents\Blender 2015-02-08 16:41 - 2015-02-08 16:41 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\Blender Foundation 2015-02-08 15:39 - 2015-02-08 15:39 - 00000000 ____D () C:\Users\Jaottmer\.thumbnails 2015-02-08 15:37 - 2015-02-08 15:37 - 00001920 _____ () C:\Users\Public\Desktop\Blender.lnk 2015-02-08 15:37 - 2015-02-08 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation 2015-02-08 15:36 - 2015-02-08 15:36 - 00000000 ____D () C:\Program Files\Blender Foundation 2015-02-08 15:34 - 2015-02-08 15:36 - 64542509 _____ () C:\Users\Jaottmer\Downloads\blender-2.73a-windows64.exe 2015-02-07 16:48 - 2015-02-07 16:48 - 00750832 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2015-02-07 16:48 - 2015-02-07 16:48 - 00548592 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2015-02-07 16:48 - 2015-02-07 16:48 - 00407792 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll 2015-02-07 16:48 - 2015-02-07 16:48 - 00255216 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2015-02-07 16:48 - 2015-02-07 16:48 - 00208624 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo20.dll 2015-02-07 16:48 - 2015-02-07 16:48 - 00031472 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys 2015-02-07 16:41 - 2015-02-07 16:41 - 00002986 _____ () C:\Windows\System32\Tasks\Start SimplePass 2015-02-07 16:41 - 2015-02-07 16:41 - 00002912 _____ () C:\Windows\System32\Tasks\Start OPBHOBroker 2015-02-07 16:41 - 2014-09-26 16:17 - 00002986 _____ () C:\Windows\SysWOW64\Start_SimplePass.xml 2015-02-07 16:41 - 2014-09-26 16:17 - 00002924 _____ () C:\Windows\SysWOW64\Start_OPBHOBrokerDesktop.xml 2015-02-07 16:41 - 2014-09-26 16:17 - 00002912 _____ () C:\Windows\SysWOW64\Start_OPBHOBroker.xml 2015-02-07 16:41 - 2014-02-26 01:31 - 00001608 _____ () C:\Windows\SysWOW64\optskcpl.xml 2015-02-07 16:33 - 2015-02-07 16:33 - 00003154 _____ () C:\Windows\System32\Tasks\YCMServiceAgent 2015-02-07 16:33 - 2014-01-27 21:58 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys 2015-02-07 16:15 - 2013-11-12 14:25 - 00091912 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualDrive.sys 2015-02-06 17:46 - 2015-02-06 17:48 - 47045505 _____ () C:\Users\Jaottmer\Downloads\l4d2_-helms_deep-_reborn_21.zip 2015-02-06 16:30 - 2015-02-06 16:30 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Brice_Lambson 2015-02-06 16:28 - 2015-02-06 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows 2015-02-06 16:28 - 2015-02-06 16:28 - 00000000 ____D () C:\Program Files\Image Resizer for Windows 2015-02-06 16:28 - 2015-02-06 16:28 - 00000000 ____D () C:\Program Files (x86)\Image Resizer for Windows 2015-02-06 16:27 - 2015-02-06 16:27 - 00922057 _____ (Brice Lambson) C:\Users\Jaottmer\Downloads\ImageResizerSetup.exe 2015-02-06 16:10 - 2015-02-06 16:10 - 04621120 _____ () C:\Users\Jaottmer\Downloads\l4d2_fiddy_louis_1.0.zip 2015-02-06 11:02 - 2015-02-06 11:02 - 13304461 _____ () C:\Users\Jaottmer\Downloads\l4d2_l4d2_plants_vs_zombies_4.0.zip 2015-02-01 18:09 - 2015-02-01 18:10 - 30916079 _____ () C:\Users\Jaottmer\Downloads\Jan30_Sec10_4_Day1.wmv 2015-01-31 15:08 - 2014-04-15 17:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-01-31 15:08 - 2014-04-15 17:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-01 10:35 - 2014-12-24 20:25 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-01 10:27 - 2015-01-19 14:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-01 10:02 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sru 2015-03-01 09:31 - 2015-01-06 18:54 - 00004972 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JACOB-PC-Jacob Jacob-PC 2015-03-01 09:28 - 2014-12-24 20:15 - 02079873 _____ () C:\Windows\WindowsUpdate.log 2015-03-01 09:15 - 2014-12-24 20:26 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1398835333-2482015856-2196344950-1001 2015-03-01 09:15 - 2014-12-24 20:23 - 00000000 ____D () C:\Users\Jaottmer\Documents\Youcam 2015-03-01 09:11 - 2014-12-28 11:31 - 00000000 ____D () C:\Users\Jaottmer\OneDrive 2015-03-01 09:11 - 2014-12-24 20:25 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-01 09:09 - 2014-03-18 03:44 - 00025636 _____ () C:\Windows\PFRO.log 2015-03-01 09:09 - 2013-08-22 08:46 - 00027850 _____ () C:\Windows\setupact.log 2015-03-01 09:09 - 2013-08-22 08:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-01 09:08 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-03-01 09:01 - 2014-12-25 07:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-03-01 08:54 - 2014-03-31 19:07 - 00000000 ____D () C:\SWSetup 2015-03-01 08:38 - 2014-12-24 20:41 