Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Multiple SCVhost

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Multiple SCVhost

Unread postby mantgar » December 1st, 2014, 6:56 pm

I need help I have noticed my computer being unable to handle multiple apps. I lag on online gaming which did not happen before. I want to know if I have been infected. Please help.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 11.25.2
Run by Mark at 11:42:04 on 2014-12-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5609.3362 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.189.1003.0.exe
C:\Windows\system32\MpSigStub.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRunOnce: [WhiteSmoke] C:\Program Files (x86)\WhiteSmoke\UninstallWhiteSmoke.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{3D381477-A198-4288-8C03-FFB0C22E2F48} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{3D381477-A198-4288-8C03-FFB0C22E2F48}\1427475727F6723702960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{3D381477-A198-4288-8C03-FFB0C22E2F48}\14E67656C6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3D381477-A198-4288-8C03-FFB0C22E2F48}\16474777966696 : DHCPNameServer = 192.168.5.1
TCP: Interfaces\{3D381477-A198-4288-8C03-FFB0C22E2F48}\D4142534F4D20534F5E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{731E6FEA-E528-4747-9062-3AEFE725EE11} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{B0A40A4D-9476-4003-96D1-4BBFDA8C1B35} : DHCPNameServer = 172.20.10.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-mStart Page = hxxp://www.google.com
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-13 82048]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-13 42624]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-1-18 31360]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-27 235520]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-1-26 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-11-13 55936]
R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\drivers\appexDrv.sys [2012-5-21 189760]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-2-7 822624]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2013-2-7 1641768]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 125584]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2014-9-19 627992]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-10-26 102528]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-5-21 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-10-26 219776]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-12-6 95248]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-5-21 259688]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-21 646248]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfswin7.sys [2011-10-1 765288]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaywin7.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirwin7.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvolwin7.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-5-21 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2014-6-3 14136]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-11 114688]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech Webcam C160(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-9-19 115272]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2013-11-14 39080]
S3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2013-11-14 149160]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2013-1-7 401856]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2014-9-19 90424]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2014-9-19 15160]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-20 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-01 06:41:34 -------- d-----w- C:\Users\Mark\AppData\Roaming\Roxio Log Files
2014-11-29 20:15:21 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D7736483-62D8-48A3-85E3-7BE5546A4F0E}\mpengine.dll
2014-11-28 08:19:51 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-23 01:28:27 -------- d-sh--w- C:\Users\Mark\AppData\Local\EmieBrowserModeList
2014-11-21 21:54:36 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B28AA458-717F-44CD-A867-7ED0580D7474}\gapaengine.dll
2014-11-21 09:26:08 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-11-21 09:24:59 -------- d-----w- C:\Program Files\iPod
2014-11-21 09:24:56 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-21 09:24:56 -------- d-----w- C:\Program Files\iTunes
2014-11-21 09:24:56 -------- d-----w- C:\Program Files (x86)\iTunes
2014-11-18 21:37:45 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-18 21:37:45 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-18 21:37:45 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-18 21:37:44 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-14 09:32:37 -------- d-----w- C:\Program Files\CCleaner
2014-11-12 01:45:03 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-12 01:45:02 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-12 01:45:00 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-11-12 01:42:59 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-11-12 01:41:48 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-12 01:41:48 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
.
==================== Find3M ====================
.
2014-11-25 21:12:22 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-25 21:12:22 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-20 06:15:28 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
.
============= FINISH: 11:43:19.70 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/17/2012 12:34:20 AM
System Uptime: 12/1/2014 11:29:44 AM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 182D
Processor: AMD A10-4600M APU with Radeon(tm) HD Graphics | Socket FT1 | 2300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 577 GiB total, 482.36 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 2.094 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}
Description: CD-ROM Drive
Device ID: SCSI\CDROM&VEN_HP&PROD_DVD-RAM_UJ8B1\4&3217CD99&0&010000
Manufacturer: (Standard CD-ROM drives)
Name: hp DVD-RAM UJ8B1 SATA CdRom Device
PNP Device ID: SCSI\CDROM&VEN_HP&PROD_DVD-RAM_UJ8B1\4&3217CD99&0&010000
Service: cdrom
.
==== System Restore Points ===================
.
RP282: 11/19/2014 12:01:23 AM - Windows Update
RP283: 11/21/2014 1:09:44 AM - Configured YouCam
RP284: 11/21/2014 1:16:07 AM - Removed iTunes
RP285: 11/21/2014 1:23:44 AM - Installed iTunes
RP286: 11/22/2014 5:31:29 PM - Windows Update
RP287: 11/26/2014 7:07:24 PM - Windows Update
RP288: 11/30/2014 10:44:53 PM - Removed HP Launch Box
RP289: 12/1/2014 11:41:35 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Reader X (10.1.10) MUI
Adobe Shockwave Player 11.6
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Quick Stream
AMD Steady Video Plug-In
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
AuthenTec TrueAPI 64-bit
Bamboo Dock
Bejeweled 3
Blackhawk Striker 2
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Classic Menu for Office Enterprise 2010
Cradle of Rome 2
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DomaIQ
Dora's World Adventure
ESU for Microsoft Windows 7 SP1
Farm Frenzy
Farmscapes
FATE
Final Drive Fury
FlashPlayer
Google Chrome
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.2.3
Hoyle Card Games
HP 3D DriveGuard
HP Application Assistant
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP SimplePass
HP Software Framework
HP Support Assistant
IDT Audio
iTunes
Java 8 Update 25
Java Auto Updater
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
Junk Mail filter update
League of Legends
Letters from Nowhere 2
Luxor HD
Mah Jong Medley
McAfee Security Scan Plus
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office Home and Student 2010 - English
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
MotioninJoy DS3 driver version 0.6.0005
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NOOK Study
Office Tab
opensource
osu!
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
RaidCall
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 6.14
swMSM
Synaptics Pointing Device Driver
The Treasures of Mystery Island: The Ghost Ship
Torchlight
Unity Web Player
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition
Update Installer for WildTangent Games App
Uplay
Validity WBF DDK
Virtual Villagers 4 - The Tree of Life
WebTablet FB Plugin 32 bit
WebTablet FB Plugin 64 bit
WhiteSmoke
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 5.01 (32-bit)
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
12/1/2014 11:30:27 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
.
==== End Of File ===========================
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm
Advertisement
Register to Remove

Re: Multiple SCVhost

Unread postby wannabeageek » December 2nd, 2014, 12:06 am

Checking your logs - be back shortly
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Multiple SCVhost

Unread postby wannabeageek » December 2nd, 2014, 9:31 am

Hello mantgar, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:

    Absence of symptoms does not mean that everything is clear.


Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



Step 1.
Uninstall Programs
I need you to uninstall some program(s).
  1. Click on Start...then... Click the Start Search box on the Start Menu.
  2. Copy and paste the value below, into the open text entry box:
    appwiz.cpl
  3. then press enter.
    • Locate the following program(s):
      DomaIQ
    • Select the program and click on Uninstall to uninstall it.
      Carefully read any prompts...
      Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
    • When finished... Close the Control Panel window.





Step 2.
AdwCleaner Download and Run

Click on this link to download : ADWCleaner
Click on the Download Now button and save it to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:

Image

You will then see the screen below. Click on the Scan button (as indicated), accept any prompts that appear and allow it to run.
It may take several minutes to complete. When it is done click on the Clean button, accept any prompts that appear and allow the system to reboot.
You will then be presented with the report. Copy & Paste it into your next post.

Image

Please post the content of the C:\AdwCleaner[S?].txt logfile in your next reply.


Step 3.
Junkware Removal Tool
  • Please download and run the following program: JRT.exe
  • Right-click JRT.exe and select " Run as administrator " to run it.
  • When the program is finished running, post the log JRT.txt in your next reply.


Step 4.
FRST - Farbar Recovery Scanner Tool for Vista-W7 Image


Please download FRST64.exe ... by Farbar. Save it to your desktop.


  1. Right click on FRST64.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it. When the tool opens click Yes to disclaimer.
  2. Press Scan button. ... A log will be created FRST.txt in the same directory the tool is run.
  3. Please copy/paste FRST.txt it to your reply.
    The first time the tool is run, it makes also another log... Addition.txt.
  4. Please copy/paste Addition.txt in your reply.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Multiple SCVhost

Unread postby wannabeageek » December 4th, 2014, 9:47 am

Hi mantgar.

