Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-11-2015
Ran by Andrew (administrator) on INSPIRON-PC (24-11-2015 12:40:19)
Running from C:\Users\Andrew\Downloads
Loaded Profiles: Andrew (Available Profiles: Andrew)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
() C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozystat.exe
() C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\WINDOWS\System32\wisptis.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe [293360 2011-07-13] (Rovi Corporation)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] ()
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [CPMonitor] => C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe [84464 2011-07-08] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-22] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-14] ()
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3497594548-436794852-940477308-1000\...\Run: [Google Update] => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3497594548-436794852-940477308-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3497594548-436794852-940477308-1000\...\Run: [SynchronossPC] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2182584 2015-10-22] ()
HKU\S-1-5-21-3497594548-436794852-940477308-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-10-22] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-10-22] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-10-22] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk [2013-04-18]
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Fast Connect.lnk [2015-10-14]
ShortcutTarget: Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk [2015-06-01]
ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{E8BD6A9A-80E4-4235-B5B7-6C0CC3FA0023}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-21-3497594548-436794852-940477308-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.xfinity.com/?cid=myxfinity%252fcid%253dcustomer
HKU\S-1-5-21-3497594548-436794852-940477308-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3497594548-436794852-940477308-1000 -> DefaultScope {57BAA6F8-8DFB-49D2-B598-3837938EFF9E} URL = hxxp://search.whiteskyservices.com/?wstoken=49274EF3-E1D6-41B5-B603-61B9AA59277D&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms}
SearchScopes: HKU\S-1-5-21-3497594548-436794852-940477308-1000 -> {57BAA6F8-8DFB-49D2-B598-3837938EFF9E} URL = hxxp://search.whiteskyservices.com/?wstoken=49274EF3-E1D6-41B5-B603-61B9AA59277D&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms}
SearchScopes: HKU\S-1-5-21-3497594548-436794852-940477308-1000 -> {C223D3C5-AAEB-46BC-ADB5-D3FAB85B3EF0} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-27] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Fast Connect -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.15.929.1\NativeBHO.dll [2015-09-29] (WhiteSky)
BHO-x32: Updater For XFIN_PORTAL -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-27] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3497594548-436794852-940477308-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://pcpitstop.com/betapit/PCPitStop.CAB
DPF: HKLM-x32 {4CE1B0BA-87FA-4544-BD20-C2EEA880BA20} hxxp://
www.palisades.decisionpoint.emitchell.com/MMBill32.CAB
DPF: HKLM-x32 {53D498F1-07E6-4973-A158-AAB2354D1A8E} hxxp://
www.palisades.decisionpoint.emitchell.com/mmReport.CAB
DPF: HKLM-x32 {787852E9-A471-4C22-9A81-8DAC1C392246} hxxp://
www.palisades.decisionpoint.emitchell.com/MMClm32.CAB
DPF: HKLM-x32 {BB8C4006-A8C5-4D01-9A5F-660F664C14AA} hxxp://
www.palisades.decisionpoint.emitchell.com/MMLookUp.CAB
DPF: HKLM-x32 {BD1D94A2-3305-48B6-8562-E94903AB35C6} hxxp://
www.palisades.decisionpoint.emitchell.com/MMLogin.CAB
DPF: HKLM-x32 {EB59F202-2EA3-492B-836C-61EA576F4613} hxxp://
www.palisades.decisionpoint.emitchell.com/MMAdmin.CAB
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\0xp2ir56.default-1445943477004
FF DefaultSearchEngine.US: Connect Search
FF Homepage: hxxp://my.xfinity.com/?cid=dotcom_topnav_myxfn
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-12] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3497594548-436794852-940477308-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Andrew\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3497594548-436794852-940477308-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Andrew\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\0xp2ir56.default-1445943477004\searchplugins\Connect Search.xml [2015-10-27]
FF Extension: White Sky Fast Connect - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\0xp2ir56.default-1445943477004\Extensions\idvaultaddon@whitesky [2015-10-31] [not signed]
FF Extension: No Name - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\0xp2ir56.default-1445943477004\Extensions\temp [2015-10-31] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-11-06] [not signed]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-11-03] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-11-03] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Identity Protection) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-05-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-30]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-30]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.)
