Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by 4Elmores (administrator) on 4ELMORES-PC on 26-01-2015 14:38:05
Running from C:\Users\4Elmores\Desktop
Loaded Profiles: 4Elmores (Available profiles: 4Elmores)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices) C:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
( ) C:\Windows\System32\dlbucoms.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\NS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\NS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Dell Photo AIO Printer 942\memcard.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe
(Sonic Solutions) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9608224 2009-11-17] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055816 2011-05-30] ()
HKLM\...\Run: [MemoryCardManager] => C:\Program Files (x86)\Dell Photo AIO Printer 942\memcard.exe [304624 2007-02-28] ()
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [522736 2010-11-01] ()
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-05-30] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [165184 2011-08-01] (Softthinks)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\822\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3965635696-901638839-1822215282-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-3965635696-901638839-1822215282-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Startup: C:\Users\4Elmores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2CFEF0EEF.lnk
ShortcutTarget: 2CFEF0EEF.lnk -> C:\PROGRA~3\FEE0FEFC2.cpp (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3965635696-901638839-1822215282-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
www.yahoo.com/HKU\S-1-5-21-3965635696-901638839-1822215282-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
g.msn.com/USCON/1SearchScopes: HKLM -> DefaultScope {238703E3-5F12-488A-B1E9-BB66B9A18C6D} URL =
www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {238703E3-5F12-488A-B1E9-BB66B9A18C6D} URL =
www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKLM-x32 -> DefaultScope {2E216994-9F13-46EE-89A3-065AFDAB752D} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {470FBE13-1948-4E39-92E0-109F506649F0} URL =
www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKU\S-1-5-21-3965635696-901638839-1822215282-1000 -> DefaultScope {C76D197F-651C-408C-AF5F-8FC8D8F06EA7} URL =
search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}SearchScopes: HKU\S-1-5-21-3965635696-901638839-1822215282-1000 -> URL
search.conduit.com/Results.aspx?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPCB6A66F6-053B-4CC3-9855-549206B46415&q={searchTerms}&SSPV=SearchScopes: HKU\S-1-5-21-3965635696-901638839-1822215282-1000 -> SuggestionsURL_JSON
suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}SearchScopes: HKU\S-1-5-21-3965635696-901638839-1822215282-1000 -> {238703E3-5F12-488A-B1E9-BB66B9A18C6D} URL =
SearchScopes: HKU\S-1-5-21-3965635696-901638839-1822215282-1000 -> {470FBE13-1948-4E39-92E0-109F506649F0} URL =
SearchScopes: HKU\S-1-5-21-3965635696-901638839-1822215282-1000 -> {81894732-959F-4FCC-B304-503B0C636802} URL =
search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}SearchScopes: HKU\S-1-5-21-3965635696-901638839-1822215282-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NS&chn=retail&geo=US&ver=22&locale=en_US&gct=kwd&qsrc=2869SearchScopes: HKU\S-1-5-21-3965635696-901638839-1822215282-1000 -> {C76D197F-651C-408C-AF5F-8FC8D8F06EA7} URL =
search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.1.0.9\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\coIEPlg.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Video Download Toolbar Intercept -> {B29002A0-87A1-4DC4-AC55-5982034EB61E} -> C:\Program Files (x86)\VideoDownloadToolbar\VideoDownloadToolbarIntercept.dll (Sakysoft s.r.l. uninominale)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Somoto Toolbar -> {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} -> C:\Program Files (x86)\somototoolbar\vmntemplateX.dll ()
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.1.0.9\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Somoto Toolbar - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700}
download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cabDPF: HKLM-x32 {682C59F5-478C-4421-9070-AD170D143B77}
www.dell.com/support/troubleshooting/Content/Ode/pcd86.cabHandler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandora.tv/npmini,version=1.0 -> C:\Program Files (x86)\PANDORA.TV\Launcher\npmini.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3965635696-901638839-1822215282-1000: @tools.google.com/Google Update;version=3 -> C:\Users\4Elmores\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3965635696-901638839-1822215282-1000: @tools.google.com/Google Update;version=9 -> C:\Users\4Elmores\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3965635696-901638839-1822215282-1000: google.com/WidevineMediaOptimizer -> C:\Users\4Elmores\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-15]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-01-09]
