Solved COM Surrogate Potential Virus

Broni · Jan 27, 2015

MBAR?

Cephas · Jan 28, 2015

I left it out because I couldn't find a log option/one wasn't made in the source directory. I should have said; it found no issues.

Broni · Jan 28, 2015

Give me fresh FRST logs.
Make sure you checkmark Addition.txt box so both logs will be produced.

Cephas · Feb 1, 2015

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Pete_2 (administrator) on LIZZIE on 01-02-2015 23:26:03
Running from C:\Users\Pete_2\Desktop
Loaded Profiles: UpdatusUser & Pete_2 (Available profiles: UpdatusUser & Pete_2)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Decor8\Decor8Srv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Decor8\Decor8_64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Flux Software LLC) C:\Users\Pete_2\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-17] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-22] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-22] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\Run: [Spotify] => C:\Users\Pete_2\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-29] (Spotify Ltd)
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\Run: [f.lux] => C:\Users\Pete_2\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\Run: [Spotify Web Helper] => C:\Users\Pete_2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-29] (Spotify Ltd)
IFEO\CNC3.exe: [Debugger]
IFEO\CNC3EP1.exe: [Debugger]
IFEO\generals.exe: [Debugger]
IFEO\RA3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
Startup: C:\Users\Pete_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoHotkey.ahk - Shortcut.lnk
ShortcutTarget: AutoHotkey.ahk - Shortcut.lnk -> C:\Users\Pete_2\Documents\AutoHotkey.ahk ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
URLSearchHook: [S-1-5-21-1174857057-1915675840-1477825445-1001] ATTENTION ==> Default URLSearchHook is missing.
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default
FF Homepage: news.bbc.co.uk
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1174857057-1915675840-1477825445-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pete_2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: British English Dictionary (Forked by Marco Pinto) - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\marcoagpinto@mail.telepac.pt [2015-01-31]
FF Extension: OpenDownload² - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\{210249CE-F888-11DD-B868-4CB456D89593} [2014-12-31]
FF Extension: Add to Amazon Wish List Button - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\amznUWL2@amazon.com.xpi [2014-12-28]
FF Extension: Bookmark Deduplicator - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\bookmarkdeduplicator@foxhatdev.xpi [2015-01-17]
FF Extension: Gif Delayer - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\jid1-mqCpKcAruymyAA@jetpack.xpi [2014-12-28]
FF Extension: Gmail™ Notifier Plus - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2014-12-28]
FF Extension: Hide Fedora - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\jid1-tg9TKUYM47PZpg@jetpack.xpi [2014-12-28]
FF Extension: Reddit Enhancement Suite - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2014-12-28]
FF Extension: English (GB) Language Pack - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2015-01-01]
FF Extension: New Tab Tools - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\newtabtools@darktrojan.net.xpi [2014-12-28]
FF Extension: Social Fixer - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\socialfixer@mattkruse.com.xpi [2015-01-28]
FF Extension: YouTube High Definition - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-12-28]
FF Extension: Adblock Plus - C:\Users\Pete_2\AppData\Roaming\Mozilla\Firefox\Profiles\zebsl4s7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-10-22]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.bbc.co.uk/news/
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={B68DF417-4FD1-4919-837D-E8CC09E2B893}&mid=6c5b91fda3b747d28a2d8d6f4ce7b111-162f0072ab62a34f7a017f5ed3faa1aafe9b21be&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-18 21:23:46&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={B68DF417-4FD1-4919-837D-E8CC09E2B893}&mid=6c5b91fda3b747d28a2d8d6f4ce7b111-162f0072ab62a34f7a017f5ed3faa1aafe9b21be&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-18 21:23:46&v=18.1.5.512&pid=safeguard&sg=&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google