It has been two days since my last post.

  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • According to Malware Removal's latest policy, topics can be closed after 3 days without a response.
  • If you do not reply within the next 24 hours, this topic will be closed.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Multiple SCVhost

Unread postby mantgar » December 5th, 2014, 12:02 am

# AdwCleaner v4.104 - Report created 04/12/2014 at 19:58:02
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mark - MARK-HP
# Running from : C:\Users\Mark\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\DDownSaave
Folder Deleted : C:\ProgramData\PruiceChOp
Folder Deleted : C:\ProgramData\SSaveMaoss
Folder Deleted : C:\ProgramData\6ef21cb929b085d3
Folder Deleted : C:\Program Files (x86)\RichMediaViewV1
Folder Deleted : C:\Program Files (x86)\PruiceChOp
Folder Deleted : C:\Program Files (x86)\SSaveMaoss
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Infigo
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Mark\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Mark\AppData\Local\torch
Folder Deleted : C:\Users\Mark\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Mark\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Mark\AppData\Roaming\Infigo
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjebomocklpidklcijbhfbfcfbjcbmdi
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjebomocklpidklcijbhfbfcfbjcbmdi
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjebomocklpidklcijbhfbfcfbjcbmdi
Folder Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjebomocklpidklcijbhfbfcfbjcbmdi
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibhkldleegjcpibomefgngpeobdjoda
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibhkldleegjcpibomefgngpeobdjoda
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibhkldleegjcpibomefgngpeobdjoda
Folder Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibhkldleegjcpibomefgngpeobdjoda
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjebomocklpidklcijbhfbfcfbjcbmdi
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjebomocklpidklcijbhfbfcfbjcbmdi
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjebomocklpidklcijbhfbfcfbjcbmdi
Folder Deleted : C:\Users\Mark\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjebomocklpidklcijbhfbfcfbjcbmdi
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eibhkldleegjcpibomefgngpeobdjoda
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eibhkldleegjcpibomefgngpeobdjoda
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eibhkldleegjcpibomefgngpeobdjoda
Folder Deleted : C:\Users\Mark\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eibhkldleegjcpibomefgngpeobdjoda
File Deleted : C:\Users\Mark\AppData\Roaming\aps.uninstall.scan.results

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\BetterSurf
Key Deleted : HKLM\SOFTWARE\PC_Booster
Key Deleted : HKLM\SOFTWARE\systweak
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v37.0.2062.103


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [8427 octets] - [04/12/2014 19:56:11]
AdwCleaner[S0].txt - [8000 octets] - [04/12/2014 19:58:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8060 octets] ##########
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby mantgar » December 5th, 2014, 12:11 am

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Mark on Thu 12/04/2014 at 20:06:03.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BEDE7CDD-85CC-4020-B869-78CD5D329498}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 12/04/2014 at 20:10:46.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby mantgar » December 5th, 2014, 12:17 am

