Malwarebytes is blocking access to www.superfish.com, but MWB isn't detecting and fixing any kind of infection. Any help is appreciated. Marty FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015Ran by marty_000 (administrator) on JM-MARTY-LAPTOP on 21-04-2015 22:34:08Running from C:\Users\marty_000\DownloadsLoaded Profiles: marty_000 (Available profiles: MKatz & marty_000)Platform: Windows 8.1 Pro (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe(Intel Corporation) C:\Windows\System32\igfxCUIService.exe(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Radiant Systems) C:\Program Files (x86)\Radiant Systems\CMC\CmcAgent.exe() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe(NCR) C:\Program Files (x86)\Radiant Systems\CounterPoint\CPSQL.1\Bin\CpSvcs.exe(Radiant Systems, Inc.) C:\Program Files (x86)\Radiant Systems\RadSprtA\RadSprtA.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Dell Inc.) C:\Program Files (x86)\SonicWALL\SSL-VPN\NetExtender\NEService64.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Intel Corporation) C:\Windows\System32\igfxEM.exe(Intel Corporation) C:\Windows\System32\igfxHK.exe() C:\Windows\System32\igfxTray.exe(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(CompanionLink Software, Inc.) C:\Program Files (x86)\CompanionLink\CompanionLink.exe(Citrix Systems, Inc.) C:\Users\marty_000\AppData\Local\Citrix\GoToAssist Remote Support Expert\818\g2ax_start.exe(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Dropbox, Inc.) C:\Users\marty_000\AppData\Roaming\Dropbox\bin\Dropbox.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Citrix Systems, Inc.) C:\Users\marty_000\AppData\Local\Citrix\GoToAssist Remote Support Expert\818\g2ax_comm_expert.exe(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe(World Community Grid) C:\Program Files (x86)\BOINC\boincmgr.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Citrix Systems, Inc.) C:\Users\marty_000\AppData\Local\Citrix\GoToAssist Remote Support Expert\818\g2ax_user_expert.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boinctray.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe(World Community Grid) C:\Program Files (x86)\BOINC\boinc.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Radiant Systems) C:\Program Files (x86)\Radiant Systems\CMC\CmcAgent.exe(Dell Inc.) C:\Program Files (x86)\SonicWALL\SSL-VPN\NetExtender\NEGui.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\marty_000\Downloads\FRST64 - Copy.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)HKLM\...\Run: [iSCT Tray] => C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-14] (Intel Corporation)HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [167128 2015-01-31] (Realtek Semiconductor Corp.)HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2014-02-05] (Hewlett-Packard)HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-06] (CyberLink Corp.)HKLM-x32\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\boincmgr.exe [3909264 2014-03-25] (World Community Grid)HKLM-x32\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [71312 2014-03-25] (Space Sciences Laboratory)HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [425608 2014-10-03] (Hewlett-Packard Company)HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)HKLM-x32\...\Run: [CmcAgent Proxy] => C:\Program Files (x86)\Radiant Systems\CMC\CmcAgent.exe [305152 2011-09-15] (Radiant Systems)HKLM-x32\...\Run: [DellNetExtender] => C:\Program Files (x86)\SonicWALL\SSL-VPN\NetExtender\NEGui.exe [1298448 2014-11-10] (Dell Inc.)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\Run: [GoogleChromeAutoLaunch_5BA50BC704D03F5778BF09D42E4A24B0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\Run: [CompanionLink] => c:\program files (x86)\companionlink\companionlink.exe [23861904 2015-01-07] (CompanionLink Software, Inc.)HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\Run: [GoToAssist Remote Support Expert] => C:\Users\marty_000\AppData\Local\Citrix\GoToAssist Remote Support Expert\818\g2ax_start.exe [610888 2015-03-09] (Citrix Systems, Inc.)HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\Run: [Google Update] => C:\Users\marty_000\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-14] (Google Inc.)HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\Run: [TivoServer] => C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe [2264336 2010-08-24] (TiVo Inc.)HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\Run: [TivoTransfer] => C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe [608528 2010-08-24] (TiVo Inc.)HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\Run: [TivoNotify] => C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe [437520 2010-08-24] (TiVo Inc.)HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\Run: [TranscodingService] => C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe [856336 2010-08-24] (TiVo Inc.)HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\...