ageClassification}{google:searchVersion}{google:sessionToken}{google

refetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-31]
CHR Extension: (Google Docs) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-31]
CHR Extension: (Google Drive) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-01]
CHR Extension: (YouTube) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-31]
CHR Extension: (Google Search) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-31]
CHR Extension: (Google Sheets) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-31]
CHR Extension: (Marlies Dekkers) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-01-01]
CHR Extension: (AVG Secure Search) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-31]
CHR Extension: (Gmail) - C:\Users\Pete_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [79872 2014-01-06] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 Decor8; C:\Program Files (x86)\Stardock\Decor8\Decor8Srv.exe [74864 2014-06-06] (Stardock Software, Inc)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-22] (Lenovo(beijing) Limited)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-24] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-01-25] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-05] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2982104 2013-12-26] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-01-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 23:22 - 2015-02-01 23:22 - 00000000 ____D () C:\Users\Pete_2\Desktop\FRST-OlderVersion
2015-02-01 23:08 - 2015-02-01 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-31 22:57 - 2015-01-31 22:57 - 00000000 ____D () C:\Users\Pete_2\Documents\Outlook Files
2015-01-28 16:53 - 2015-01-28 16:54 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Pete_2\Downloads\mbar-1.08.3.1004.exe
2015-01-26 16:43 - 2015-01-26 16:43 - 00013634 _____ () C:\Users\Pete_2\Downloads\Procexp.txt
2015-01-25 14:32 - 2015-01-25 14:32 - 00001225 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2015-01-25 14:32 - 2015-01-25 14:32 - 00001201 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-01-25 14:32 - 2015-01-25 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2015-01-25 01:13 - 2015-01-25 01:13 - 01121208 _____ () C:\Users\Pete_2\Downloads\ProcessMonitor.zip
2015-01-24 22:21 - 2015-01-25 14:32 - 00281872 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2015-01-24 22:21 - 2015-01-25 14:32 - 00281872 _____ () C:\windows\SysWOW64\PnkBstrB.ex0
2015-01-24 22:21 - 2015-01-25 14:32 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2015-01-24 22:21 - 2015-01-24 22:21 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-01-24 01:47 - 2015-01-24 01:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-01-24 01:37 - 2015-01-24 13:52 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Origin
2015-01-24 01:37 - 2015-01-24 01:47 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\Origin
2015-01-24 01:33 - 2015-01-26 22:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-24 01:33 - 2015-01-24 13:52 - 00000000 ____D () C:\ProgramData\Origin
2015-01-24 01:33 - 2015-01-24 01:33 - 00001006 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-01-24 01:33 - 2015-01-24 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-24 01:33 - 2015-01-24 01:33 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-01-21 20:51 - 2015-01-21 20:51 - 00000000 ____D () C:\Users\Pete_2\Downloads\addons0
2015-01-19 22:52 - 2015-01-26 23:25 - 00000000 ____D () C:\Users\Pete_2\Downloads\addons
2015-01-19 22:30 - 2015-01-19 22:38 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Curse Advertising
2015-01-19 22:29 - 2015-01-21 19:57 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\Deployment
2015-01-19 22:29 - 2015-01-19 22:29 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\Apps\2.0
2015-01-19 21:44 - 2015-01-19 21:44 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2015-01-19 01:34 - 2015-01-19 01:34 - 00001037 _____ () C:\Users\Public\Desktop\Tiberian Sun Online - CnCNet 5.lnk
2015-01-19 00:25 - 2015-01-19 01:45 - 00001028 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yuri's Revenge.lnk
2015-01-19 00:05 - 2015-01-19 00:05 - 00000000 ____D () C:\Users\Pete_2\.swt
2015-01-19 00:04 - 2015-01-19 20:33 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Azureus
2015-01-19 00:04 - 2015-01-19 00:04 - 00001821 _____ () C:\Users\Public\Desktop\Vuze.lnk