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [21488 2011-07-15] ()
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
R2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [55112 2013-12-11] (Mozy, Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\N360.exe [282016 2015-09-24] (Symantec Corporation)
S3 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1095664 2011-07-13] (Rovi Corporation)
S2 RoxWatch12; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [340976 2011-07-13] (Rovi Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20151113.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-17] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20151123.001\IDSvia64.sys [767224 2015-10-19] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-12-11] (Mozy, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151123.038\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151123.038\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-24 12:40 - 2015-11-24 12:40 - 00024851 _____ C:\Users\Andrew\Downloads\FRST.txt
2015-11-24 12:40 - 2015-11-24 12:40 - 00000000 ____D C:\FRST
2015-11-24 12:39 - 2015-11-24 12:39 - 02348544 _____ (Farbar) C:\Users\Andrew\Downloads\FRST64.exe
2015-11-17 12:24 - 2015-11-17 12:24 - 01732096 _____ C:\Users\Andrew\Downloads\adwcleaner_5.021.exe
2015-11-16 06:58 - 2015-11-16 06:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-11-16 06:58 - 2015-11-16 06:58 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-14 16:30 - 2015-11-14 16:30 - 00000000 ____D C:\Users\Andrew\AppData\Local\{48615D75-57FC-4F6C-87AF-C6FDD7A1DF3A}
2015-11-12 20:35 - 2015-11-12 20:35 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-12 17:05 - 2015-11-23 15:23 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-11-12 17:05 - 2015-11-12 17:05 - 00004036 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-11-12 17:05 - 2015-11-12 17:05 - 00003226 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-11-12 17:05 - 2015-11-12 17:05 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-11-12 17:04 - 2015-11-12 17:04 - 00000000 ____D C:\Program Files\Dell Support Center
C:\Windows\SysWOW64\InkEd.dll
2015-11-09 06:55 - 2015-11-09 06:55 - 10957264 _____ C:\Users\Andrew\Downloads\pc_client(2).exe
2015-11-06 14:40 - 2015-11-07 06:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-04 14:16 - 2015-11-04 14:16 - 00000000 _____ C:\Users\Andrew\Sti_Trace.log
2015-11-04 14:15 - 2015-11-04 14:20 - 00000000 ____D C:\Users\Andrew\Documents\2014 tax return Nick
2015-11-04 08:45 - 2015-11-24 06:00 - 00000000 ___RD C:\Users\Andrew\Verizon Cloud Sync
2015-11-04 08:44 - 2015-11-04 08:45 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
2015-11-04 08:44 - 2015-11-04 08:44 - 00000000 ____D C:\Users\Andrew\AppData\Local\Verizon
2015-11-04 08:44 - 2015-11-04 08:44 - 00000000 ____D C:\Program Files\Verizon
2015-11-04 08:43 - 2015-11-04 08:43 - 10957264 _____ C:\Users\Andrew\Downloads\pc_client.exe
2015-11-03 13:24 - 2015-11-03 13:24 - 00000000 __HDC C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
2015-11-02 05:28 - 2015-11-02 05:28 - 00000383 _____ C:\ftconfig.ini
2015-10-29 05:59 - 2015-10-29 05:59 - 00000000 ____D C:\Users\Andrew\Documents\Old Firefox Data
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-24 12:35 - 2012-10-10 05:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-24 12:21 - 2012-10-02 10:56 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3497594548-436794852-940477308-1000UA.job
2015-11-24 12:15 - 2015-03-03 16:08 - 00158208 ___SH C:\Users\Andrew\Documents\Thumbs.db
2015-11-24 12:15 - 2014-09-20 11:04 - 01007104 ___SH C:\Users\Andrew\Downloads\Thumbs.db
2015-11-24 12:04 - 2014-07-28 05:44 - 02034969 _____ C:\Windows\WindowsUpdate.log
2015-11-24 11:41 - 2013-03-27 14:33 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-24 10:53 - 2012-04-23 12:52 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\ID Vault
2015-11-24 07:55 - 2013-12-11 13:14 - 00004278 _____ C:\Windows\mozy.flt
2015-11-24 07:55 - 2013-12-11 13:14 - 00003916 _____ C:\Windows\mozy.blk