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-03-01 08:22 - 2014-12-26 11:59 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-28 21:05 - 2014-12-25 08:28 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\FEZ 2015-02-28 13:54 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-02-27 20:27 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-02-26 19:46 - 2013-08-22 09:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-02-23 19:51 - 2014-03-18 03:53 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-22 18:56 - 2014-12-24 20:23 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\CyberLink 2015-02-22 18:49 - 2014-12-24 20:20 - 00000000 ____D () C:\Users\Jaottmer\AppData\Local\Packages 2015-02-20 16:36 - 2014-12-24 20:26 - 00002170 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-02-20 16:31 - 2015-01-06 18:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-02-15 16:59 - 2014-08-27 00:10 - 00000000 ____D () C:\Windows\Hewlett-Packard 2015-02-15 16:23 - 2014-12-24 20:50 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-02-15 08:48 - 2014-12-26 10:15 - 00000000 ____D () C:\Users\Jaottmer\Documents\My Games 2015-02-12 20:51 - 2013-08-22 08:44 - 00538808 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 20:47 - 2014-12-26 09:43 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-12 20:43 - 2014-12-26 09:43 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-08 15:39 - 2014-12-24 20:20 - 00000000 ____D () C:\Users\Jaottmer 2015-02-08 08:24 - 2014-12-30 14:55 - 00000000 ____D () C:\Users\Jaottmer\AppData\Roaming\CyberLink 2015-02-07 18:09 - 2014-08-27 01:11 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2015-02-07 16:50 - 2014-08-27 00:04 - 00013678 _____ () C:\Windows\DPINST.LOG 2015-02-07 16:50 - 2014-08-27 00:04 - 00001336 _____ () C:\Windows\Synaptics.log 2015-02-07 16:42 - 2014-07-18 02:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2015-02-07 16:40 - 2014-07-18 02:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-02-07 16:33 - 2014-08-27 00:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat 2015-02-07 16:31 - 2014-08-27 00:18 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-02-07 16:23 - 2014-08-27 00:28 - 00000000 ____D () C:\Users\Public\CyberLink 2015-02-07 16:21 - 2014-12-30 14:55 - 00000000 ____D () C:\Users\Jaottmer\Documents\CyberLink 2015-02-07 16:21 - 2014-08-27 00:18 - 00000000 ____D () C:\ProgramData\CyberLink 2015-02-07 16:15 - 2014-07-18 02:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2015-02-07 14:00 - 2014-12-25 07:48 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2015-02-06 16:30 - 2014-12-24 20:25 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-06 16:30 - 2014-12-24 20:25 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-04 17:27 - 2015-01-19 14:06 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-03 13:31 - 2014-12-26 10:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-03 13:31 - 2014-12-26 10:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-31 14:20 - 2015-01-26 20:14 - 00000000 ____D () C:\Users\Jaottmer\Documents\High School ==================== Files in the root of some directories ======= 2014-12-25 08:29 - 2014-12-25 02:02 - 0012005 _____ () C:\Users\Jaottmer\AppData\Roaming\alsoft.ini 2015-01-18 14:03 - 2015-01-18 14:03 - 0007602 _____ () C:\Users\Jaottmer\AppData\Local\Resmon.ResmonCfg Some content of TEMP: ==================== C:\Users\Jaottmer\AppData\Local\Temp\COMAP.EXE C:\Users\Jaottmer\AppData\Local\Temp\Extract.exe C:\Users\Jaottmer\AppData\Local\Temp\jre-8u31-windows-au.exe C:\Users\Jaottmer\AppData\Local\Temp\SP67263.exe C:\Users\Jaottmer\AppData\Local\Temp\SP67334.exe C:\Users\Jaottmer\AppData\Local\Temp\SP68864.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69229.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69393.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69401.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69404.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69448.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69559.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69718.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69748.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69840.exe C:\Users\Jaottmer\AppData\Local\Temp\SP69888.exe C:\Users\Jaottmer\AppData\Local\Temp\SP70439.