2015-01-19 00:04 - 2015-01-19 00:04 - 00001821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2015-01-19 00:04 - 2015-01-19 00:04 - 00000000 ____D () C:\Program Files\Vuze
2015-01-18 23:26 - 2015-01-19 01:43 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Alert 2.lnk
2015-01-17 21:43 - 2015-01-17 21:44 - 00032339 _____ () C:\Users\Pete_2\Desktop\Addition.txt
2015-01-17 21:41 - 2015-02-01 23:26 - 00023402 _____ () C:\Users\Pete_2\Desktop\FRST.txt
2015-01-17 21:26 - 2015-02-01 23:22 - 02131456 _____ (Farbar) C:\Users\Pete_2\Desktop\FRST64.exe
2015-01-17 17:12 - 2015-01-17 17:12 - 00000000 ____D () C:\Users\Pete_2\Documents\nbgi
2015-01-17 15:56 - 2015-01-17 15:56 - 00000000 ____D () C:\Users\Pete_2\Downloads\CnC_Red_Alert_3___Icon_by_KingAciD
2015-01-17 15:47 - 2015-01-17 15:47 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\CDTPL
2015-01-16 16:54 - 2015-01-30 17:00 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-16 16:54 - 2015-01-30 17:00 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-16 16:41 - 2015-01-16 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-16 08:24 - 2015-01-16 08:24 - 00000000 ____D () C:\Users\Pete_2\Documents\My Bluetooth
2015-01-15 22:33 - 2015-01-15 22:33 - 00012035 _____ () C:\Users\Pete_2\Downloads\Proexp.TXT
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\Users\Pete_2\Downloads\ProcessExplorer
2015-01-15 18:29 - 2015-01-15 18:29 - 00000222 _____ () C:\Users\Pete_2\Desktop\Dark Souls Prepare to Die Edition.url
2015-01-15 04:17 - 2015-01-15 04:17 - 00798824 _____ () C:\Users\Pete_2\Desktop\ESETPoweliksCleaner.exe_20150115.041741.6852.log
2015-01-15 04:17 - 2015-01-15 04:17 - 00186568 _____ (ESET) C:\Users\Pete_2\Desktop\ESETPoweliksCleaner.exe
2015-01-15 02:18 - 2015-01-15 02:18 - 00448512 _____ (OldTimer Tools) C:\Users\Pete_2\Downloads\TFC.exe
2015-01-14 16:09 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 16:09 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 16:09 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2015-01-14 16:09 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 16:09 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-01-14 16:09 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-01-14 16:09 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-01-14 16:09 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2015-01-14 16:09 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2015-01-14 16:09 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-01-14 16:09 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2015-01-14 16:09 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2015-01-14 16:09 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-01-14 16:09 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-14 16:09 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2015-01-14 16:09 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2015-01-14 16:09 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2015-01-14 16:09 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-01-14 16:09 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-01-14 16:09 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-01-14 16:09 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-01-14 16:09 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2015-01-14 16:09 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2015-01-14 16:09 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-01-14 16:09 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-01-14 16:09 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-01-14 16:09 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2015-01-14 16:09 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2015-01-14 16:09 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-01-14 16:09 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-01-14 16:09 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-13 23:06 - 2015-02-01 23:24 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\CrashDumps
2015-01-13 21:57 - 2015-02-01 23:26 - 00000000 ____D () C:\FRST
2015-01-13 21:48 - 2015-01-13 21:48 - 00000000 ____D () C:\windows\ERUNT
2015-01-13 21:40 - 2015-01-13 21:40 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\My Bluetooth
2015-01-13 19:37 - 2015-01-13 19:37 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Unity
2015-01-13 19:35 - 2015-01-13 19:35 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\Unity
2015-01-13 18:52 - 2015-01-28 20:23 - 00000000 ____D () C:\Users\Pete_2\Desktop\mbar