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Mark (administrator) on MARK-HP on 04-12-2014 20:13:52
Running from C:\Users\Mark\Downloads
Loaded Profile: Mark (Available profiles: Mark)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-10-17] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-02] (Hewlett-Packard)
HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1592174307-3943232130-657400462-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKLM -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Mark\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Mark\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Mark\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mark\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha944\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta946\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha264\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1671\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5453\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2473\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home1000\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8086\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release426\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1267\ff [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-19]
CHR Extension: (Google Drive) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-01]
CHR Extension: (QuickMark QR Code Extension) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhddglpocgogkbpkbkoieiplhgbjmiim [2014-09-08]
CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-09]
CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-29]
CHR Extension: (Website Logon) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2013-10-08]
CHR Extension: (Image Downloader Plus) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdehodanbfebhhmpjfnlajdldkffehg [2014-09-06]
CHR Extension: (Super sonico theme) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\leboklpnmbfmilcnbhinfefgahhjbimo [2014-11-26]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-29]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-01-26] (Advanced Micro Devices, Inc.) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [31360 2012-01-18] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [189760 2012-02-05] (AppEx Networks Corporation)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-10-03] (GEAR Software Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-14] (Razer Inc)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [20016 2011-10-13] (Synaptics Incorporated)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-04 20:13 - 2014-12-04 20:14 - 00022397 _____ () C:\Users\Mark\Downloads\FRST.txt
2014-12-04 20:12 - 2014-12-04 20:13 - 00000000 ____D () C:\FRST
2014-12-04 20:12 - 2014-12-04 20:12 - 02117632 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-12-04 20:11 - 2014-12-04 20:11 - 02153472 _____ () C:\Users\Mark\Downloads\AdwCleaner (1).exe
2014-12-04 20:11 - 2014-12-04 20:11 - 01707646 _____ (Thisisu) C:\Users\Mark\Downloads\JRT (1).exe
2014-12-04 20:10 - 2014-12-04 20:10 - 00001109 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-12-04 20:05 - 2014-12-04 20:05 - 00000000 ____D () C:\Windows\ERUNT
2014-12-04 20:04 - 2014-12-04 20:05 - 01707646 _____ (Thisisu) C:\Users\Mark\Downloads\JRT.exe
2014-12-04 20:01 - 2014-12-04 20:01 - 02153472 _____ () C:\Users\Mark\Downloads\AdwCleaner.exe
2014-12-04 19:59 - 2014-12-04 19:59 - 00000310 _____ () C:\Windows\PFRO.log
2014-12-04 19:59 - 2014-12-04 19:59 - 00000056 _____ () C:\Windows\setupact.log
2014-12-04 19:59 - 2014-12-04 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-04 19:54 - 2014-12-04 19:58 - 00000000 ____D () C:\AdwCleaner
2014-12-04 19:54 - 2014-12-04 19:54 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-04 19:53 - 2014-12-04 19:53 - 02153472 _____ () C:\Users\Mark\Desktop\AdwCleaner.exe
2014-12-01 23:05 - 2014-12-01 23:05 - 31604446 _____ () C:\Users\Mark\Downloads\Nara+4.7.zip
2014-12-01 22:59 - 2014-12-01 22:59 - 00003162 _____ () C:\Windows\System32\Tasks\{C30956DE-2971-49B4-A3F0-958C032F0EB8}
2014-12-01 22:53 - 2014-12-01 22:53 - 01546856 _____ (Skype Technologies S.A.) C:\Users\Mark\Downloads\SkypeSetup (3).exe
2014-12-01 22:51 - 2014-12-01 22:51 - 00003162 _____ () C:\Windows\System32\Tasks\{42C11B78-37B8-4D16-9759-AE7B6F345E0A}
2014-12-01 22:18 - 2014-12-01 22:18 - 01546856 _____ (Skype Technologies S.A.) C:\Users\Mark\Downloads\SkypeSetup (2).exe
2014-12-01 11:43 - 2014-12-01 11:43 - 00025763 _____ () C:\Users\Mark\Desktop\dds.txt
2014-12-01 11:43 - 2014-12-01 11:43 - 00010068 _____ () C:\Users\Mark\Desktop\attach.txt
2014-12-01 11:41 - 2014-12-01 11:41 - 00688992 ____R (Swearware) C:\Users\Mark\Downloads\dds.scr
2014-11-30 22:41 - 2014-11-30 22:41 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Roxio Log Files
2014-11-28 17:00 - 2014-11-28 17:01 - 10812697 _____ () C:\Users\Mark\Downloads\Blue.rar
2014-11-27 14:38 - 2014-11-27 14:38 - 00966441 _____ () C:\Users\Mark\Desktop\super-sonico-kimono-headphone-hd-wallpaper-1920x1080.jpeg
2014-11-25 16:06 - 2014-11-25 16:06 - 00342430 _____ () C:\Users\Mark\Downloads\lolhentai-1.6.3.sdt
2014-11-22 17:28 - 2014-11-22 17:28 - 00000000 __SHD () C:\Users\Mark\AppData\Local\EmieBrowserModeList
2014-11-21 01:26 - 2014-11-21 01:26 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-21 01:26 - 2014-11-21 01:26 - 00001783 _____ () C:\ProgramData\Desktop\iTunes.lnk
2014-11-21 01:26 - 2014-11-21 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-21 01:26 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\Program Files\iTunes
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-21 01:24 - 2014-11-21 01:24 - 00000000 ____D () C:\Program Files\iPod
2014-11-21 01:14 - 2014-11-21 01:14 - 122418480 _____ (Apple Inc.) C:\Users\Mark\Downloads\iTunes64Setup (2).exe
2014-11-19 10:35 - 2014-11-19 10:35 - 14048768 _____ () C:\Users\Mark\Downloads\beauty.zip
2014-11-18 13:37 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 13:37 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 13:37 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 13:37 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-14 01:32 - 2014-11-14 01:32 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-14 01:32 - 2014-11-14 01:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-14 01:31 - 2014-11-14 01:32 - 04976456 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup419.exe
2014-11-11 17:45 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 17:45 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 17:45 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 17:44 - 2014-11-07 11:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 17:44 - 2014-11-07 11:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 17:44 - 2014-11-05 20:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 17:44 - 2014-11-05 20:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 17:44 - 2014-11-05 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 17:44 - 2014-11-05 19:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 17:44 - 2014-11-05 19:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 17:44 - 2014-11-05 19:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 17:44 - 2014-11-05 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 17:44 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 17:44 - 2014-11-05 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 17:44 - 2014-11-05 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 17:44 - 2014-11-05 19:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 17:44 - 2014-11-05 19:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 17:44 - 2014-11-05 19:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 17:44 - 2014-11-05 19:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 17:44 - 2014-11-05 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 17:44 - 2014-11-05 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 17:44 - 2014-11-05 18:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 17:44 - 2014-11-05 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 17:44 - 2014-11-05 18:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 17:44 - 2014-11-05 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 17:44 - 2014-11-05 18:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 17:44 - 2014-11-05 18:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 17:44 - 2014-11-05 18:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 17:44 - 2014-11-05 18:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 17:44 - 2014-11-05 18:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 17:44 - 2014-11-05 18:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 17:44 - 2014-11-05 18:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 17:44 - 2014-11-05 18:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 17:44 - 2014-11-05 18:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 17:44 - 2014-11-05 18:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 17:44 - 2014-11-05 17:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 17:44 - 2014-11-05 17:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 17:44 - 2014-11-05 17:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 17:44 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 17:44 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 17:44 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 17:44 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 17:44 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 17:44 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 17:44 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 17:44 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 17:44 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 17:43 - 2014-11-05 20:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 17:43 - 2014-11-05 19:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 17:43 - 2014-11-05 19:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 17:43 - 2014-11-05 19:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 17:43 - 2014-11-05 19:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 17:43 - 2014-11-05 19:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 17:43 - 2014-11-05 19:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 17:43 - 2014-11-05 19:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 17:43 - 2014-11-05 19:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 17:43 - 2014-11-05 19:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 17:43 - 2014-11-05 19:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 17:43 - 2014-11-05 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 17:43 - 2014-11-05 19:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 17:43 - 2014-11-05 19:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 17:43 - 2014-11-05 18:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 17:43 - 2014-11-05 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 17:43 - 2014-11-05 18:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 17:43 - 2014-11-05 18:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 17:43 - 2014-11-05 18:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 17:43 - 2014-11-05 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 17:43 - 2014-11-05 17:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 17:43 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 17:43 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 17:43 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 17:43 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 17:43 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 17:43 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 17:42 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 17:42 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 17:42 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 17:42 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 17:42 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 17:42 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 17:41 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 17:41 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-04 13:18 - 2014-11-04 13:18 - 11835440 _____ () C:\Users\Mark\Downloads\-Kamui-+Cookiezi+skin+original+(Okinawa6).rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-04 20:13 - 2012-09-29 14:33 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002UA.job
2014-12-04 20:12 - 2012-03-09 18:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-04 20:06 - 2009-07-13 20:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-04 20:06 - 2009-07-13 20:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-04 20:04 - 2009-07-13 21:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 20:03 - 2012-07-16 23:33 - 01928209 _____ () C:\Windows\WindowsUpdate.log
2014-12-04 19:59 - 2014-09-09 00:12 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-04 19:59 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-04 19:47 - 2012-07-16 16:57 - 00000000 ____D () C:\Users\Mark\AppData\Local\CrashDumps
2014-12-04 19:31 - 2012-07-16 16:38 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{680EA8E4-75F4-4FBF-A06D-57282500CB56}
2014-12-04 19:17 - 2014-09-09 00:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-04 17:30 - 2014-04-22 15:57 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-12-04 01:06 - 2014-09-25 14:18 - 00000000 ____D () C:\Users\Mark\Desktop\OSU menubackground
2014-12-03 23:13 - 2012-09-29 14:33 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002Core.job
2014-12-03 18:50 - 2014-01-28 19:30 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMark
2014-12-03 18:50 - 2014-01-28 19:30 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForMark.job
2014-12-03 00:12 - 2012-09-07 22:33 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Skype
2014-12-02 18:30 - 2013-04-16 17:34 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-02 18:30 - 2012-07-17 17:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-01 11:52 - 2014-07-03 11:39 - 00000000 ____D () C:\Users\Mark\Desktop\Osu Folder
2014-11-30 22:42 - 2012-03-09 18:04 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-11-30 22:41 - 2013-01-20 22:26 - 00000000 ____D () C:\Program Files (x86)\Naver
2014-11-25 13:12 - 2012-03-09 18:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 13:12 - 2012-03-09 18:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 13:12 - 2012-03-09 18:08 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-21 01:24 - 2013-08-03 00:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-21 01:22 - 2013-08-03 00:44 - 00000000 ____D () C:\ProgramData\Apple
2014-11-21 01:20 - 2013-09-20 17:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-21 01:15 - 2012-03-09 18:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-11-14 01:35 - 2012-07-31 17:21 - 00000000 ____D () C:\Windows\Minidump
2014-11-14 01:35 - 2007-01-01 17:25 - 00000000 ____D () C:\Windows\Panther
2014-11-12 11:31 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 10:12 - 2009-07-13 20:45 - 00408800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 10:09 - 2014-05-06 16:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 00:30 - 2013-08-14 16:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 00:26 - 2012-12-14 08:51 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 12:32 - 2009-07-13 21:08 - 00032630 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Mark\jagex_cl_oldschool_LIVE.dat
C:\Users\Mark\random.dat


Some content of TEMP:
====================
C:\Users\Mark\AppData\Local\Temp\Quarantine.exe
C:\Users\Mark\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 19:06

==================== End Of Log ============================
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby mantgar » December 5th, 2014, 12:17 am

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by Mark at 2014-12-04 20:15:31
Running from C:\Users\Mark\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{E5E8615E-3433-5473-C6E5-12726B6216F1}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.14.0 - AppEx Networks)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Menu for Office Enterprise 2010 (HKLM-x32\...\{DF4ED63C-D32A-4F0C-AC6A-224C83184D8B}) (Version: 2.25 - Detong Technology Ltd.)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{3F122044-172F-4DC6-96CA-0DD4300E9CD9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}) (Version: 2.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - English (HKLM-x32\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5005 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NOOK Study (HKLM-x32\...\NOOK Study) (Version: 2.1.2.28499 - Barnesandnoble.com)
Office Tab (HKLM-x32\...\{FB75BC84-DC75-485D-9F00-1D342085FD03}) (Version: 6.00 - Detong Technology Ltd.)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
osu! (HKLM-x32\...\{a911cc38-fba0-4230-af99-8eaef1d4bf1f}) (Version: latest - ppy Pty Ltd)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12722.79 - raidcall.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Validity WBF DDK (HKLM\...\{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}) (Version: 4.3.301.0 - Validity Sensors, Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WhiteSmoke (HKLM-x32\...\WhiteSmoke) (Version: 1.00.6034.13130 - WhiteSmoke)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1592174307-3943232130-657400462-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

==================== Restore Points =========================

21-11-2014 09:09:44 Configured YouCam
21-11-2014 09:16:07 Removed iTunes
21-11-2014 09:23:44 Installed iTunes
23-11-2014 01:31:29 Windows Update
27-11-2014 03:07:24 Windows Update
01-12-2014 06:44:53 Removed HP Launch Box
01-12-2014 19:41:35 Windows Update
04-12-2014 23:40:53 Windows Update
05-12-2014 03:51:18 Quitado FlashPlayer