FF HKU\S-1-5-21-3965635696-901638839-1822215282-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/"
CHR DefaultSearchKeyword: Default -> conduit.search
CHR DefaultSearchURL: Default ->
search.conduit.com/Results.aspx?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPCB6A66F6-053B-4CC3-9855-549206B46415&q={searchTerms}&SSPV=CHR DefaultSuggestURL: Default ->
suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\pdf.dll ()
CHR Plugin: (Wajam) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Profile: C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2014-12-23]
CHR Extension: (Google Search) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-25]
CHR Extension: (AdBlock) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-18]
CHR Extension: (RealDownloader) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\4Elmores\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-25]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\Exts\Chrome.crx [2014-12-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\Exts\Chrome.crx [2014-12-22]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 AllShare; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [6638080 2010-07-16] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-03-16] (AMD) [File not signed]
R2 dlbu_device; C:\Windows\system32\dlbucoms.exe [567280 2007-02-28] ( )
R2 dlbu_device; C:\Windows\SysWOW64\dlbucoms.exe [538096 2007-02-28] ( )
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-31] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\NS.exe [282528 2014-12-10] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Winmgmt; C:\PROGRA~3\2CFEF0EEF.zot [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1601000.009\ccSetx64.sys [165080 2014-09-09] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-07] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20150123.001\IDSvia64.sys [668888 2015-01-13] (Symantec Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-26] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150125.032\ENG64.SYS [129752 2015-01-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150125.032\EX64.SYS [2137304 2015-01-19] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 SRTSP; C:\Windows\system32\drivers\NSx64\1601000.009\SRTSP64.SYS [914648 2014-12-02] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1601000.009\SRTSPX64.SYS [42200 2014-12-02] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NSx64\1601000.009\SYMDS64.SYS [490712 2014-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NSx64\1601000.009\SYMEFA64.SYS [1151704 2014-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102616 2014-12-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1601000.009\Ironx64.SYS [271576 2014-09-09] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NSx64\1601000.009\SYMNETS.SYS [565464 2014-09-09] (Symantec Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 UsbGps; C:\Windows\System32\DRIVERS\lgx64gps.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-26 14:38 - 2015-01-26 14:40 - 00033807 _____ () C:\Users\4Elmores\Desktop\FRST.txt
2015-01-26 14:34 - 2015-01-26 14:34 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3965635696-901638839-1822215282-1000
2015-01-26 14:34 - 2015-01-26 14:34 - 00003224 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3965635696-901638839-1822215282-1000
2015-01-26 13:24 - 2015-01-26 14:38 - 00000000 ____D () C:\FRST
2015-01-26 13:23 - 2015-01-26 13:23 - 02129920 _____ (Farbar) C:\Users\4Elmores\Desktop\FRST64.exe
2015-01-26 13:16 - 2015-01-26 13:16 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3965635696-901638839-1822215282-1000
2015-01-26 13:16 - 2015-01-26 13:16 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3965635696-901638839-1822215282-1000
2015-01-26 12:50 - 2015-01-26 12:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 12:50 - 2015-01-26 12:50 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-26 12:50 - 2015-01-26 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-26 12:50 - 2015-01-26 12:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-26 12:50 - 2015-01-26 12:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-26 12:50 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-26 12:50 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-26 12:50 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-26 11:55 - 2015-01-26 12:37 - 00000000 ____D () C:\NPE
2015-01-26 06:42 - 2015-01-26 06:42 - 01022080 _____ (Symantec Corporation) C:\Users\4Elmores\Desktop\NBRT-Retail-Downloader.exe
2015-01-25 21:44 - 2015-01-26 12:45 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\NPE
2015-01-24 14:36 - 2015-01-24 14:36 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\{DC422EDB-F452-49B9-8810-0F1F5763DCE4}
2015-01-23 23:22 - 2015-01-23 23:23 - 16393912 _____ () C:\Users\4Elmores\Desktop\My Movie.wmv
2015-01-23 23:15 - 2015-01-23 23:15 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\{C6066788-2E02-4C5F-B1CE-0922F9685F84}