2015-01-13 18:52 - 2015-01-28 20:23 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-13 18:09 - 2015-01-27 16:09 - 00035064 _____ () C:\windows\system32\Drivers\TrueSight.sys
2015-01-13 18:09 - 2015-01-13 18:09 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-12 02:12 - 2015-01-28 17:55 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-12 02:12 - 2015-01-28 17:54 - 00097496 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-12 02:12 - 2015-01-12 02:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-12 02:12 - 2015-01-12 02:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-12 02:12 - 2015-01-12 02:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 02:12 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-12 02:12 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-09 01:20 - 2015-01-09 01:20 - 00003050 _____ () C:\windows\System32\Tasks\Microsoft_Hardware_Launch_IType_exe
2015-01-09 01:20 - 2015-01-09 01:20 - 00000000 ____D () C:\windows\PCHEALTH
2015-01-08 18:43 - 2015-01-08 18:43 - 00003094 _____ () C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1174857057-1915675840-1477825445-1005
2015-01-08 18:43 - 2015-01-08 18:43 - 00000000 ___RD () C:\Users\Pete_2\OneDrive
2015-01-08 18:43 - 2015-01-08 18:43 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-01-08 18:40 - 2015-01-11 03:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-08 16:07 - 2015-01-08 16:13 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\FileBoss
2015-01-08 03:23 - 2015-01-08 03:23 - 00000000 ____D () C:\windows\SysWOW64\directx
2015-01-08 03:23 - 2015-01-08 03:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2015-01-08 01:22 - 2015-01-08 01:22 - 00466456 _____ (Creative Labs) C:\windows\system32\wrap_oal.dll
2015-01-08 01:22 - 2015-01-08 01:22 - 00444952 _____ (Creative Labs) C:\windows\SysWOW64\wrap_oal.dll
2015-01-08 01:22 - 2015-01-08 01:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\system32\OpenAL32.dll
2015-01-08 01:22 - 2015-01-08 01:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\SysWOW64\OpenAL32.dll
2015-01-08 01:22 - 2015-01-08 01:22 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\FEZ
2015-01-08 01:22 - 2015-01-08 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FEZ
2015-01-08 01:22 - 2015-01-08 01:22 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-01-08 01:21 - 2015-01-08 01:22 - 00000000 ____D () C:\Program Files (x86)\FEZ
2015-01-07 16:13 - 2015-01-07 16:14 - 01324480 _____ () C:\windows\Minidump\010715-24937-01.dmp
2015-01-07 16:13 - 2015-01-07 16:13 - 730079841 _____ () C:\windows\MEMORY.DMP
2015-01-07 16:13 - 2015-01-07 16:13 - 00000000 ____D () C:\windows\Minidump
2015-01-07 01:44 - 2015-01-07 01:44 - 00000000 ____D () C:\Users\Pete_2\Downloads\Stardock
2015-01-07 00:25 - 2015-01-07 00:25 - 00000000 ____D () C:\Users\Pete_2\Documents\Red Alert 3
2015-01-07 00:11 - 2015-01-07 00:11 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNCOnline
2015-01-07 00:11 - 2015-01-07 00:11 - 00000000 ____D () C:\Program Files (x86)\Revora
2015-01-06 23:56 - 2015-01-07 00:20 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Red Alert 3
2015-01-06 23:56 - 2015-01-06 23:56 - 00000000 __RHD () C:\Users\Pete_2\AppData\Roaming\SecuROM
2015-01-06 23:55 - 2015-01-06 23:55 - 00000040 _____ () C:\ProgramData\ra3.ini
2015-01-06 20:36 - 2015-01-06 20:36 - 00003640 _____ () C:\windows\SysWOW64\ealregsnapshot1.reg
2015-01-06 20:35 - 2015-01-06 20:35 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\Downloaded Installations
2015-01-06 18:47 - 2015-01-06 18:47 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-01-05 16:48 - 2015-01-05 16:48 - 00707354 _____ () C:\windows\unins000.exe
2015-01-05 16:48 - 2015-01-05 16:48 - 00001530 _____ () C:\windows\unins000.dat
2015-01-05 16:48 - 2015-01-05 16:48 - 00000000 ____D () C:\windows\SysWOW64\GPBAK
2015-01-05 16:48 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\appmgr.dll
2015-01-05 16:48 - 2001-08-23 13:00 - 00034871 _____ () C:\windows\SysWOW64\gpedit.msc
2015-01-05 02:19 - 2015-01-05 02:19 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\NVIDIA
2015-01-05 02:04 - 2015-01-05 02:04 - 00000000 ____D () C:\Users\Pete_2\Downloads\OblyTile exported tiles
2015-01-02 03:10 - 2015-01-02 03:10 - 00000000 ____D () C:\Program Files (x86)\OblyTile
2015-01-02 01:24 - 2015-01-02 01:24 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\vlc
2015-01-02 00:50 - 2015-01-02 00:50 - 00000000 ____D () C:\Users\Pete_2\Downloads\metro_games_icons_by_shiryudragon09-d5klkin