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00340F0A-E295-4875-8E1A-5E80BC028E5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09] (Google Inc.)
Task: {1238CD7F-07D0-4A68-975C-267FC919BFF6} - System32\Tasks\{66A7C984-2759-497F-A76B-A1E30B5E9AED} => Chrome.exe http://ui.skype.com/ui/0/6.10.0.104/en/ ... Error=1618
Task: {16905F9C-C274-4220-B984-7CBF187D57F2} - System32\Tasks\{C30956DE-2971-49B4-A3F0-958C032F0EB8} => Chrome.exe http://ui.skype.com/ui/0/6.22.64.107/en ... =tsInstall
Task: {1FEAE737-9C48-490F-88D9-FF78B71E9197} - System32\Tasks\{618498EB-A95A-4622-A17E-636483F0D440} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/en/ ... =tsInstall
Task: {21CB26B4-82C3-4054-8FD1-7C0EB6209225} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {301E4433-C40F-49F0-A992-8E9306515A66} - System32\Tasks\Test TimeTrigger => C:\Users\Mark\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {3F857922-EB2E-4929-8A2F-A2DB3F76C673} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {473B7ACB-2852-47BF-B6E0-BE9715C5D6F8} - System32\Tasks\HPCeeScheduleForMark => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {4757DBF5-EB3E-4B7D-9234-5F418D3D8BB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {70564253-6548-449B-8CC6-3FC8540CE8FF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002Core => C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {70AFAA50-86F5-42E4-9B66-A24297474062} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {710E5C00-8BC9-4F51-B254-40FD43A7D947} - System32\Tasks\{645F615F-45C8-44F3-A131-E814F102E129} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/en/ ... =tsInstall
Task: {85950057-E3AC-4B87-B16C-4DA23AD1CB00} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A27416D8-8203-42BA-9B37-F027AE15ADB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {AE0B9ED8-E576-4C22-B366-923A894C02F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B5FE5853-6420-4F27-A978-761F949FD2F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C1BFE53E-C2FB-4B2A-91AC-A3FF99BCF95B} - System32\Tasks\{E78CD9A4-A018-40DF-9312-468D8FB161FB} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/en/ ... =tsInstall
Task: {CE0E30E4-6D71-4959-B17E-D309A71EC008} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002UA => C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {DAC65D24-1CCE-4D92-9DFF-E5752469ACF1} - System32\Tasks\{42C11B78-37B8-4D16-9759-AE7B6F345E0A} => Chrome.exe http://ui.skype.com/ui/0/6.22.64.107/en ... =tsInstall
Task: {F6CC23D8-3885-46A7-A181-7636FB64C24E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002Core.job => C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002UA.job => C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMark.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-01-26 17:54 - 2012-01-26 17:54 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-09-19 23:00 - 2014-01-13 08:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2011-12-19 22:34 - 2011-12-19 22:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-02-07 08:19 - 2013-02-07 08:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2012-10-16 01:39 - 2012-10-16 01:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2012-01-26 17:54 - 2012-01-26 17:54 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-01-26 17:59 - 2012-01-26 17:59 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 08:55 - 2011-11-09 08:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:58A5270D
AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

========================= Accounts: ==========================

Administrator (S-1-5-21-1592174307-3943232130-657400462-500 - Administrator - Disabled)
Guest (S-1-5-21-1592174307-3943232130-657400462-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1592174307-3943232130-657400462-1003 - Limited - Enabled)
Mark (S-1-5-21-1592174307-3943232130-657400462-1002 - Administrator - Enabled) => C:\Users\Mark

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: hp DVD-RAM UJ8B1 SATA CdRom Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD A10-4600M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 35%
Total physical RAM: 5609.37 MB
Available physical RAM: 3617.34 MB
Total Pagefile: 11216.91 MB
Available Pagefile: 8862.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:576.59 GB) (Free:484.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.29 GB) (Free:2.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 2A3DD743)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=576.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby mantgar » December 5th, 2014, 12:19 am

All logs have been post thank you for waiting
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby wannabeageek » December 6th, 2014, 12:47 am

Hi mantgar,

Tonight shall be easy.

If you did not specificly install this program - McAfee Security Scan Plus - Please remove it by unistalling it.
This is a "bundled" program that is added when you update some Adobe products. McAfee products can be more trouble than they are worth.


DESKTOP WARNING!
Please be sure to Save and then Run all your programs from your Desktop. These programs are designed to operate from the desktop.


==================== MSCONFIG/TASK MANAGER disabled items =========

Please open MSCONFIG, enable the items listed below and then run a new FRST scan.

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized


Malware can hide in programs that are disabled and reinfect when the disabled program is activated again. All programs need to be active.
If you do not want them active, we can disable them in another manner after the cleaning process.


If you have any questions or need additional instructions, please ask.
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Multiple SCVhost