2015-01-23 22:16 - 2015-01-23 22:35 - 00000000 ____D () C:\Users\4Elmores\Desktop\American Horror Story Season 2 Complete 480p HDTV x264 [VectoR]
2015-01-23 21:48 - 2015-01-24 15:13 - 00000000 ____D () C:\Users\4Elmores\Desktop\New folder
2015-01-21 21:26 - 2015-01-21 21:27 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\{839DE234-4E17-4775-9619-9291C3146DFF}
2015-01-19 22:39 - 2015-01-19 22:39 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\{35516D2B-231D-4534-AD9E-49A4117C4C79}
2015-01-18 19:02 - 2015-01-18 19:02 - 00000000 ____D () C:\Users\4Elmores\AppData\Roaming\HP
2015-01-14 03:19 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 03:19 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 03:19 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 03:19 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 03:19 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 03:19 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 03:19 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 03:19 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 03:19 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 03:19 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 03:19 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 03:19 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 03:19 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 19:43 - 2015-01-13 19:43 - 58107777 _____ () C:\Users\4Elmores\Downloads\fastpitch pitching mechanics in slow motion.mp4
2015-01-12 21:51 - 2015-01-16 06:44 - 00000000 ____D () C:\Users\4Elmores\Desktop\B Team Girls Lockers
2015-01-09 20:13 - 2015-01-09 20:13 - 00000000 _____ () C:\Users\4Elmores\Sti_Trace.log
2015-01-09 19:23 - 2015-01-09 19:23 - 00000000 ____D () C:\Windows\SysWOW64\spool
2015-01-09 19:22 - 2015-01-09 19:22 - 00001054 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2015-01-09 19:21 - 2015-01-16 20:53 - 00000000 ____D () C:\Users\4Elmores\AppData\Roaming\HpUpdate
2015-01-09 19:21 - 2015-01-09 19:21 - 00001323 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2015-01-09 19:21 - 2015-01-09 19:21 - 00001317 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2015-01-09 19:21 - 2015-01-09 19:21 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2015-01-09 19:20 - 2015-01-09 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-09 19:15 - 2015-01-09 19:15 - 00010692 _____ () C:\Windows\DPINST.LOG
2015-01-09 19:15 - 2010-05-14 15:04 - 00138752 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l02t.dll
2015-01-09 19:08 - 2015-01-09 20:03 - 00001491 _____ () C:\ProgramData\hpzinstall.log
2015-01-09 19:08 - 2015-01-09 19:27 - 00228890 _____ () C:\Windows\hpwins23.dat
2015-01-09 19:08 - 2010-07-28 11:19 - 00002075 ____N () C:\Windows\hpwmdl23.dat
2015-01-09 19:06 - 2015-01-09 19:22 - 00000000 ____D () C:\ProgramData\HP
2015-01-09 19:06 - 2010-05-13 05:29 - 00553472 _____ (Hewlett Packard) C:\Windows\system32\hppldcoi.dll
2015-01-09 19:06 - 2010-05-13 05:25 - 01422848 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpwtiop4.dll
2015-01-09 19:06 - 2010-05-13 05:25 - 00906240 _____ (Hewlett-Packard) C:\Windows\system32\hpwwiax5.dll
2015-01-09 19:06 - 2010-04-26 03:52 - 00644456 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2015-01-09 19:06 - 2010-02-01 01:54 - 00488960 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst11.dll
2015-01-09 18:56 - 2015-01-09 19:23 - 00000000 ____D () C:\Program Files (x86)\Hp
2015-01-09 18:56 - 2015-01-09 18:56 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\Hewlett-Packard
2015-01-09 18:56 - 2015-01-09 18:56 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-09 05:43 - 2015-01-09 18:39 - 00000000 ____D () C:\Users\4Elmores\Downloads\Billboard Hot 100 Singles Chart (17 Jan 2015) 320 KBPS~AryaN_L33T~[GloDLS]
2015-01-09 05:43 - 2015-01-09 05:43 - 00000000 ____D () C:\Users\4Elmores\Downloads\Meghan Trainor - Title (Deluxe Edition) (2015) l Audio l English Album Track l 320Kbps l Mp3 l sn3h1t87
2015-01-07 07:01 - 2015-01-07 07:01 - 18763363 _____ () C:\Users\4Elmores\Downloads\365 Days in MeUndies.mp4
2015-01-04 22:52 - 2015-01-04 22:52 - 00000000 ____D () C:\Users\4Elmores\Desktop\Breaking Bad
2015-01-04 22:51 - 2015-01-04 22:52 - 00000000 ____D () C:\Users\4Elmores\Desktop\True Detective
2015-01-04 22:51 - 2015-01-04 22:51 - 00000000 ____D () C:\Users\4Elmores\Desktop\Game of Thrones
2015-01-04 22:47 - 2015-01-04 22:48 - 00000000 ____D () C:\Users\4Elmores\Downloads\The.Captive.2014.HDRip.XviD-SaM[ETRG]
2015-01-04 22:45 - 2015-01-04 22:46 - 00000000 ____D () C:\Users\4Elmores\Downloads\Time.Lapse.2014.HDRip.XViD-juggs [ETRG]
2015-01-04 22:41 - 2015-01-04 22:43 - 00000000 ____D () C:\Users\4Elmores\Downloads\Honeymoon (2014).BRRip.xvid.700mb.LoneWolf666
2015-01-03 13:17 - 2015-01-26 14:22 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3965635696-901638839-1822215282-1000UA.job
2015-01-03 13:17 - 2015-01-26 13:22 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3965635696-901638839-1822215282-1000Core.job