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 23:19 - 2014-12-28 23:08 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-01 23:12 - 2014-12-29 09:28 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1174857057-1915675840-1477825445-1005
2015-02-01 23:09 - 2014-10-22 08:07 - 01691120 _____ () C:\windows\WindowsUpdate.log
2015-02-01 23:06 - 2014-12-29 09:56 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-01 23:00 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\system32\sru
2015-02-01 22:58 - 2014-12-29 10:01 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0234e7b7e8e33.job
2015-02-01 22:58 - 2014-12-29 09:56 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-01 22:58 - 2014-12-29 09:19 - 00122767 _____ () C:\Users\Pete_2\AppData\Local\BTServer.log
2015-02-01 22:58 - 2014-12-28 20:06 - 00000000 ____D () C:\Users\Pete_2\Documents\BP
2015-02-01 16:03 - 2014-10-22 08:33 - 01981764 _____ () C:\Users\Public\CAFADEBUG.log
2015-02-01 04:29 - 2014-03-18 09:53 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-01 04:22 - 2014-12-29 09:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-01 04:22 - 2014-10-22 09:09 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-02-01 04:22 - 2013-08-22 14:46 - 00027647 _____ () C:\windows\setupact.log
2015-02-01 04:22 - 2013-08-22 14:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-01 04:21 - 2014-12-29 10:00 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Spotify
2015-02-01 04:09 - 2014-12-29 09:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-01 04:09 - 2014-12-29 08:46 - 00000000 ____D () C:\Users\Pete
2015-02-01 02:45 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\AppReadiness
2015-01-31 23:38 - 2014-12-28 20:07 - 00000000 ____D () C:\Users\Pete_2\Documents\DPP3
2015-01-31 15:36 - 2014-12-29 09:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-29 02:48 - 2014-12-30 14:18 - 00000000 ____D () C:\Users\Pete_2\Documents\Stardock
2015-01-27 21:26 - 2013-08-22 15:20 - 00000000 ____D () C:\windows\CbsTemp
2015-01-27 00:01 - 2013-08-22 13:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-01-26 16:14 - 2014-12-29 10:06 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\Spotify
2015-01-25 14:32 - 2015-01-01 03:56 - 00081247 _____ () C:\windows\DirectX.log
2015-01-25 14:28 - 2014-12-29 09:19 - 00000000 ____D () C:\Users\Pete_2
2015-01-25 14:27 - 2014-03-18 09:44 - 00010438 _____ () C:\windows\PFRO.log
2015-01-24 22:27 - 2014-10-22 08:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-24 20:20 - 2013-08-22 15:38 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 20:20 - 2013-08-22 15:38 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 20:19 - 2014-12-28 23:08 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-01-21 21:14 - 2013-08-22 13:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-01-21 21:11 - 2013-08-22 14:44 - 00494832 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-19 21:58 - 2014-12-30 13:45 - 00000000 ____D () C:\Program Files\OblyTile
2015-01-19 00:10 - 2014-12-29 10:02 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\ClassicShell
2015-01-18 16:55 - 2014-12-29 00:05 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\.minecraft
2015-01-16 00:27 - 2014-12-28 20:06 - 00000000 ____D () C:\Users\Pete_2\Documents\Group and Teamwork Unit
2015-01-15 02:53 - 2014-12-29 09:57 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-14 16:31 - 2014-12-29 09:46 - 00000000 ____D () C:\windows\system32\MRT
2015-01-14 16:28 - 2014-12-29 09:45 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-12 17:18 - 2014-12-28 19:44 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Skype
2015-01-12 02:47 - 2014-12-28 20:06 - 00000000 ____D () C:\Users\Pete_2\Documents\DPP2
2015-01-11 00:40 - 2014-12-29 00:04 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-01-10 17:40 - 2014-12-28 20:06 - 00000000 ____D () C:\Users\Pete_2\Documents\DPP2 (new)
2015-01-10 15:43 - 2014-12-29 09:19 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\Packages
2015-01-09 01:20 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-08 18:40 - 2014-12-29 09:19 - 00000000 ____D () C:\Users\Pete_2\AppData\Local\VirtualStore
2015-01-05 16:53 - 2013-08-22 15:36 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-01-05 16:48 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2015-01-04 21:22 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\rescache
2015-01-02 02:13 - 2014-12-28 23:19 - 00000000 ____D () C:\Users\Pete_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== Files in the root of some directories =======