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-18 18:39 ==================== End Of Log ============================ Addition: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015 Ran by Jacob at 2015-03-01 10:56:22 Running from C:\Users\Jaottmer\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.) CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4608 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3912 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.) DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden DOOM 3 (HKLM-x32\...\Steam App 9050) (Version: - id Software) DOOM 3: Resurrection of Evil (HKLM-x32\...\Steam App 9070) (Version: - id Software) Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company) Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios) Fallout 3 Patch v1.8 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 1.8 - ) Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment) FEZ (HKLM-x32\...\Steam App 224760) (Version: - Polytron Corporation) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Documentation (HKLM-x32\...\{DCB0919F-F0A6-4C63-800F-B6825D6C0434}) (Version: 1.1.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{82E6836B-9400-4965-9FD2-46BD64D8BE41}) (Version: 2.4.7 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson) Inst5675 (Version: 8.01.27 - Softex Inc.) Hidden Inst5676 (Version: 8.01.27 - Softex Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation) iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.) McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4693.1002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden Only If (HKLM-x32\...\Steam App 298260) (Version: - Creability) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.41 - REALTEK Semiconductor Corp.) Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.15.1 - Synaptics Incorporated) System Requirements Lab Detection (HKLM-x32\...\{E7146BE5-A523-4C01-98F6-841589D2CC01}) (Version: 2.2.4.0 - Husdawg, LLC) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal) The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe) The Way of Life (HKLM-x32\...\Steam App 310370) (Version: - Fabio Ferrara) TI-Nspire™ Student Software (HKLM-x32\...\{F46F949B-755F-4BEF-A4B9-7B3B73D0104A}) (Version: 3.9.0.463 - Texas Instruments Inc.) Unity Web Player (HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1398835333-2482015856-2196344950-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () CustomCLSID: HKU\S-1-5-21-1398835333-2482015856-2196344950-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jaottmer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 06-02-2015 16:28:10 Image Resizer for Windows 12-02-2015 17:38:22 Windows Update 15-02-2015 08:46:57 Installed Microsoft XNA Framework Redistributable 4.0 25-02-2015 20:16:41 Scheduled Checkpoint 01-03-2015 08:21:23 Intel® Driver Update Utility ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0895B656-81E7-4C45-909A-E34E8BDE78E0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {1B19F3B3-7967-40F9-A59A-90900AF4FCB5} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-09-27] (Hewlett-Packard) Task: {1F09D08A-8335-4365-AD93-F2322E2C9275} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-09-27] (Hewlett-Packard) Task: {2704F656-FC47-4896-8628-4DE9B493ABDA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard) Task: {28A25C53-5428-4699-8623-01CDDC6A1C45} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {39A82E0B-F282-4721-9E6D-80B4DCACC6A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company) Task: {3F9D3238-A110-4A17-A5E4-F4EBC35374C6} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-09-27] (Hewlett-Packard) Task: {4587D178-B04F-458C-9C6F-8ABE7E820229} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-10-28] (CyberLink Corp.) Task: {48C0B3D8-8231-41BC-BC7E-3B7DA91ABD91} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation) Task: {5D5CE42D-E9D3-43DF-AAE4-DD6284D8FAA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company) Task: {6FF05AD0-038F-40A4-AEC5-BC6991DD5558} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JACOB-PC-Jacob Jacob-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-01-06] (Microsoft Corporation) Task: {845F555F-CA03-4052-B5F2-5AE04E9895EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company) Task: {8FCF0C80-7F17-4756-A93F-1EDB0A609F6A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-12] (Microsoft Corporation) Task: {996158B2-9836-437C-80E9-52F67C650F35} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation) Task: {C2B63198-3720-4B72-B90B-A2C2C622EF6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.) Task: {C342F004-0091-42F3-A46C-9312203CF441} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-24] (Google Inc.) Task: {C779A861-F0DE-4B8C-8591-F03E4006BD12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard) Task: {CA0CE2C2-6579-48DE-8867-6C563FC0ECD1} - System32\Tasks\HPCeeScheduleForJacob => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {DA22D57A-2DBF-4FA0-A0E5-9C062F084B06} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-02-07] (Synaptics Incorporated) Task: {E0F67A2F-37F6-4C06-A758-05853D05277A} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1398835333-2482015856-2196344950-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe Task: {EF64F7EB-7664-45FA-8E14-5C5657CEB138} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-13] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForJacob.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============== 2014-09-27 13:40 - 2014-09-27 13:40 - 02150400 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2014-09-27 13:39 - 2014-09-27 13:39 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2014-09-27 13:39 - 2014-09-27 13:39 - 00035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2014-09-27 13:39 - 2014-09-27 13:39 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2014-09-27 13:48 - 2014-09-27 13:48 - 00420432 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2014-09-27 13:48 - 2014-09-27 13:48 - 00746064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2014-12-26 11:37 - 2012-12-06 13:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-06 18:47 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-12-26 19:45 - 2014-12-26 19:45 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-12-26 19:45 - 2014-12-26 19:45 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-02-20 16:29 - 2014-12-23 13:53 - 08898728 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-09-27 13:42 - 2014-09-27 13:42 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2015-01-07 16:48 - 2015-01-07 16:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2014-08-27 00:05 - 2013-09-03 19:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-02-20 16:35 - 2015-02-17 16:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll 2015-02-20 16:35 - 2015-02-17 16:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll 2015-02-20 16:35 - 2015-02-17 16:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll 2015-02-20 16:35 - 2015-02-17 16:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Jaottmer\OneDrive:ms-properties AlternateDataStreams: C:\Users\Jaottmer\OneDrive.old:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jaottmer\Pictures\boxes-cube-fez-game-minimalistic-1920x1080.jpg DNS Servers: 192.168.1.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKU\S-1-5-21-1398835333-2482015856-2196344950-1001\...\StartupApproved\Run: => "Power2GoExpress8" ==================== Accounts: ============================= Administrator (S-1-5-21-1398835333-2482015856-2196344950-500 - Administrator - Disabled) Guest (S-1-5-21-1398835333-2482015856-2196344950-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1398835333-2482015856-2196344950-1003 - Limited - Enabled) Jacob (S-1-5-21-1398835333-2482015856-2196344950-1001 - Administrator - Enabled) => C:\Users\Jaottmer ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/01/2015 10:28:59 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: bc Start Time: 01d0543c1b0d37cf Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 0eec6a00-c030-11e4-826d-3863bba1e190 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (02/28/2015 03:05:08 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/27/2015 08:28:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/26/2015 07:56:05 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/25/2015 08:12:11 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/24/2015 07:57:42 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY) Description: Chrome has encountered a fatal error. ver=40.0.2214.115;lang=;guid=66DC89E147AE42CEBD8FDF2880FF4A3D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\01052305-a1c8-44be-97f4-4a6ba7667eeb.dmp Error: (02/24/2015 05:09:41 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/24/2015 05:06:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iTunes.exe, version: 12.1.0.71, time stamp: 0x54c76235 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737 Exception code: 0xc000041d Fault offset: 0x0000000000008b9c Faulting process id: 0x1fe44 Faulting application start time: 0xiTunes.exe0 Faulting application path: iTunes.exe1 Faulting module path: iTunes.exe2 Report Id: iTunes.exe3 Faulting package full name: iTunes.exe4 