Unread postby mantgar » December 7th, 2014, 9:08 pm

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02
Ran by Mark (administrator) on MARK-HP on 07-12-2014 17:04:15
Running from C:\Users\Mark\Desktop
Loaded Profile: Mark (Available profiles: Mark)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-10-17] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-02] (Hewlett-Packard)
HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1592174307-3943232130-657400462-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKLM -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Mark\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Mark\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Mark\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mark\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha944\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta946\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha264\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1671\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5453\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2473\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home1000\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8086\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release426\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1267\ff [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-19]
CHR Extension: (Google Drive) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-01]
CHR Extension: (QuickMark QR Code Extension) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhddglpocgogkbpkbkoieiplhgbjmiim [2014-09-08]
CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-09]
CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-29]
CHR Extension: (Website Logon) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2013-10-08]
CHR Extension: (Image Downloader Plus) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdehodanbfebhhmpjfnlajdldkffehg [2014-09-06]
CHR Extension: (Super sonico theme) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\leboklpnmbfmilcnbhinfefgahhjbimo [2014-11-26]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-29]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-01-26] (Advanced Micro Devices, Inc.) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [31360 2012-01-18] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [189760 2012-02-05] (AppEx Networks Corporation)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-10-03] (GEAR Software Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-14] (Razer Inc)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [20016 2011-10-13] (Synaptics Incorporated)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 17:04 - 2014-12-07 17:05 - 00023125 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-12-07 17:04 - 2014-12-07 17:04 - 00000000 ____D () C:\Users\Mark\Desktop\FRST-OlderVersion
2014-12-07 16:59 - 2014-12-07 16:59 - 00000564 _____ () C:\Windows\PFRO.log
2014-12-07 01:40 - 2014-12-07 01:40 - 08193413 _____ () C:\Users\Mark\Downloads\WWW v1.6 (1).rar
2014-12-06 16:30 - 2014-12-07 16:59 - 00000168 _____ () C:\Windows\setupact.log
2014-12-06 16:30 - 2014-12-06 16:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-05 17:51 - 2014-12-05 17:51 - 00966441 _____ () C:\Users\Mark\Downloads\super-sonico-kimono-headphone-hd-wallpaper-1920x1080.jpeg
2014-12-05 13:48 - 2014-12-05 13:49 - 122522148 _____ () C:\Users\Mark\Downloads\WWWskin v1.5.rar
2014-12-04 21:55 - 2014-12-07 01:08 - 11607539 _____ () C:\Users\Mark\Downloads\WWW v1.6.rar
2014-12-04 20:15 - 2014-12-04 20:15 - 00024739 _____ () C:\Users\Mark\Downloads\Addition.txt
2014-12-04 20:13 - 2014-12-04 20:15 - 00043627 _____ () C:\Users\Mark\Downloads\FRST.txt
2014-12-04 20:12 - 2014-12-07 17:04 - 02119680 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-12-04 20:12 - 2014-12-07 17:04 - 00000000 ____D () C:\FRST
2014-12-04 20:11 - 2014-12-04 20:11 - 02153472 _____ () C:\Users\Mark\Downloads\AdwCleaner (1).exe
2014-12-04 20:11 - 2014-12-04 20:11 - 01707646 _____ (Thisisu) C:\Users\Mark\Downloads\JRT (1).exe
2014-12-04 20:10 - 2014-12-04 20:10 - 00001109 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-12-04 20:05 - 2014-12-04 20:05 - 00000000 ____D () C:\Windows\ERUNT
2014-12-04 20:04 - 2014-12-04 20:05 - 01707646 _____ (Thisisu) C:\Users\Mark\Desktop\JRT.exe
2014-12-04 20:01 - 2014-12-04 20:01 - 02153472 _____ () C:\Users\Mark\Downloads\AdwCleaner.exe
2014-12-04 19:54 - 2014-12-04 19:58 - 00000000 ____D () C:\AdwCleaner
2014-12-04 19:54 - 2014-12-04 19:54 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-04 19:53 - 2014-12-04 19:53 - 02153472 _____ () C:\Users\Mark\Desktop\AdwCleaner.exe
2014-12-01 23:05 - 2014-12-01 23:05 - 31604446 _____ () C:\Users\Mark\Downloads\Nara+4.7.zip
2014-12-01 22:59 - 2014-12-01 22:59 - 00003162 _____ () C:\Windows\System32\Tasks\{C30956DE-2971-49B4-A3F0-958C032F0EB8}
2014-12-01 22:53 - 2014-12-01 22:53 - 01546856 _____ (Skype Technologies S.A.) C:\Users\Mark\Downloads\SkypeSetup (3).exe
2014-12-01 22:51 - 2014-12-01 22:51 - 00003162 _____ () C:\Windows\System32\Tasks\{42C11B78-37B8-4D16-9759-AE7B6F345E0A}
2014-12-01 22:18 - 2014-12-01 22:18 - 01546856 _____ (Skype Technologies S.A.) C:\Users\Mark\Downloads\SkypeSetup (2).exe
2014-12-01 11:43 - 2014-12-01 11:43 - 00025763 _____ () C:\Users\Mark\Desktop\dds.txt
2014-12-01 11:43 - 2014-12-01 11:43 - 00010068 _____ () C:\Users\Mark\Desktop\attach.txt
2014-12-01 11:41 - 2014-12-01 11:41 - 00688992 ____R (Swearware) C:\Users\Mark\Downloads\dds.scr
2014-11-30 22:41 - 2014-11-30 22:41 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Roxio Log Files
2014-11-28 17:00 - 2014-11-28 17:01 - 10812697 _____ () C:\Users\Mark\Downloads\Blue.rar
2014-11-25 16:06 - 2014-11-25 16:06 - 00342430 _____ () C:\Users\Mark\Downloads\lolhentai-1.6.3.sdt
2014-11-22 17:28 - 2014-11-22 17:28 - 00000000 __SHD () C:\Users\Mark\AppData\Local\EmieBrowserModeList
2014-11-21 01:26 - 2014-11-21 01:26 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-21 01:26 - 2014-11-21 01:26 - 00001783 _____ () C:\ProgramData\Desktop\iTunes.lnk
2014-11-21 01:26 - 2014-11-21 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-21 01:26 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\Program Files\iTunes
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-21 01:24 - 2014-11-21 01:24 - 00000000 ____D () C:\Program Files\iPod
2014-11-21 01:14 - 2014-11-21 01:14 - 122418480 _____ (Apple Inc.) C:\Users\Mark\Downloads\iTunes64Setup (2).exe
2014-11-19 10:35 - 2014-11-19 10:35 - 14048768 _____ () C:\Users\Mark\Downloads\beauty.zip
2014-11-18 13:37 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 13:37 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 13:37 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 13:37 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-14 01:32 - 2014-11-14 01:32 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-14 01:32 - 2014-11-14 01:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-14 01:31 - 2014-11-14 01:32 - 04976456 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup419.exe
2014-11-11 17:45 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 17:45 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 17:45 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 17:44 - 2014-11-07 11:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 17:44 - 2014-11-07 11:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 17:44 - 2014-11-05 20:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 17:44 - 2014-11-05 20:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 17:44 - 2014-11-05 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 17:44 - 2014-11-05 19:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 17:44 - 2014-11-05 19:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 17:44 - 2014-11-05 19:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 17:44 - 2014-11-05 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 17:44 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 17:44 - 2014-11-05 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 17:44 - 2014-11-05 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 17:44 - 2014-11-05 19:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 17:44 - 2014-11-05 19:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 17:44 - 2014-11-05 19:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 17:44 - 2014-11-05 19:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 17:44 - 2014-11-05 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 17:44 - 2014-11-05 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 17:44 - 2014-11-05 18:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 17:44 - 2014-11-05 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 17:44 - 2014-11-05 18:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 17:44 - 2014-11-05 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 17:44 - 2014-11-05 18:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 17:44 - 2014-11-05 18:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 17:44 - 2014-11-05 18:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 17:44 - 2014-11-05 18:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 17:44 - 2014-11-05 18:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 17:44 - 2014-11-05 18:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 17:44 - 2014-11-05 18:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 17:44 - 2014-11-05 18:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 17:44 - 2014-11-05 18:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 17:44 - 2014-11-05 18:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 17:44 - 2014-11-05 17:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 17:44 - 2014-11-05 17:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 17:44 - 2014-11-05 17:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 17:44 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 17:44 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 17:44 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 17:44 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 17:44 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 17:44 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 17:44 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 17:44 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 17:44 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 17:43 - 2014-11-05 20:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 17:43 - 2014-11-05 19:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 17:43 - 2014-11-05 19:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 17:43 - 2014-11-05 19:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 17:43 - 2014-11-05 19:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 17:43 - 2014-11-05 19:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 17:43 - 2014-11-05 19:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 17:43 - 2014-11-05 19:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 17:43 - 2014-11-05 19:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 17:43 - 2014-11-05 19:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 17:43 - 2014-11-05 19:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 17:43 - 2014-11-05 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 17:43 - 2014-11-05 19:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 17:43 - 2014-11-05 19:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 17:43 - 2014-11-05 18:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 17:43 - 2014-11-05 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 17:43 - 2014-11-05 18:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 17:43 - 2014-11-05 18:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 17:43 - 2014-11-05 18:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 17:43 - 2014-11-05 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 17:43 - 2014-11-05 17:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 17:43 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 17:43 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 17:43 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 17:43 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 17:43 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 17:43 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 17:42 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 17:42 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 17:42 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 17:42 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 17:42 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 17:42 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 17:41 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 17:41 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 17:04 - 2009-07-13 21:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-07 17:03 - 2012-07-16 23:33 - 02068750 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 16:59 - 2014-09-09 00:12 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 16:59 - 2012-09-07 22:33 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Skype
2014-12-07 16:59 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 16:57 - 2009-07-13 20:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 16:57 - 2009-07-13 20:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 02:58 - 2014-04-22 15:57 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-12-07 02:17 - 2014-09-09 00:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 02:13 - 2012-09-29 14:33 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002UA.job
2014-12-07 02:12 - 2012-03-09 18:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 23:13 - 2012-09-29 14:33 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002Core.job
2014-12-06 16:36 - 2012-07-16 16:38 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{680EA8E4-75F4-4FBF-A06D-57282500CB56}
2014-12-05 03:32 - 2014-09-25 14:18 - 00000000 ____D () C:\Users\Mark\Desktop\OSU menubackground
2014-12-05 00:49 - 2012-07-16 16:57 - 00000000 ____D () C:\Users\Mark\AppData\Local\CrashDumps
2014-12-04 23:39 - 2014-10-11 12:30 - 00000000 ____D () C:\Users\Mark\AppData\Local\Windows Live
2014-12-03 18:50 - 2014-01-28 19:30 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMark
2014-12-03 18:50 - 2014-01-28 19:30 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForMark.job
2014-12-02 18:30 - 2013-04-16 17:34 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-02 18:30 - 2012-07-17 17:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-01 11:52 - 2014-07-03 11:39 - 00000000 ____D () C:\Users\Mark\Desktop\Osu Folder
2014-11-30 22:42 - 2012-03-09 18:04 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-11-30 22:41 - 2013-01-20 22:26 - 00000000 ____D () C:\Program Files (x86)\Naver
2014-11-25 13:12 - 2012-03-09 18:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 13:12 - 2012-03-09 18:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 13:12 - 2012-03-09 18:08 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-21 01:24 - 2013-08-03 00:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-21 01:22 - 2013-08-03 00:44 - 00000000 ____D () C:\ProgramData\Apple
2014-11-21 01:20 - 2013-09-20 17:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-21 01:15 - 2012-03-09 18:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-11-14 01:35 - 2012-07-31 17:21 - 00000000 ____D () C:\Windows\Minidump
2014-11-14 01:35 - 2007-01-01 17:25 - 00000000 ____D () C:\Windows\Panther
2014-11-12 11:31 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 10:12 - 2009-07-13 20:45 - 00408800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 10:09 - 2014-05-06 16:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 00:30 - 2013-08-14 16:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 00:26 - 2012-12-14 08:51 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 12:32 - 2009-07-13 21:08 - 00032630 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Mark\jagex_cl_oldschool_LIVE.dat
C:\Users\Mark\random.dat