2014-12-29 09:19 - 2015-02-01 22:58 - 0122767 _____ () C:\Users\Pete_2\AppData\Local\BTServer.log
2014-10-22 08:33 - 2014-10-22 08:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-06 23:55 - 2015-01-06 23:55 - 0000040 _____ () C:\ProgramData\ra3.ini

Some content of TEMP:
====================
C:\Users\Pete_2\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Pete_2\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Pete_2\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pete_2\AppData\Local\Temp\sonarinst.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-31 21:19

==================== End Of Log ============================

Cephas · Feb 1, 2015

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Pete_2 at 2015-02-01 23:27:07
Running from C:\Users\Pete_2\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
C&C:Online (HKLM-x32\...\{1298F091-2180-4779-BDA0-1176247252D0}) (Version: 2.0.7 - Revora)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Command & Conquer™ Red Alert™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
f.lux (HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\Flux) (Version: - )
FEZ version 1.11 (HKLM-x32\...\{634CBDF9-98A3-4AF5-AED4-A23EC2665434}_is1) (Version: 1.11 - Polytron)
Google Chrome (HKLM-x32\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 66.30.49247 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Stardock Decor8 (HKLM-x32\...\Stardock Decor8) (Version: 1.08 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version: - Mike Bithell)
TiberianSunCompatFix (HKLM\...\{1654a60f-73ac-4fa8-8bba-55140ccce37e}.sdb) (Version: - )
Unity Web Player (HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Pete_2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1174857057-1915675840-1477825445-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pete_2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

15-01-2015 02:52:10 Removed Java 8 Update 25
16-01-2015 16:52:37 McAfee Vulnerability Scanner
23-01-2015 16:51:35 McAfee Vulnerability Scanner
24-01-2015 22:19:26 Installed DirectX
30-01-2015 16:57:55 McAfee Vulnerability Scanner