\MountPoints2: {0f3c3a6d-a9fb-11e4-be78-3863bb6f9d91} - "E:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-3961584804-1554548531-2868569732-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\boinc.scr [972432 2014-03-25] (World Community Grid)Lsa: [Notification Packages] DPPassFilter scecliStartup: C:\Users\marty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-02]ShortcutTarget: Dropbox.lnk -> C:\Users\marty_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\marty_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-30] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\marty_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-30] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\marty_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-30] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\marty_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-30] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\marty_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-30] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\marty_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-30] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\marty_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-30] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\marty_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-30] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)ShellIconOverlayIdentifiers: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)ShellIconOverlayIdentifiers-x32: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05] (Hewlett-Packard)BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16] (Oracle Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16] (Oracle Corporation)BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)DPF: HKLM-x32 {79D6214F-CFCE-480F-9901-27950E78F1E6} https://vpn.jamsys.com/MLWebCacheCleaner.cabTcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox:========FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-16] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-16] (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-06-26] (DigitalPersona, Inc.)FF Plugin HKU\S-1-5-21-3961584804-1554548531-2868569732-1004: @citrixonline.com/appdetectorplugin -> C:\Users\marty_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-01-31] (Citrix Online)FF Plugin HKU\S-1-5-21-3961584804-1554548531-2868569732-1004: @tools.google.com/Google Update;version=3 -> C:\Users\marty_000\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-14] (Google Inc.)FF Plugin HKU\S-1-5-21-3961584804-1554548531-2868569732-1004: @tools.google.com/Google Update;version=9 -> C:\Users\marty_000\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-14] (Google Inc.)FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgnFF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-04-20]FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchromeFF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-01-31] Chrome: =======CHR HomePage: Default -> hxxp://news.google.com/CHR StartupUrls: Default -> "hxxp://news.google.com/"CHR Profile: C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-31]CHR Extension: (Google Docs) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-31]CHR Extension: (Google Drive) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-31]CHR Extension: (YouTube) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-31]CHR Extension: (Google Cast) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-01-31]CHR Extension: (Adblock Plus) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-31]CHR Extension: (NetExtender Launcher) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\comamnkieeagpjjdfonbapjefalbbgoj [2015-02-10]CHR Extension: (Google Search) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-31]CHR Extension: (Google Calendar) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-01-31]CHR Extension: (Google Play Music) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-02-08]CHR Extension: (Google Sheets) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-31]CHR Extension: (Bookmark Manager) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]CHR Extension: (LastPass: Free Password Manager) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-01-31]CHR Extension: (Bitly Unleash the power of the link) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2015-04-13]CHR Extension: (The Weather Channel for Chrome) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2015-04-13]CHR Extension: (Norton Identity Safe) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-31]CHR Extension: (Flash Player) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpbajmogfhlafbipjjklkdhloplicgc [2015-01-31]CHR Extension: (Klout) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjaakbhpcbpmojkhpiaacepfcaniglak [2015-01-31]CHR Extension: (Cisco WebEx Extension) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-01-31]CHR Extension: (Hangouts) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-01-31]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]CHR