Faulting package-relative application ID: iTunes.exe5 Error: (02/24/2015 05:03:45 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY) Description: Chrome has encountered a fatal error. ver=40.0.2214.115;lang=;guid=66DC89E147AE42CEBD8FDF2880FF4A3D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\e9c688bf-080f-4676-b4b3-0e8604953a26.dmp Error: (02/24/2015 05:03:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Netflix.exe version 2.9.0.29 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 21da0 Start Time: 01d05086133dc778 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8\Netflix.exe Report Id: 5aa4c7c2-bc79-11e4-826c-3863bba1e190 Faulting package full name: 4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8 Faulting package-relative application ID: App System errors: ============= Error: (03/01/2015 09:06:43 AM) (Source: DCOM) (EventID: 10010) (User: JACOB-PC) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (03/01/2015 09:06:43 AM) (Source: DCOM) (EventID: 10010) (User: JACOB-PC) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (02/27/2015 08:27:18 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: 1053mcpltsvcUnavailable{20966775-18A4-4299-B8E3-772C336B52A7} Error: (02/27/2015 08:27:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The McAfee Platform Services service failed to start due to the following error: %%1053 Error: (02/27/2015 08:27:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect. Error: (02/27/2015 08:27:18 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: 1053mcpltsvcUnavailable{20966775-18A4-4299-B8E3-772C336B52A7} Error: (02/27/2015 08:27:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The McAfee Platform Services service failed to start due to the following error: %%1053 Error: (02/27/2015 08:27:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect. Error: (02/24/2015 07:53:56 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: 1053mcpltsvcUnavailable{20966775-18A4-4299-B8E3-772C336B52A7} Error: (02/24/2015 07:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The McAfee Platform Services service failed to start due to the following error: %%1053 Microsoft Office Sessions: ========================= Error: (03/01/2015 10:28:59 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20689bc01d0543c1b0d37cf4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe0eec6a00-c030-11e4-826d-3863bba1e190microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (02/28/2015 03:05:08 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/27/2015 08:28:48 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/26/2015 07:56:05 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/25/2015 08:12:11 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/24/2015 07:57:42 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY) Description: Chrome has encountered a fatal error. ver=40.0.2214.115;lang=;guid=66DC89E147AE42CEBD8FDF2880FF4A3D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\01052305-a1c8-44be-97f4-4a6ba7667eeb.dmp Error: (02/24/2015 05:09:41 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (02/24/2015 05:06:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iTunes.exe12.1.0.7154c76235KERNELBASE.dll6.3.9600.1741554505737c000041d0000000000008b9c1fe4401d05086596d5e09C:\Program Files\iTunes\iTunes.exeC:\Windows\system32\KERNELBASE.dllbcb5325a-bc79-11e4-826c-3863bba1e190 Error: (02/24/2015 05:03:45 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY) Description: Chrome has encountered a fatal error. ver=40.0.2214.115;lang=;guid=66DC89E147AE42CEBD8FDF2880FF4A3D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\e9c688bf-080f-4676-b4b3-0e8604953a26.dmp Error: (02/24/2015 05:03:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Netflix.exe2.9.0.2921da001d05086133dc7784294967295C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8\Netflix.exe5aa4c7c2-bc79-11e4-826c-3863bba1e1904DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8App ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz Percentage of memory in use: 32% Total physical RAM: 8122.15 MB Available physical RAM: 5473.96 MB Total Pagefile: 9402.15 MB Available Pagefile: 6564.05 MB Total Virtual: 131072 MB Available Virtual: 131071.85 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:443.7 GB) (Free:321.74 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:21.04 GB) (Free:2.11 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 159542BB) Partition: GPT Partition Type. ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top