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {60AEE155-D547-4170-A3F7-2236E894B993} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {6507B1CC-E01E-4147-ACCC-E5F3BD6E13CB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)
Task: {71045EA6-1C67-47D7-9922-B62E58AD1F98} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {7C1A3184-2008-4345-A3A9-E770823E2BB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-29] (Google Inc.)
Task: {83CFC159-1DA9-4D90-8441-049AA8E9FF36} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {984854D5-E7EC-4D38-9B53-25686FAC783C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {A97CA6FD-A85E-45F7-97B8-BB4557415CFC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {BB07E183-AB30-45B1-8A49-2A72C0D68628} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-29] (Google Inc.)
Task: {BB2ED0D2-6DDE-462C-AB1C-BFE5A97EBB54} - System32\Tasks\GoogleUpdateTaskMachineCore1d0234e7b7e8e33 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-29] (Google Inc.)
Task: {DE787036-45D7-488F-8061-3E54A7E54E03} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1174857057-1915675840-1477825445-1005 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {DEE981D0-E455-4AAD-81BC-D33814B8A59C} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe
Task: {F173F635-3977-4AA5-A93B-FDB049EFAE19} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {FFC20359-6959-4AF1-B6C5-33BC4696DF13} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-09] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0234e7b7e8e33.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-03 12:31 - 2014-09-03 12:31 - 00034304 _____ () C:\windows\System32\ssy3clm.dll
2014-10-22 08:28 - 2014-01-06 21:56 - 00079872 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-01-08 18:40 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-24 22:21 - 2015-01-25 14:32 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-10-22 09:12 - 2012-04-24 10:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-10-22 08:22 - 2014-01-06 08:13 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-08 18:41 - 2015-01-09 16:04 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-10-22 08:34 - 2010-10-26 04:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2009-09-25 18:57 - 2009-09-25 18:57 - 00245248 _____ () C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-22 08:26 - 2013-09-16 19:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-29 09:55 - 2015-02-01 04:09 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1174857057-1915675840-1477825445-1005\...\StartupApproved\Run: => "Spotify Web Helper"

========================= Accounts: ==========================

Administrator (S-1-5-21-1174857057-1915675840-1477825445-500 - Administrator - Disabled)
Guest (S-1-5-21-1174857057-1915675840-1477825445-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1174857057-1915675840-1477825445-1004 - Limited - Enabled)
Pete_2 (S-1-5-21-1174857057-1915675840-1477825445-1005 - Administrator - Enabled) => C:\Users\Pete_2
UpdatusUser (S-1-5-21-1174857057-1915675840-1477825445-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/01/2015 11:24:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 35.0.1.5500, time stamp: 0x54c1f9f3
Faulting module name: mozalloc.dll, version: 35.0.1.5500, time stamp: 0x54c1f224
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x184
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (02/01/2015 03:34:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 239609

Error: (02/01/2015 03:34:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 239609

Error: (02/01/2015 03:34:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2015 03:30:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

Error: (02/01/2015 03:30:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172

Error: (02/01/2015 03:30:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2015 03:02:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32650094

Error: (02/01/2015 03:02:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32650094

Error: (02/01/2015 03:02:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (02/01/2015 10:58:58 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer CRAPTOP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5EDD915A-7C29-49A1-AF68-934DF481A8F9}.
The master browser is stopping or an election is being forced.

Error: (02/01/2015 04:27:49 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (02/01/2015 03:14:47 AM) (Source: DCOM) (EventID: 10010) (User: Lizzie)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/01/2015 03:14:17 AM) (Source: DCOM) (EventID: 10010) (User: Lizzie)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/01/2015 02:37:23 AM) (Source: DCOM) (EventID: 10010) (User: Lizzie)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/01/2015 02:36:53 AM) (Source: DCOM) (EventID: 10010) (User: Lizzie)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/31/2015 09:20:37 PM) (Source: DCOM) (EventID: 10010) (User: Lizzie)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/31/2015 09:20:07 PM) (Source: DCOM) (EventID: 10010) (User: Lizzie)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/31/2015 03:35:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (01/31/2015 03:35:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Microsoft Office Sessions:
=========================
Error: (02/01/2015 11:24:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f224800000030000142518401d03e729b2f9479C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll68f69ec3-aa69-11e4-8272-1008b1f5905a

Error: (02/01/2015 03:34:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 239609

Error: (02/01/2015 03:34:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 239609

Error: (02/01/2015 03:34:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2015 03:30:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

Error: (02/01/2015 03:30:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172

Error: (02/01/2015 03:30:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2015 03:02:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32650094

Error: (02/01/2015 03:02:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32650094

Error: (02/01/2015 03:02:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 31%
Total physical RAM: 8084.27 MB
Available physical RAM: 5568.82 MB
Total Pagefile: 16276.27 MB
Available Pagefile: 13697.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:888.87 GB) (Free:714.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.73 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 468C4D0B)

Partition: GPT Partition Type.