Extension: (Google Maps) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-01-31]CHR Extension: (Google Wallet) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-31]CHR Extension: (Lookout) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeiefnfaafnkeiojgkpephegakjpplke [2015-01-31]CHR Extension: (Secure Virtual Assist Launcher) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohkfealfifadkmakmngobbfjpbcgocah [2015-02-07]CHR Extension: (Gmail) - C:\Users\marty_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-31]CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crxCHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-07]CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-07] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)R2 CmcAgent; C:\Program Files (x86)\Radiant Systems\CMC\CmcAgent.exe [305152 2011-09-15] (Radiant Systems) [File not signed]R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-07-28] (DigitalPersona, Inc.)R2 FLCDLOCK; C:\WINDOWS\SysWOW64\flcdlock.exe [567608 2013-11-20] (Hewlett-Packard Company)R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-22] (Hewlett-Packard Company) [File not signed]R2 HpDamServiceHost; C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2013-11-15] (Hewlett-Packard Development Company)R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-11-04] (Intel Corporation)R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2015-01-31] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-14] ()R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62111072 2011-06-18] (Microsoft Corporation)S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)S3 pvnc; C:\Program Files (x86)\Radiant Systems\CMC\pvnc.exe [984064 2011-06-01] (UltraVNC) [File not signed]R2 Radiant CounterPoint Services - CPSQL.1; C:\Program Files (x86)\Radiant Systems\CounterPoint\CPSQL.1\Bin\CpSvcs.exe [9216 2015-03-26] (NCR) [File not signed]R2 RadSprtA; C:\Program Files (x86)\Radiant Systems\RadSprtA\RadSprtA.exe [1450120 2011-05-13] (Radiant Systems, Inc.) [File not signed]R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)R2 SONICWALL_NetExtender; C:\Program Files (x86)\SonicWALL\SSL-VPN\NetExtender\NEService64.exe [614928 2014-11-10] (Dell Inc.)S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-18] (Microsoft Corporation)R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)S4 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-11-21] (Microsoft Corporation)S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)R2 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-01-30] (Symantec Corporation)S3 iaStorS; C:\Windows\System32\drivers\iaStorS.sys [651736 2012-11-02] (Intel Corporation)R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [225008 2014-11-04] (Intel Corporation)R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150420.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [25800 2014-05-27] ()R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-21] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)S3 megasas2; C:\Windows\System32\drivers\megasas2.sys [53552 2012-10-01] (LSI Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150421.003\ENG64.SYS [129752 2015-04-03] (Symantec Corporation)R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150421.003\EX64.SYS [2137304 2015-04-03] (Symantec Corporation)R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-06] (Intel Corporation)S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3670496 2014-02-04] (Intel Corporation)R3 NxDrv; C:\Windows\system32\DRIVERS\NxDrv.sys [25536 2014-10-21] (SonicWALL Inc.)R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2015-01-31] (Realsil Semiconductor Corporation)R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9127128 2015-01-31] (Realtek Semiconductor Corp.)R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)S0 SymELAM; C:\Windows\System32\drivers\N360x64\1507000.00B\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-01-31] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-21 22:34 - 2015-04-21 22:34 - 00037412 _____ () C:\Users\marty_000\Downloads\FRST.txt2015-04-21 22:33 - 2015-04-21 22:34 - 00000000 ____D () C:\FRST2015-04-21 22:33 - 2015-04-21 22:33 - 02099712 _____ (Farbar) C:\Users\marty_000\Downloads\FRST64.exe2015-04-21 22:33 - 2015-04-21 22:33 - 02099712 _____ (Farbar) C:\Users\marty_000\Downloads\FRST64 - Copy.exe2015-04-20 21:51 - 2015-04-20 21:52 - 00450328 _____ () C:\WINDOWS\Minidump\042015-64328-01.dmp2015-04-20 08:02 - 2015-04-20 08:02 - 02760720 _____ (Dell Inc) C:\Users\marty_000\Downloads\VASAC-vpn%2Ejamsys%2Ecom-443-h92lqcd3-0.exe2015-04-15 23:59 - 2015-04-15 23:59 - 03288504 _____ (Lenovo Inc.) C:\Users\marty_000\Downloads\Lenovo.SuperFishRemovalTool (1).exe2015-04-15 23:55 - 2015-04-15 23:55 - 03288504 _____ (Lenovo Inc.) C:\Users\marty_000\Downloads\Lenovo.SuperFishRemovalTool.exe2015-04-15 22:14 - 2015-04-15 22:14 - 00000000 _____ () C:\autoexec.bat2015-04-15 22:10 - 2015-04-15 22:10 