Some content of TEMP:
====================
C:\Users\Mark\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 19:06

==================== End Of Log ============================
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby mantgar » December 7th, 2014, 9:08 pm

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02
Ran by Mark (administrator) on MARK-HP on 07-12-2014 17:04:15
Running from C:\Users\Mark\Desktop
Loaded Profile: Mark (Available profiles: Mark)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-10-17] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-02] (Hewlett-Packard)
HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1592174307-3943232130-657400462-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKLM -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572 ... html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> {F6CA9B1C-805E-43C9-8C28-345C58DC5BE5} URL = http://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Mark\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Mark\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Mark\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mark\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1592174307-3943232130-657400462-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha944\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta946\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha264\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1671\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5453\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2473\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home1000\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8086\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release426\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1267\ff [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-19]
CHR Extension: (Google Drive) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-01]
CHR Extension: (QuickMark QR Code Extension) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhddglpocgogkbpkbkoieiplhgbjmiim [2014-09-08]
CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-09]
CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-29]
CHR Extension: (Website Logon) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2013-10-08]
CHR Extension: (Image Downloader Plus) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdehodanbfebhhmpjfnlajdldkffehg [2014-09-06]
CHR Extension: (Super sonico theme) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\leboklpnmbfmilcnbhinfefgahhjbimo [2014-11-26]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-29]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-01-26] (Advanced Micro Devices, Inc.) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [31360 2012-01-18] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [189760 2012-02-05] (AppEx Networks Corporation)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-10-03] (GEAR Software Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-14] (Razer Inc)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [20016 2011-10-13] (Synaptics Incorporated)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 17:04 - 2014-12-07 17:05 - 00023125 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-12-07 17:04 - 2014-12-07 17:04 - 00000000 ____D () C:\Users\Mark\Desktop\FRST-OlderVersion
2014-12-07 16:59 - 2014-12-07 16:59 - 00000564 _____ () C:\Windows\PFRO.log
2014-12-07 01:40 - 2014-12-07 01:40 - 08193413 _____ () C:\Users\Mark\Downloads\WWW v1.6 (1).rar
2014-12-06 16:30 - 2014-12-07 16:59 - 00000168 _____ () C:\Windows\setupact.log
2014-12-06 16:30 - 2014-12-06 16:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-05 17:51 - 2014-12-05 17:51 - 00966441 _____ () C:\Users\Mark\Downloads\super-sonico-kimono-headphone-hd-wallpaper-1920x1080.jpeg
2014-12-05 13:48 - 2014-12-05 13:49 - 122522148 _____ () C:\Users\Mark\Downloads\WWWskin v1.5.rar
2014-12-04 21:55 - 2014-12-07 01:08 - 11607539 _____ () C:\Users\Mark\Downloads\WWW v1.6.rar
2014-12-04 20:15 - 2014-12-04 20:15 - 00024739 _____ () C:\Users\Mark\Downloads\Addition.txt
2014-12-04 20:13 - 2014-12-04 20:15 - 00043627 _____ () C:\Users\Mark\Downloads\FRST.txt
2014-12-04 20:12 - 2014-12-07 17:04 - 02119680 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-12-04 20:12 - 2014-12-07 17:04 - 00000000 ____D () C:\FRST
2014-12-04 20:11 - 2014-12-04 20:11 - 02153472 _____ () C:\Users\Mark\Downloads\AdwCleaner (1).exe
2014-12-04 20:11 - 2014-12-04 20:11 - 01707646 _____ (Thisisu) C:\Users\Mark\Downloads\JRT (1).exe
2014-12-04 20:10 - 2014-12-04 20:10 - 00001109 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-12-04 20:05 - 2014-12-04 20:05 - 00000000 ____D () C:\Windows\ERUNT
2014-12-04 20:04 - 2014-12-04 20:05 - 01707646 _____ (Thisisu) C:\Users\Mark\Desktop\JRT.exe
2014-12-04 20:01 - 2014-12-04 20:01 - 02153472 _____ () C:\Users\Mark\Downloads\AdwCleaner.exe
2014-12-04 19:54 - 2014-12-04 19:58 - 00000000 ____D () C:\AdwCleaner
2014-12-04 19:54 - 2014-12-04 19:54 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-04 19:53 - 2014-12-04 19:53 - 02153472 _____ () C:\Users\Mark\Desktop\AdwCleaner.exe
2014-12-01 23:05 - 2014-12-01 23:05 - 31604446 _____ () C:\Users\Mark\Downloads\Nara+4.7.zip
2014-12-01 22:59 - 2014-12-01 22:59 - 00003162 _____ () C:\Windows\System32\Tasks\{C30956DE-2971-49B4-A3F0-958C032F0EB8}
2014-12-01 22:53 - 2014-12-01 22:53 - 01546856 _____ (Skype Technologies S.A.) C:\Users\Mark\Downloads\SkypeSetup (3).exe
2014-12-01 22:51 - 2014-12-01 22:51 - 00003162 _____ () C:\Windows\System32\Tasks\{42C11B78-37B8-4D16-9759-AE7B6F345E0A}
2014-12-01 22:18 - 2014-12-01 22:18 - 01546856 _____ (Skype Technologies S.A.) C:\Users\Mark\Downloads\SkypeSetup (2).exe
2014-12-01 11:43 - 2014-12-01 11:43 - 00025763 _____ () C:\Users\Mark\Desktop\dds.txt
2014-12-01 11:43 - 2014-12-01 11:43 - 00010068 _____ () C:\Users\Mark\Desktop\attach.txt
2014-12-01 11:41 - 2014-12-01 11:41 - 00688992 ____R (Swearware) C:\Users\Mark\Downloads\dds.scr
2014-11-30 22:41 - 2014-11-30 22:41 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Roxio Log Files
2014-11-28 17:00 - 2014-11-28 17:01 - 10812697 _____ () C:\Users\Mark\Downloads\Blue.rar
2014-11-25 16:06 - 2014-11-25 16:06 - 00342430 _____ () C:\Users\Mark\Downloads\lolhentai-1.6.3.sdt
2014-11-22 17:28 - 2014-11-22 17:28 - 00000000 __SHD () C:\Users\Mark\AppData\Local\EmieBrowserModeList
2014-11-21 01:26 - 2014-11-21 01:26 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-21 01:26 - 2014-11-21 01:26 - 00001783 _____ () C:\ProgramData\Desktop\iTunes.lnk
2014-11-21 01:26 - 2014-11-21 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-21 01:26 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\Program Files\iTunes
2014-11-21 01:24 - 2014-11-21 01:26 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-21 01:24 - 2014-11-21 01:24 - 00000000 ____D () C:\Program Files\iPod
2014-11-21 01:14 - 2014-11-21 01:14 - 122418480 _____ (Apple Inc.) C:\Users\Mark\Downloads\iTunes64Setup (2).exe
2014-11-19 10:35 - 2014-11-19 10:35 - 14048768 _____ () C:\Users\Mark\Downloads\beauty.zip
2014-11-18 13:37 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 13:37 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 13:37 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 13:37 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-14 01:32 - 2014-11-14 01:32 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-14 01:32 - 2014-11-14 01:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-14 01:31 - 2014-11-14 01:32 - 04976456 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup419.exe
2014-11-11 17:45 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 17:45 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 17:45 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 17:44 - 2014-11-07 11:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 17:44 - 2014-11-07 11:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 17:44 - 2014-11-05 20:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 17:44 - 2014-11-05 20:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 17:44 - 2014-11-05 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 17:44 - 2014-11-05 19:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 17:44 - 2014-11-05 19:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 17:44 - 2014-11-05 19:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 17:44 - 2014-11-05 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 17:44 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 17:44 - 2014-11-05 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 17:44 - 2014-11-05 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 17:44 - 2014-11-05 19:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 17:44 - 2014-11-05 19:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 17:44 - 2014-11-05 19:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 17:44 - 2014-11-05 19:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 17:44 - 2014-11-05 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 17:44 - 2014-11-05 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 17:44 - 2014-11-05 18:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 17:44 - 2014-11-05 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 17:44 - 2014-11-05 18:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 17:44 - 2014-11-05 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 17:44 - 2014-11-05 18:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 17:44 - 2014-11-05 18:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 17:44 - 2014-11-05 18:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 17:44 - 2014-11-05 18:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 17:44 - 2014-11-05 18:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 17:44 - 2014-11-05 18:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 17:44 - 2014-11-05 18:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 17:44 - 2014-11-05 18:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 17:44 - 2014-11-05 18:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 17:44 - 2014-11-05 18:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 17:44 - 2014-11-05 17:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 17:44 - 2014-11-05 17:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 17:44 - 2014-11-05 17:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 17:44 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 17:44 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 17:44 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 17:44 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 17:44 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 17:44 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 17:44 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 17:44 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 17:44 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 17:43 - 2014-11-05 20:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 17:43 - 2014-11-05 19:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 17:43 - 2014-11-05 19:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 17:43 - 2014-11-05 19:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 17:43 - 2014-11-05 19:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 17:43 - 2014-11-05 19:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 17:43 - 2014-11-05 19:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 17:43 - 2014-11-05 19:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 17:43 - 2014-11-05 19:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 17:43 - 2014-11-05 19:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 17:43 - 2014-11-05 19:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 17:43 - 2014-11-05 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 17:43 - 2014-11-05 19:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 17:43 - 2014-11-05 19:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 17:43 - 2014-11-05 18:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 17:43 - 2014-11-05 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 17:43 - 2014-11-05 18:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 17:43 - 2014-11-05 18:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 17:43 - 2014-11-05 18:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 17:43 - 2014-11-05 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 17:43 - 2014-11-05 17:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 17:43 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 17:43 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 17:43 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 17:43 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 17:43 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 17:43 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 17:42 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 17:42 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 17:42 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 17:42 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 17:42 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 17:42 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 17:42 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 17:42 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 17:42 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 17:42 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 17:41 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 17:41 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 17:04 - 2009-07-13 21:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-07 17:03 - 2012-07-16 23:33 - 02068750 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 16:59 - 2014-09-09 00:12 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 16:59 - 2012-09-07 22:33 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Skype
2014-12-07 16:59 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 16:57 - 2009-07-13 20:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 16:57 - 2009-07-13 20:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 02:58 - 2014-04-22 15:57 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-12-07 02:17 - 2014-09-09 00:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 02:13 - 2012-09-29 14:33 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002UA.job
2014-12-07 02:12 - 2012-03-09 18:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 23:13 - 2012-09-29 14:33 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002Core.job
2014-12-06 16:36 - 2012-07-16 16:38 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{680EA8E4-75F4-4FBF-A06D-57282500CB56}
2014-12-05 03:32 - 2014-09-25 14:18 - 00000000 ____D () C:\Users\Mark\Desktop\OSU menubackground
2014-12-05 00:49 - 2012-07-16 16:57 - 00000000 ____D () C:\Users\Mark\AppData\Local\CrashDumps
2014-12-04 23:39 - 2014-10-11 12:30 - 00000000 ____D () C:\Users\Mark\AppData\Local\Windows Live
2014-12-03 18:50 - 2014-01-28 19:30 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMark
2014-12-03 18:50 - 2014-01-28 19:30 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForMark.job
2014-12-02 18:30 - 2013-04-16 17:34 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-02 18:30 - 2012-07-17 17:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-01 11:52 - 2014-07-03 11:39 - 00000000 ____D () C:\Users\Mark\Desktop\Osu Folder
2014-11-30 22:42 - 2012-03-09 18:04 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-11-30 22:41 - 2013-01-20 22:26 - 00000000 ____D () C:\Program Files (x86)\Naver
2014-11-25 13:12 - 2012-03-09 18:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 13:12 - 2012-03-09 18:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 13:12 - 2012-03-09 18:08 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-21 01:24 - 2013-08-03 00:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-21 01:22 - 2013-08-03 00:44 - 00000000 ____D () C:\ProgramData\Apple
2014-11-21 01:20 - 2013-09-20 17:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-21 01:15 - 2012-03-09 18:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-11-14 01:35 - 2012-07-31 17:21 - 00000000 ____D () C:\Windows\Minidump
2014-11-14 01:35 - 2007-01-01 17:25 - 00000000 ____D () C:\Windows\Panther
2014-11-12 11:31 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 10:12 - 2009-07-13 20:45 - 00408800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 10:09 - 2014-05-06 16:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 00:30 - 2013-08-14 16:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 00:26 - 2012-12-14 08:51 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 12:32 - 2009-07-13 21:08 - 00032630 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Mark\jagex_cl_oldschool_LIVE.dat
C:\Users\Mark\random.dat