==================== End Of Log ============================

Broni · Feb 1, 2015

All clean.
It must be one of your programs doing this.

Let's try something...
Uninstall McAfee using this utility and see what happens: https://www.techspot.com/downloads/5392-mcafee-software-uninstaller.html
IMPORTANT! Make sure to turn Windows firewall on after uninstalling McAfee.

Cephas · Feb 4, 2015

I've uninstalled McAfee using that tool and restarted, but the surrogates are still there. :/

Broni · Feb 4, 2015

See if same issue happens in safe mode with networking.

Cephas · Feb 6, 2015

In safe mode with networking, there is only one COM Surrogate and it uses 0% of CPU rather than the usual 4-14%

I don't know if this helps at all, but I don't think I've mentioned yet: the COMs are found in "C:\Windows\SysWOW64" and use the program "dllhost.exe".

Broni · Feb 6, 2015

Go Start>Run (Start Search in Vista/7), type in:
msconfig
Click OK (hit Enter in Vista/7).

Click on Startup tab.
Click Disable all
IMPORTANT! In case of laptop, make sure, you do NOT disable any keyboard, or touchpad entries.

Click Services tab.
Put checkmark in Hide all Microsoft services
Click Disable all.

Click OK.
Restart computer in Normal Mode.

NOTE. If you use different firewall, than Windows firewall, turn Windows firewall on, just for this test, since your regular firewall won't be running.
If you use Windows firewall, you're fine.

Same problem?

Cephas · Feb 6, 2015

Hide all Microsoft services isn't an option in Windows 8, it looks like.

Broni · Feb 6, 2015

I certainly have it on my Windows 8...

Cephas · Feb 6, 2015

Welp, I'm a fool! (Thanks for being patient, it can't be easy!)

This time it seems when I open Task Manager, there's initially 3 COM's each taking up 0% CPU, however within a few seconds 2 of them disappear simultaneously leaving just one seemingly doing nothing as well... This happens every single start up of task manager, which is a bit eerie.

Broni · Feb 6, 2015

As I said before it looks like one of your startups/services must be doing it.

Grab a big cup of coffee and investigate.

Go back to "msconfig" and start re-enabling all startups and services you just disabled but only one by one restarting computer each time until you find the culprit causing jump in CPU usage.

Broni · Feb 11, 2015

Still with me?

Cephas · Feb 13, 2015

I am yes, sorry!

I've been really busy this week and haven't found the time to attempt this undertaking, but I should have time in the next few days!

Broni · Feb 13, 2015

Cephas · Feb 16, 2015

Sucess!!

It was a long and arduous process, but I finally narrowed it down to Decor8, a skinning program that changes the look of Windows.

I've kept it disabled and contacted their help, so hopefully they can tell me what's causing it to act up.

Other than that, I think that's all!

Broni · Feb 16, 2015

Cool

Thanks for posting back

Solved COM Surrogate Potential Virus

Posts: 56,041 +517

Posts: 116 +0

Posts: 56,041 +517

Posts: 116 +0

Posts: 116 +0

Posts: 56,041 +517

Posts: 116 +0

Posts: 56,041 +517

Posts: 116 +0

Posts: 56,041 +517

Posts: 116 +0

Posts: 56,041 +517

Posts: 116 +0

Posts: 56,041 +517

Posts: 56,041 +517

Posts: 116 +0

Posts: 56,041 +517

Posts: 116 +0

Posts: 56,041 +517

Similar threads