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\marty_000\Downloads\SpyHunter-Installer.exe2015-04-15 22:10 - 2015-04-15 22:10 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\marty_000\Downloads\SpyHunter-Installer (1).exe2015-04-15 04:09 - 2015-03-23 17:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe2015-04-15 04:09 - 2015-03-23 17:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll2015-04-15 04:09 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll2015-04-15 04:09 - 2015-03-23 17:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll2015-04-15 04:09 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll2015-04-15 04:09 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll2015-04-15 04:09 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll2015-04-15 04:09 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll2015-04-15 04:09 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe2015-04-15 04:09 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe2015-04-15 04:09 - 2015-03-19 22:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll2015-04-15 04:09 - 2015-03-19 22:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll2015-04-15 04:09 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll2015-04-15 04:09 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll2015-04-15 04:09 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2015-04-15 04:09 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll2015-04-15 04:09 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2015-04-15 04:09 - 2015-03-12 23:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll2015-04-15 04:09 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2015-04-15 04:09 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2015-04-15 04:09 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll2015-04-15 04:09 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2015-04-15 04:09 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2015-04-15 04:09 - 2015-03-12 23:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll2015-04-15 04:09 - 2015-03-12 23:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll2015-04-15 04:09 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2015-04-15 04:09 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2015-04-15 04:09 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2015-04-15 04:09 - 2015-03-12 22:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll2015-04-15 04:09 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2015-04-15 04:09 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2015-04-15 04:09 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2015-04-15 04:09 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2015-04-15 04:09 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2015-04-15 04:09 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2015-04-15 04:09 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2015-04-15 04:09 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2015-04-15 04:09 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2015-04-15 04:09 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys2015-04-15 04:09 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll2015-04-15 04:08 - 2015-03-22 18:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll2015-04-15 04:08 - 2015-03-22 18:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll2015-04-15 04:08 - 2015-03-22 18:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll2015-04-15 04:08 - 2015-03-22 18:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll2015-04-15 04:08 - 2015-03-22 18:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll2015-04-15 04:08 - 2015-03-22 18:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll2015-04-15 04:08 - 2015-03-22 18:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll2015-04-15 04:08 - 2015-03-14 04:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe2015-04-15 04:08 - 2015-03-13 21:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll2015-04-15 04:08 - 2015-03-13 21:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll2015-04-15 04:08 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll2015-04-15 04:08 - 2015-03-13 21:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll2015-04-15 04:08 - 2015-03-13 21:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll2015-04-15 04:08 - 2015-03-13 20:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll2015-04-15 04:08 - 2015-03-13 20:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll2015-04-15 04:08 - 2015-03-13 20:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe2015-04-15 04:08 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll2015-04-15 04:08 - 2015-03-13 20:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll2015-04-15 04:08 - 2015-03-13 20:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll2015-04-15 04:08 - 2015-03-13 20:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll2015-04-15 04:08 - 2015-03-13 20:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll2015-04-15 