Some content of TEMP:
====================
C:\Users\Mark\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 19:06

==================== End Of Log ============================
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby mantgar » December 7th, 2014, 9:08 pm

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02
Ran by Mark at 2014-12-07 17:06:03
Running from C:\Users\Mark\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{E5E8615E-3433-5473-C6E5-12726B6216F1}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.14.0 - AppEx Networks)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Menu for Office Enterprise 2010 (HKLM-x32\...\{DF4ED63C-D32A-4F0C-AC6A-224C83184D8B}) (Version: 2.25 - Detong Technology Ltd.)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{3F122044-172F-4DC6-96CA-0DD4300E9CD9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}) (Version: 2.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - English (HKLM-x32\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5005 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NOOK Study (HKLM-x32\...\NOOK Study) (Version: 2.1.2.28499 - Barnesandnoble.com)
Office Tab (HKLM-x32\...\{FB75BC84-DC75-485D-9F00-1D342085FD03}) (Version: 6.00 - Detong Technology Ltd.)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
osu! (HKLM-x32\...\{a911cc38-fba0-4230-af99-8eaef1d4bf1f}) (Version: latest - ppy Pty Ltd)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12722.79 - raidcall.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-1592174307-3943232130-657400462-1002\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Validity WBF DDK (HKLM\...\{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}) (Version: 4.3.301.0 - Validity Sensors, Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WhiteSmoke (HKLM-x32\...\WhiteSmoke) (Version: 1.00.6034.13130 - WhiteSmoke)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1592174307-3943232130-657400462-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

==================== Restore Points =========================

21-11-2014 09:09:44 Configured YouCam
21-11-2014 09:16:07 Removed iTunes
21-11-2014 09:23:44 Installed iTunes
23-11-2014 01:31:29 Windows Update
27-11-2014 03:07:24 Windows Update
01-12-2014 06:44:53 Removed HP Launch Box
01-12-2014 19:41:35 Windows Update
04-12-2014 23:40:53 Windows Update
05-12-2014 03:51:18 Quitado FlashPlayer