2015-01-03 13:17 - 2015-01-03 13:17 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3965635696-901638839-1822215282-1000UA
2015-01-03 13:17 - 2015-01-03 13:17 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3965635696-901638839-1822215282-1000Core
2015-01-03 13:17 - 2015-01-03 13:17 - 00000000 ____D () C:\Users\4Elmores\AppData\Roaming\IDM
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-26 14:38 - 2009-07-14 00:10 - 01385023 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 14:35 - 2012-05-29 19:30 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\CrashDumps
2015-01-26 14:33 - 2011-02-08 02:59 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-01-26 14:32 - 2013-05-23 19:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 14:32 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-26 14:31 - 2009-07-13 23:51 - 00437158 _____ () C:\Windows\setupact.log
2015-01-26 14:02 - 2013-05-23 19:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 13:55 - 2013-04-25 05:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-26 13:24 - 2009-07-13 23:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-26 13:24 - 2009-07-13 23:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-26 13:15 - 2011-02-08 03:27 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-01-26 13:15 - 2011-02-08 03:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-01-26 13:13 - 2011-02-08 04:45 - 07074390 _____ () C:\Windows\PFRO.log
2015-01-26 13:11 - 2013-12-21 08:12 - 00000000 ____D () C:\ProgramData\Conduit
2015-01-26 13:11 - 2013-12-21 08:11 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\NativeMessaging
2015-01-26 13:11 - 2013-12-21 08:11 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\CRE
2015-01-26 13:11 - 2012-12-05 21:30 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2015-01-26 13:11 - 2012-06-10 21:45 - 00000000 ____D () C:\ProgramData\YTD YouTube Downloader & Converter
2015-01-26 11:54 - 2011-12-17 11:16 - 00000506 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-26 11:02 - 2012-02-25 15:47 - 00091961 _____ () C:\Windows\system32\lvcoinst.log
2015-01-26 11:02 - 2011-12-17 11:16 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-01-26 11:00 - 2011-12-17 11:16 - 00003544 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-01-26 05:40 - 2011-12-11 21:21 - 00000000 ____D () C:\Users\4Elmores\AppData\Roaming\uTorrent
2015-01-26 05:40 - 2011-02-21 20:45 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\Adobe
2015-01-25 21:44 - 2012-05-14 16:35 - 00000000 ____D () C:\ProgramData\Norton
2015-01-24 15:20 - 2014-03-29 10:49 - 00000000 ____D () C:\Users\4Elmores\Documents\ProPresenter5
2015-01-24 15:16 - 2014-03-29 10:45 - 00000000 ____D () C:\Users\4Elmores\AppData\Roaming\RenewedVision
2015-01-23 22:52 - 2011-02-14 19:22 - 00000000 ____D () C:\Users\4Elmores
2015-01-23 21:13 - 2014-10-21 15:17 - 00000000 ___RD () C:\Users\4Elmores\iCloudDrive
2015-01-23 15:03 - 2013-05-23 19:51 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-21 20:46 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 17:05 - 2014-11-16 17:03 - 00000000 ____D () C:\Users\4Elmores\Desktop\music-le
2015-01-18 17:18 - 2013-08-10 08:18 - 00000861 _____ () C:\Users\4Elmores\Desktop\µTorrent.lnk
2015-01-18 17:18 - 2013-08-10 08:18 - 00000841 _____ () C:\Users\4Elmores\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-16 04:39 - 2012-02-25 15:50 - 00000000 ____D () C:\Program Files (x86)\Dell Photo AIO Printer 942
2015-01-15 00:40 - 2013-07-15 07:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 23:46 - 2011-02-14 20:37 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-09 20:38 - 2014-12-23 23:17 - 00000000 ____D () C:\Users\4Elmores\Documents\TRAVEL
2015-01-09 20:17 - 2014-12-16 19:26 - 00000000 ____D () C:\Users\4Elmores\AppData\Roaming\Epson
2015-01-09 20:17 - 2014-12-16 19:20 - 00000000 ____D () C:\ProgramData\EPSON
2015-01-09 20:10 - 2011-02-14 19:23 - 00127168 _____ () C:\Users\4Elmores\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-09 20:07 - 2009-07-13 23:45 - 00470064 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-09 19:02 - 2013-07-27 08:51 - 00000000 ____D () C:\Users\LuLu and Maddie
2015-01-03 13:17 - 2013-01-07 22:13 - 00000000 ____D () C:\Users\4Elmores\AppData\Local\Google
2015-01-01 16:57 - 2011-12-17 11:16 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-12-29 05:00 - 2011-12-17 11:16 - 00004280 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
==================== Files in the root of some directories =======
2012-10-16 22:28 - 2014-03-29 12:31 - 0006656 _____ () C:\Users\4Elmores\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-25 16:07 - 2012-03-25 16:07 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-01-09 19:08 - 2015-01-09 20:03 - 0001491 _____ () C:\ProgramData\hpzinstall.log
2014-06-25 11:45 - 2014-06-25 11:45 - 1239732 _____ () C:\ProgramData\SPL2FB7.tmp
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-24 00:58
==================== End Of Log ============================