04:08 - 2015-03-13 20:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll2015-04-15 04:08 - 2015-03-13 20:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe2015-04-15 04:08 - 2015-03-13 19:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll2015-04-15 04:08 - 2015-03-13 19:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll2015-04-15 04:08 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll2015-04-15 04:08 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll2015-04-15 04:08 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys2015-04-15 04:08 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll2015-04-15 04:08 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll2015-04-13 10:26 - 2015-04-13 13:43 - 00000000 ____D () C:\AdwCleaner2015-04-13 10:26 - 2015-04-13 10:26 - 02217984 _____ () C:\Users\marty_000\Downloads\adwcleaner_4.201.exe2015-04-13 09:48 - 2015-04-21 20:13 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2015-04-13 09:48 - 2015-04-13 09:48 - 00001078 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-04-13 09:48 - 2015-04-13 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-04-13 09:48 - 2015-04-13 09:48 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-04-13 09:48 - 2015-04-13 09:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-04-13 09:48 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2015-04-13 09:48 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2015-04-13 09:48 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2015-04-13 09:47 - 2015-04-13 09:47 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\marty_000\Downloads\mbam-setup-2.1.4.1018 (1).exe2015-04-13 09:46 - 2015-04-13 09:47 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\marty_000\Downloads\mbam-setup-2.1.4.1018.exe2015-04-10 00:04 - 2015-04-10 00:05 - 00423240 _____ () C:\WINDOWS\Minidump\041015-29953-01.dmp2015-04-09 17:07 - 2015-04-09 17:07 - 00000000 ____D () C:\Users\marty_000\Documents\GSI-DailySalesReport2015-04-08 09:17 - 2015-04-08 09:17 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Security Suite2015-04-07 11:03 - 2015-04-07 11:04 - 00397480 _____ () C:\WINDOWS\Minidump\040715-298234-01.dmp2015-04-04 04:10 - 2015-04-04 04:11 - 00000000 ___SD () C:\WINDOWS\system32\GWX2015-04-04 04:10 - 2015-04-04 04:10 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX2015-04-03 17:48 - 2015-04-03 17:48 - 00423952 _____ () C:\WINDOWS\Minidump\040315-46562-01.dmp2015-04-02 00:29 - 2015-04-21 19:53 - 00000000 ___RD () C:\Users\marty_000\Dropbox2015-04-02 00:29 - 2015-04-10 00:14 - 00001086 _____ () C:\Users\marty_000\Desktop\Dropbox.lnk2015-04-02 00:27 - 2015-04-10 00:14 - 00000000 ____D () C:\Users\marty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-04-02 00:25 - 2015-04-21 19:53 - 00000000 ____D () C:\Users\marty_000\AppData\Roaming\Dropbox2015-04-02 00:24 - 2015-04-02 00:24 - 00356200 _____ (Dropbox, Inc.) C:\Users\marty_000\Downloads\DropboxInstaller.exe2015-03-31 09:10 - 2015-03-31 09:10 - 00397496 _____ () C:\WINDOWS\Minidump\033115-35062-01.dmp2015-03-30 21:07 - 2015-03-30 21:16 - 00000000 ____D () C:\Users\marty_000\Documents\85complete2015-03-30 16:30 - 2015-03-30 19:30 - 3470066658 _____ () C:\Users\marty_000\Documents\85complete.zip2015-03-30 16:29 - 2015-03-30 16:29 - 06420600 _____ (Tim Kosse) C:\Users\marty_000\Downloads\FileZilla_3.10.3_win64-setup.exe2015-03-30 16:03 - 2015-03-30 16:03 - 00000000 ____H () C:\Users\marty_000\Documents\Default.rdp2015-03-30 14:50 - 2015-03-30 14:50 - 00148992 _____ () C:\Users\marty_000\Item-Blaster-Split-2.40x1.00.lbl2015-03-24 08:52 - 2015-03-24 20:25 - 00423968 _____ () C:\WINDOWS\Minidump\032415-46406-01.dmp ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-21 22:33 - 2015-01-31 02:23 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2015-04-21 22:26 - 2015-02-14 20:21 - 00000956 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3961584804-1554548531-2868569732-1004UA.job2015-04-21 22:26 - 2015-01-31 03:47 - 00000000 ____D () C:\Users\marty_000\Documents\Outlook Files2015-04-21 22:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru2015-04-21 21:49 - 2015-01-31 17:43 - 00000000 ____D () C:\ProgramData\BOINC2015-04-21 20:44 - 2015-01-31 03:42 - 00000000 ____D () C:\Users\marty_000\AppData\Roaming\ClassicShell2015-04-21 20:10 - 2015-01-30 22:15 - 01801286 _____ () C:\WINDOWS\WindowsUpdate.log2015-04-21 19:55 - 2015-01-31 23:08 - 00003202 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleFormarty_0002015-04-21 19:55 - 2015-01-31 23:08 - 00000380 _____ () C:\WINDOWS\Tasks\HPCeeScheduleFormarty_000.job2015-04-21 19:54 - 2015-02-09 23:00 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6BCFD302-8436-444C-A1BD-B673153C8D82}2015-04-21 19:50 - 2015-01-31 03:29 - 00000000 ___RD () C:\Users\marty_000\OneDrive2015-04-21 19:50 - 2015-01-31 02:23 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2015-04-21 19:48 - 2015-01-31 17:43 - 00011724 _____ () C:\WINDOWS\SysWOW64\Gms.log2015-04-20 22:51 - 2013-08-22 10:46 - 00322945 _____ () C:\WINDOWS\setupact.log2015-04-20 22:51 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2015-04-20 22:50 - 2015-01-31 03:24 - 00000000 ____D () C:\Users\marty_0002015-04-20 22:50 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI2015-04-20 22:01 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM2015-04-20 21:51 - 2015-02-05 21:21 - 1047941229 _____ () C:\WINDOWS\MEMORY.DMP2015-04-20 21:51 - 2015-02-05 21:21 - 00000000 ____D () C:\WINDOWS\Minidump2015-04-20 08:40 - 2015-01-31 03:32 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3961584804-1554548531-2868569732-10042015-04-20 08:06 - 2015-02-07 13:46 - 00000000 ____D () C:\Users\marty_000\AppData\Roaming\SonicWALL2015-04-20 08:05 - 2015-02-07 14:18 - 00000140 _____ () C:\Users\marty_000\AppData\Local\TempOEgetPrivileges.vbs2015-04-19 21:38 - 2015-02-14 13:01 - 00250880 ___SH () C:\Users\marty_000\Downloads\Thumbs.db2015-04-19 19:26 - 2015-02-14 20:21 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3961584804-1554548531-2868569732-1004Core.job2015-04-18 03:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2015-04-16 22:28 - 2014-11-21 04:34 - 00083986 _____ () C:\WINDOWS\PFRO.log2015-04-16 21:34 - 2015-01-31 02:24 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-04-16 05:08 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2015-04-16 00:55 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache2015-04-16 00:21 - 2015-02-04 00:42 - 00000000 ____D () C:\ProgramData\Oracle2015-04-16 00:21 - 2015-02-04 00:42 - 00000000 ____D () C:\Program Files (x86)\Java2015-04-16 00:20 - 2015-02-04 00:43 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll2015-04-15 21:51 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppCompat2015-04-15 08:42 - 2015-01-30 17:41 - 00000000 ____D () C:\WINDOWS\system32\appraiser2015-04-15 08:42 - 2014-11-21 12:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel2015-04-15 05:03 - 2015-01-31 02:44 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-04-15 05:03 - 2015-01-30 15:57 - 00000000 ____D () C:\WINDOWS\system32\MRT2015-04-15 04:56 - 2015-01-30 15:57 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2015-04-15 04:51 - 2013-08-22 09:25 - 00000167 _____ () C:\WINDOWS\win.ini2015-04-13 23:29 - 2015-02-01 06:29 - 00001949 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk2015-04-13 19:24 - 2015-01-31 12:25 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2015-04-13 19:24 - 2014-11-21 12:23 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2015-04-10 09:49 - 2015-03-06 12:58 - 00000000 ____D () C:\ProgramData\LogMeIn2015-04-10 09:49 - 2015-03-06 12:27 - 00000000 ____D () C:\Users\marty_000\AppData\Local\LogMeInIgnition2015-04-10 00:04 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP2015-04-08 15:46 - 2015-02-05 03:18 - 00000000 ____D () C:\Users\marty_000\Documents\SQL Server Management Studio2015-04-08 09:10 - 2015-01-31 02:57 - 00003228 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration2015-04-08 09:10 - 2015-01-31 02:57 - 00002420 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk2015-04-08 09:10 - 2015-01-31 02:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite2015-04-08 09:10 - 2015-01-31 02:55 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x642015-04-03 17:48 - 2013-08-22 10:44 - 00414976 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2015-04-01 00:55 - 2015-01-31 03:42 - 00000000 ____D () C:\Users\marty_000\AppData\Local\CrashDumps2015-03-31 09:30 - 2014-11-21 04:43 - 00956632 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2015-03-30 22:32 - 2015-02-07 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCR Counterpoint2015-03-30 22:10 - 2015-02-04 02:31 - 00000000 ____D () C:\Users\marty_000\AppData\Roaming\FileZilla ==================== Files in the root of some directories ======= 2015-03-09 23:06 - 2015-03-09 23:06 - 0001076 _____ () C:\Program Files (x86)\Registration.hub2015-02-07 14:18 - 2015-04-20 08:05 - 0000140 _____ () C:\Users\marty_000\AppData\Local\TempOEgetPrivileges.vbs2015-01-31 17:16 - 2015-01-31 17:19 - 8421204 _____ () C:\ProgramData\hpcsmmsilogs.log2015-01-31 17:25 - 2015-01-31 17:25 - 1266620 _____ () C:\ProgramData\hpdam_install_log.txt2015-01-31 17:21 - 2015-01-31 17:21 - 0571970 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt Some content of TEMP:====================C:\Users\marty_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0iww2h.dllC:\Users\marty_000\AppData\Local\Temp\Execute2App.exeC:\Users\marty_000\AppData\Local\Temp\jre-8u45-windows-au.exeC:\Users\marty_000\AppData\Local\Temp\msvcp90.dllC:\Users\marty_000\AppData\Local\Temp\msvcr90.dllC:\Users\marty_000\AppData\Local\Temp\Quarantine.exeC:\Users\marty_000\AppData\Local\Temp\RdpUtils.dllC:\Users\marty_000\AppData\Local\Temp\sqlite3.dllC:\Users\marty_000\AppData\Local\Temp\VASAC.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-19 04:48 ==================== End Of Log ============================Addition.txt