2015-11-24 07:42 - 2015-08-29 05:29 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-11-24 07:41 - 2012-10-02 15:14 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite
2015-11-24 07:21 - 2012-10-02 10:56 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3497594548-436794852-940477308-1000Core.job
2015-11-24 07:13 - 2014-07-01 16:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-24 07:12 - 2012-09-14 17:03 - 00000000 ____D C:\Users\Andrew\Desktop\Geeks On Call PC Tune-Ups
2015-11-24 07:11 - 2012-06-12 16:34 - 00000000 ____D C:\Users\Andrew\AppData\Local\CrashDumps
2015-11-24 06:08 - 2009-07-13 23:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-24 06:08 - 2009-07-13 23:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-24 06:00 - 2013-03-27 14:33 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-24 05:59 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-23 17:13 - 2012-10-03 14:08 - 00000000 ____D C:\Users\Andrew\Downloads\various debris
2015-11-23 17:11 - 2015-03-23 19:01 - 00000000 ____D C:\Users\Andrew\Documents\Newsleter Stories
2015-11-20 07:08 - 2012-04-23 13:11 - 00000000 ____D C:\Users\Andrew\AppData\Local\ID Vault
2015-11-17 12:25 - 2015-05-17 06:14 - 00000000 ____D C:\AdwCleaner
2015-11-16 16:41 - 2012-10-02 11:28 - 00000404 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-11-13 06:21 - 2009-07-13 23:45 - 00431528 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 20:35 - 2012-10-10 05:13 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-12 20:35 - 2012-10-02 13:01 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-12 20:35 - 2011-12-07 13:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-12 17:05 - 2011-12-07 13:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-11-12 10:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-11-12 06:31 - 2009-07-14 00:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-11 23:27 - 2013-07-17 10:57 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 23:24 - 2012-10-02 12:06 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 23:18 - 2011-02-10 11:10 - 00775546 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 23:17 - 2010-11-21 02:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-09 06:44 - 2015-06-22 12:44 - 00000000 _RSHD C:\Users\Andrew\Documents\Yerinbucko.{90F8C996-7C70-4331-9D70-FB357D559FD5}
2015-11-07 06:27 - 2012-04-23 12:23 - 00000000 ____D C:\Users\Andrew
2015-11-07 06:22 - 2012-10-02 15:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-05 10:54 - 2013-12-10 16:01 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-11-04 14:20 - 2013-12-19 13:18 - 00000000 ____D C:\ProgramData\CanonIJ
2015-11-03 13:24 - 2015-02-12 14:08 - 00003816 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-10-31 20:30 - 2014-12-25 07:04 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-29 15:43 - 2012-05-15 13:44 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\Hoyle Card Games
2015-10-27 05:41 - 2013-10-31 05:35 - 00000000 ____D C:\ProgramData\Oracle
2015-10-27 05:40 - 2013-10-31 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-27 05:39 - 2015-08-27 05:24 - 00000000 ____D C:\Users\Andrew\.oracle_jre_usage
2015-10-27 05:39 - 2014-07-18 05:42 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-27 05:39 - 2013-07-23 05:07 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-26 07:21 - 2014-07-01 16:57 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-26 07:21 - 2014-07-01 16:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
==================== Files in the root of some directories =======
2013-08-29 11:15 - 2013-08-29 11:15 - 0000093 _____ () C:\Users\Andrew\AppData\Roaming\ARCompanion.log
2012-04-27 16:13 - 2012-04-27 16:13 - 0000000 _____ () C:\Users\Andrew\AppData\Local\rx_image32.Cache
2012-05-08 12:14 - 2001-07-14 06:38 - 0006656 ___SH () C:\ProgramData\nt838cc.com
Some files in TEMP:
====================
C:\Users\Andrew\AppData\Local\Temp\drm_dyndata_7320010.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-20 10:39
==================== End of FRST.txt ============================