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00340F0A-E295-4875-8E1A-5E80BC028E5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09] (Google Inc.)
Task: {1238CD7F-07D0-4A68-975C-267FC919BFF6} - System32\Tasks\{66A7C984-2759-497F-A76B-A1E30B5E9AED} => Chrome.exe http://ui.skype.com/ui/0/6.10.0.104/en/ ... Error=1618
Task: {16905F9C-C274-4220-B984-7CBF187D57F2} - System32\Tasks\{C30956DE-2971-49B4-A3F0-958C032F0EB8} => Chrome.exe http://ui.skype.com/ui/0/6.22.64.107/en ... =tsInstall
Task: {1FEAE737-9C48-490F-88D9-FF78B71E9197} - System32\Tasks\{618498EB-A95A-4622-A17E-636483F0D440} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/en/ ... =tsInstall
Task: {21CB26B4-82C3-4054-8FD1-7C0EB6209225} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {301E4433-C40F-49F0-A992-8E9306515A66} - System32\Tasks\Test TimeTrigger => C:\Users\Mark\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {3F857922-EB2E-4929-8A2F-A2DB3F76C673} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {473B7ACB-2852-47BF-B6E0-BE9715C5D6F8} - System32\Tasks\HPCeeScheduleForMark => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {4757DBF5-EB3E-4B7D-9234-5F418D3D8BB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {70564253-6548-449B-8CC6-3FC8540CE8FF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002Core => C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {70AFAA50-86F5-42E4-9B66-A24297474062} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {710E5C00-8BC9-4F51-B254-40FD43A7D947} - System32\Tasks\{645F615F-45C8-44F3-A131-E814F102E129} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/en/ ... =tsInstall
Task: {85950057-E3AC-4B87-B16C-4DA23AD1CB00} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A27416D8-8203-42BA-9B37-F027AE15ADB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {AE0B9ED8-E576-4C22-B366-923A894C02F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B5FE5853-6420-4F27-A978-761F949FD2F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C1BFE53E-C2FB-4B2A-91AC-A3FF99BCF95B} - System32\Tasks\{E78CD9A4-A018-40DF-9312-468D8FB161FB} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/en/ ... =tsInstall
Task: {CE0E30E4-6D71-4959-B17E-D309A71EC008} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002UA => C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {DAC65D24-1CCE-4D92-9DFF-E5752469ACF1} - System32\Tasks\{42C11B78-37B8-4D16-9759-AE7B6F345E0A} => Chrome.exe http://ui.skype.com/ui/0/6.22.64.107/en ... =tsInstall
Task: {F6CC23D8-3885-46A7-A181-7636FB64C24E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002Core.job => C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592174307-3943232130-657400462-1002UA.job => C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMark.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-01-26 17:54 - 2012-01-26 17:54 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-12-19 22:34 - 2011-12-19 22:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2012-01-26 17:54 - 2012-01-26 17:54 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-01-26 17:59 - 2012-01-26 17:59 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 08:55 - 2011-11-09 08:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-10-16 01:39 - 2012-10-16 01:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2014-09-19 23:00 - 2014-01-13 08:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-02-07 08:19 - 2013-02-07 08:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-09 00:13 - 2014-08-29 18:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-09 00:13 - 2014-08-29 18:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-09 00:13 - 2014-08-29 18:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-09 00:13 - 2014-08-29 18:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-09 00:13 - 2014-08-29 18:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-09-09 00:13 - 2014-08-29 18:49 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:58A5270D
AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1592174307-3943232130-657400462-500 - Administrator - Disabled)
Guest (S-1-5-21-1592174307-3943232130-657400462-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1592174307-3943232130-657400462-1003 - Limited - Enabled)
Mark (S-1-5-21-1592174307-3943232130-657400462-1002 - Administrator - Enabled) => C:\Users\Mark

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: hp DVD-RAM UJ8B1 SATA CdRom Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 04:59:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/07/2014 04:51:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2014 04:31:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 11:24:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4212

Error: (12/05/2014 11:24:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4212

Error: (12/05/2014 11:24:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/05/2014 11:24:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3198

Error: (12/05/2014 11:24:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3198

Error: (12/05/2014 11:24:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/05/2014 11:24:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2090


System errors:
=============
Error: (12/07/2014 04:59:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/07/2014 04:50:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/06/2014 04:30:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/05/2014 10:26:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/05/2014 01:24:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/05/2014 01:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (12/05/2014 01:14:11 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (12/05/2014 01:14:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/04/2014 09:09:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (12/07/2014 04:59:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/07/2014 04:51:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2014 04:31:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 11:24:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4212

Error: (12/05/2014 11:24:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4212

Error: (12/05/2014 11:24:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/05/2014 11:24:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3198

Error: (12/05/2014 11:24:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3198

Error: (12/05/2014 11:24:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/05/2014 11:24:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2090


==================== Memory info ===========================

Processor: AMD A10-4600M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 56%
Total physical RAM: 5609.37 MB
Available physical RAM: 2438.06 MB
Total Pagefile: 11216.91 MB
Available Pagefile: 7691.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:576.59 GB) (Free:482.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.29 GB) (Free:2.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 2A3DD743)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=576.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby mantgar » December 7th, 2014, 9:10 pm

Hope I did what I was asked for, I am guessing these are the logs requested.
mantgar
Regular Member
 
Posts: 58
Joined: November 12th, 2014, 12:13 pm

Re: Multiple SCVhost

Unread postby wannabeageek » December 8th, 2014, 2:55 am

Hi mantgar,

You did just fine. Now lets clean out the rest of the garbage.

CCleaner has a registry cleaner built into it. You should avoid using any Registry cleaners, boosters, optimizer's, helpers, etc.
The Registry can be a somewhat temperamental entity, it will happily deal with any number of "orphans" without the slightest measurable dip in your computer's performance.
However remove the wrong entry, and you can easily turn your functioning computer into a far less useful doorstop.
Otherwise, it is a very useful program.

Be sure to move any additional tools you download to your desktop.

Step 1.
Registry Backup (TCRB)

Please download tweaking.com_registry_backup_setup.exe
Choose a download site for the installer... download and save it to your desktop.
Double click on the "...setup.exe" program and install the program. Let the install use the default installation. How to tutorial here.

Once the program is installed...
  1. Double click the Tweaking.com Registry Backup icon ... on your Desktop to open the program.
  2. Right mouse click the Tweaking.com Registry Backup icon, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  3. It should open with the Backup Registry tab selected and all file options checked. Check any that are not already checked.
  4. Click on Backup Now to create a backup of your Registry.
    You'll see "Waiting for Volume Shadow Copy snapshot..." this may take a few moments, just be patient.
  5. When completed you should see a message saying something like ... Successful ??/?? Registry Files Backed Up ... ?? is total number of files, both numbers should match.
  6. Close and exit the program.

< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!



Step 2.
Uninstall Programs
I need you to uninstall a program.
  1. Click on Start...then... Click the Start Search box on the Start Menu.
  2. Copy and paste the value below, into the open text entry box:
    appwiz.cpl
  3. then press enter.
    • Locate the following program(s):
      WhiteSmoke
    • Select the program and click on Uninstall to uninstall it.
      Carefully read any prompts...
      Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
    • When finished... Close the Control Panel window.


Step 3.
  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the quote box below into Notepad.
    • To make this easy, click the "select all" button then hover over the highlighted text and right mouse click to select copy.
Code: Select all
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha944\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta946\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha264\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1671\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5453\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2473\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home1000\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8086\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release426\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1267\ff [Not Found]
Task: {301E4433-C40F-49F0-A992-8E9306515A66} - System32\Tasks\Test TimeTrigger => C:\Users\Mark\AppData\Local\Temp\Runner.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:58A5270D
AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE
C:\Users\Mark\jagex_cl_oldschool_LIVE.dat
C:\Users\Mark\random.dat
EmptyTemp:


    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log


Step 4.
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


  • Right mouse click SystemLook.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  • Copy and paste the content of the following codebox into the main textfield;
  • To make this easy, click the "select all" button then hover over the highlighted text and right mouse click to select copy.
    Code: Select all
    :filefind
    *AskToolbar*
    *Ask.com*
    *Bandoo*
    *Babylon*
    *Conduit*
    *datamngr*
    *searchab*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *OpenCandy*
    *Searchqu*
    *Searchnu*
    *smartbar*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :folderfind
    *AskToolbar*
    *Ask.com*
    *Babylon*
    *Bandoo*
    *Conduit*
    *datamngr*
    *searchab*
    *smartbar*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *OpenCandy*
    *Searchqu*
    *Searchnu*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :Regfind
    AskToolbar
    Ask.com
    Babylon
    Bandoo
    Conduit
    datamngr
    searchab
    Fun4IM
    Funmoods
    iLivid
    IObit
    Iminent
    OpenCandy
    Searchqu
    Searchnu
    smartbar
    Tarma
    trolltech
    Vafmusic2
    vshare
    whitesmoke
    Yontoo
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


Please include in your next reply:
  1. Acknowledgement of Whitesmoke removal
  2. Contents of fixlog.txt
  3. Contents of SystemLook.txt
  4. Any problem executing the instructions?
  5. How is the computer behaving?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 26 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware