Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Rick (administrator) on HOME (21-12-2016 15:03:37)
Running from C:\Users\Rick\Downloads
Loaded Profiles: Rick (Available Profiles: Rick & Guest)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\NSBU.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\NSBU.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.469\SSScheduler.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Farbar) C:\Users\Rick\Downloads\FRST64(1).exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\BrowserCleaner.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16696832 2016-10-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6006560 2016-11-01] (IObit)
HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3076896 2016-10-31] (IObit)
HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-12-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.469\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F774F5B7-6F43-4CB5-8B05-D13304E9A2E2}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3431173695-69639140-411144729-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3431173695-69639140-411144729-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3431173695-69639140-411144729-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3431173695-69639140-411144729-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3431173695-69639140-411144729-1002 -> {B91B95CE-6BBA-406B-AA86-EFBC0705308D} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\ssv.dll [2016-12-04] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-04] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3431173695-69639140-411144729-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
FireFox:
========
FF DefaultProfile: 94tgnqs0.default-1480888203401
FF ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\94tgnqs0.default-1480888203401 [2016-12-21]
FF user.js: detected! => C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\94tgnqs0.default-1480888203401\user.js [2016-12-17]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\94tgnqs0.default-1480888203401 -> Google
FF Homepage: Mozilla\Firefox\Profiles\94tgnqs0.default-1480888203401 -> hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN29590050191633836&UM=2&UP=SPC9006C68-138B-46ED-93F0-70F434A2ECAE
FF Extension: (Norton Identity Safe) - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\94tgnqs0.default-1480888203401\Extensions\idsafe@norton.com.xpi [2016-12-15]
FF ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ahzejier.default-1481747222543 [2016-12-21]
FF user.js: detected! => C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ahzejier.default-1481747222543\user.js [2016-12-17]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.1.14\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.1.14\coFFAddon [2016-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.1.14\coFFAddon
FF HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-12-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32:
@tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32:
@tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-05-22] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default [2016-12-15]
CHR Extension: (Google Docs) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-12]
CHR Extension: (Google Drive) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-30]
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2016-10-20]
CHR Extension: (YouTube) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-30]
CHR Extension: (Norton Security Toolbar) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-12-02]
CHR Extension: (Google Search) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-30]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-05-22]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfoabcdjalmeenbjjngidappmppchblc [2016-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Norton Identity Safe) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-10-21]
CHR Extension: (WeatherBlink) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnnbmiailafajdkboegcjcdklooomfic [2016-12-11]
CHR Extension: (Norton Safe) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Search Incognito) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pabmfheafnaedbmedpdijblbgkhehaco [2016-11-30]
CHR Extension: (Gmail) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\Exts\Chrome.crx [2016-12-15]
CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] -
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3431173695-69639140-411144729-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\Exts\Chrome.crx [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] -
CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] -
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-10-14] (IObit)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1600800 2016-10-21] (IObit)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.469\McCHSvc.exe [329480 2016-12-02] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\NSBU.exe [289080 2016-11-12] (Symantec Corporation)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1063200 2015-12-29] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [11944 2015-11-08] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2013-12-24] (Advanced Micro Devices, Inc.)
S3 AtiDCM; C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [28416 2014-03-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [101376 2016-07-21] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.1.14\Definitions\BASHDefs\20161220.001\BHDrvx64.sys [1874136 2016-12-13] (Symantec Corporation)
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 ccSet_NSBU; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\ccSetx64.sys [174328 2016-11-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-09-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-12-15] (Symantec Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-28] (REALiX(tm))
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.1.14\Definitions\IPSDefs\20161221.001\IDSvia64.sys [1038032 2016-12-16] (Symantec Corporation)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-07-27] (IObit.com)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-10-31] (Realsil Semiconductor Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
R3 SRTSP; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\SRTSP64.SYS [784624 2016-11-11] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-11] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSBUx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-11] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSBUx64\1608010.00E\SymELAM.sys [24192 2016-11-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-12-15] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\Ironx64.SYS [289520 2016-11-11] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\SYMNETS.SYS [567512 2016-11-11] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.1.14\Definitions\SDSDefs\20161215.018\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.1.14\Definitions\SDSDefs\20161215.018\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-21 15:01 - 2016-12-21 15:01 - 00001431 _____ C:\Users\Rick\Desktop\FRST64(1).lnk
2016-12-21 14:59 - 2016-12-21 14:59 - 00002876 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Rick)
2016-12-21 14:58 - 2016-12-21 14:58 - 02420736 _____ (Farbar) C:\Users\Rick\Downloads\FRST64(1).exe
2016-12-21 04:43 - 2016-12-21 04:44 - 00042649 _____ C:\Users\Rick\Downloads\MTB.txt
2016-12-21 04:42 - 2016-12-21 04:42 - 00892416 _____ (Farbar) C:\Users\Rick\Downloads\MiniToolBox.exe
2016-12-17 19:44 - 2016-12-17 19:43 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-17 19:44 - 2016-12-17 19:43 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-17 16:08 - 2016-12-17 16:08 - 00000000 __SHD C:\found.000
2016-12-16 22:04 - 2016-12-16 22:04 - 00863592 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-12-16 17:34 - 2016-12-16 17:43 - 00000000 ____D C:\Users\Rick\Desktop\Tweaking.com - Windows Repair
2016-12-16 13:09 - 2016-12-16 13:11 - 00000000 ____D C:\Users\Rick\Documents\tweaking.com_windows_repair_aio
2016-12-16 13:00 - 2016-12-16 13:00 - 00001999 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-12-16 13:00 - 2016-12-16 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-12-15 20:38 - 2016-12-15 20:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2016-12-15 20:30 - 2016-12-15 20:30 - 00100592 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2016-12-15 20:30 - 2016-12-15 20:30 - 00008319 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2016-12-15 20:30 - 2016-12-15 20:30 - 00003240 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2016-12-15 20:30 - 2016-12-15 20:30 - 00002573 _____ C:\Users\Public\Desktop\Norton Security with Backup.lnk
2016-12-15 20:28 - 2016-12-15 20:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2016-12-15 20:28 - 2016-12-15 20:29 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2016-12-15 20:23 - 2016-12-15 20:23 - 01101176 _____ (Symantec Corporation) C:\Users\Rick\Downloads\NortonNSBUDownloader(1).exe
2016-12-15 17:19 - 2016-12-15 17:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-13 17:54 - 2016-12-13 17:54 - 00000000 ____D C:\ProgramData\Symantec
2016-12-13 17:33 - 2016-12-13 17:33 - 00900344 _____ C:\Users\Rick\Downloads\Norton_Removal_Tool.exe
2016-12-13 15:17 - 2016-12-13 15:17 - 00779920 _____ (Symantec Corporation) C:\Users\Rick\Downloads\SymNRT(3).exe
2016-12-13 15:14 - 2016-12-13 15:14 - 00779920 _____ (Symantec Corporation) C:\Users\Rick\Downloads\SymNRT(2).exe
2016-12-13 15:12 - 2016-12-13 15:12 - 00003112 _____ C:\WINDOWS\System32\Tasks\{898F92F8-CB40-4FCF-BC98-45DB5B4B9DC2}
2016-12-13 15:11 - 2016-12-13 15:11 - 00779920 _____ (Symantec Corporation) C:\Users\Rick\Downloads\SymNRT(1).exe
2016-12-13 15:09 - 2016-12-13 15:09 - 00003106 _____ C:\WINDOWS\System32\Tasks\{132D027F-B8D3-46B3-9E83-E92DDA5013B8}
2016-12-13 15:08 - 2016-12-13 15:08 - 00779920 _____ (Symantec Corporation) C:\Users\Rick\Downloads\SymNRT.exe
2016-12-13 03:37 - 2016-12-13 03:44 - 00001192 _____ C:\Users\Rick\Desktop\Scan log.txt
2016-12-12 20:46 - 2016-12-17 14:45 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-12 20:44 - 2016-12-12 20:45 - 51969976 _____ (Malwarebytes ) C:\Users\Rick\Downloads\mb3-setup-consumer-3.0.4.1269.exe
2016-12-12 14:55 - 2016-12-13 15:27 - 00000000 ____D C:\Program Files\CCleaner
2016-12-12 14:55 - 2016-12-12 14:55 - 00002780 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-12-12 14:55 - 2016-12-12 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-12-12 14:55 - 2016-12-12 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-12 14:55 - 2016-12-12 14:55 - 00000000 ____D C:\Program Files\Speccy
2016-12-12 14:53 - 2016-12-12 14:53 - 06293184 _____ (Piriform Ltd) C:\Users\Rick\Downloads\spsetup130(2).exe
2016-12-12 14:49 - 2016-12-12 14:49 - 06293184 _____ (Piriform Ltd) C:\Users\Rick\Downloads\spsetup130(1).exe
2016-12-12 14:45 - 2016-12-12 14:45 - 06293184 _____ (Piriform Ltd) C:\Users\Rick\Downloads\spsetup130.exe
2016-12-05 20:40 - 2016-12-05 20:40 - 22851472 _____ (Malwarebytes ) C:\Users\Rick\Downloads\mbam-setup-2.2.1.1043(1).exe
2016-12-05 16:26 - 2016-12-05 16:27 - 00000115 _____ C:\Users\Rick\Desktop\Geek Police.url
2016-12-05 15:21 - 2016-12-05 15:21 - 00003156 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2016-12-05 15:21 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2016-12-05 15:20 - 2016-12-05 15:20 - 00003004 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2016-12-05 15:20 - 2016-12-05 15:20 - 00003002 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2016-12-05 15:20 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2016-12-05 15:19 - 2016-12-05 15:19 - 00001204 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-12-05 15:19 - 2016-12-05 15:19 - 00001181 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2016-12-05 15:19 - 2016-12-05 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2016-12-05 15:19 - 2016-12-05 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-12-05 04:33 - 2016-12-05 04:33 - 00316640 _____ C:\WINDOWS\WMSysPr9.prx
2016-12-04 16:50 - 2016-12-14 15:27 - 00000000 ____D C:\Users\Rick\Desktop\Old Firefox Data
2016-12-04 16:45 - 2016-12-21 15:05 - 00000000 ____D C:\Users\Rick\AppData\LocalLow\Mozilla
2016-12-04 13:31 - 2016-12-04 13:30 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-12-04 13:18 - 2016-12-04 13:18 - 00946696 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2016-12-04 13:18 - 2016-12-04 13:18 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-12-04 13:10 - 2016-12-04 13:32 - 00002301 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-12-04 13:10 - 2016-12-04 13:10 - 00003244 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-12-04 13:10 - 2016-12-04 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-12-04 13:07 - 2016-12-04 13:08 - 17138387 _____ (IObit ) C:\Users\Rick\Downloads\driver_booster_setup (1).exe
2016-12-04 12:41 - 2016-12-16 13:27 - 00000286 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Rick.job
2016-12-04 12:41 - 2016-12-04 12:41 - 00002384 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Rick
2016-12-04 12:40 - 2016-12-04 12:40 - 00001403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-12-04 12:40 - 2016-12-04 12:40 - 00001391 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-12-04 12:40 - 2016-12-04 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-12-04 12:39 - 2016-12-04 12:39 - 00003004 _____ C:\WINDOWS\System32\Tasks\ASC10_PerformanceMonitor
2016-12-04 12:39 - 2016-12-04 12:39 - 00002808 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_Rick
2016-12-04 12:38 - 2016-12-19 04:09 - 00002291 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2016-12-04 10:57 - 2016-12-04 12:26 - 00851968 _____ C:\WINDOWS\system32\SxsTrace.etl
2016-12-03 17:43 - 2016-12-03 17:43 - 00000329 _____ C:\Users\Rick\Downloads\Pork Butt Rub (2).txt
2016-11-29 16:32 - 2016-11-29 16:32 - 21041152 _____ C:\Users\Rick\Downloads\System.evtx
2016-11-29 16:17 - 2016-11-29 16:17 - 21041152 _____ C:\Users\Rick\Downloads\Applications.evtx
2016-11-29 05:06 - 2016-11-29 05:06 - 03070451 _____ C:\Users\Rick\Documents\System.zip
2016-11-28 21:01 - 2016-11-28 21:02 - 02042944 _____ C:\Users\Rick\Documents\Applications.zip
2016-11-28 20:58 - 2016-11-28 20:58 - 21041152 _____ C:\Users\Rick\Documents\System.evtx
2016-11-28 20:57 - 2016-11-28 20:57 - 21041152 _____ C:\Users\Rick\Documents\Applications.evtx
2016-11-28 19:27 - 2016-11-28 19:27 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Rick\Downloads\rkill.scr
2016-11-28 16:19 - 2016-11-28 16:19 - 01631928 _____ (Malwarebytes) C:\Users\Rick\Downloads\JRT.exe
2016-11-28 16:10 - 2016-11-28 16:10 - 04286744 _____ (Microsoft Corporation) C:\Users\Rick\Downloads\vcredist_x64 (2).exe
2016-11-28 16:08 - 2016-11-28 16:08 - 04286744 _____ (Microsoft Corporation) C:\Users\Rick\Downloads\vcredist_x64 (1).exe
2016-11-28 16:07 - 2016-11-28 16:07 - 04286744 _____ (Microsoft Corporation) C:\Users\Rick\Downloads\vcredist_x64.exe
2016-11-27 19:15 - 2016-11-27 19:16 - 22851472 _____ (Malwarebytes ) C:\Users\Rick\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-11-27 18:55 - 2016-11-27 18:55 - 03910208 _____ C:\Users\Rick\Downloads\adwcleaner_6.030.exe
2016-11-27 18:38 - 2016-11-27 18:38 - 22851472 _____ (Malwarebytes ) C:\Users\Rick\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-27 17:33 - 2016-11-27 18:25 - 00034543 _____ C:\Users\Rick\Downloads\Addition.txt
2016-11-27 17:29 - 2016-12-21 15:04 - 00021525 _____ C:\Users\Rick\Downloads\FRST.txt
2016-11-27 17:28 - 2016-12-21 15:03 - 00000000 ____D C:\FRST
2016-11-26 19:28 - 2016-11-26 19:29 - 38300468 _____ C:\Users\Rick\Downloads\firefox-browser-for-android-50-0.apk
2016-11-26 19:28 - 2016-11-26 19:29 - 38300468 _____ C:\Users\Rick\Downloads\firefox-browser-for-android-50-0 (1).apk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-21 14:59 - 2013-05-21 18:32 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3431173695-69639140-411144729-1002
2016-12-21 14:54 - 2014-01-12 23:30 - 00000000 ___DO C:\Users\Rick\SkyDrive
2016-12-21 14:14 - 2014-05-04 20:08 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-21 13:33 - 2012-07-26 02:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-21 07:27 - 2015-12-03 19:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-12-19 15:35 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-19 15:35 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-19 04:09 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Inf
2016-12-19 03:45 - 2013-11-14 02:28 - 00799036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-19 03:41 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-19 02:37 - 2013-08-22 08:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-12-18 18:19 - 2013-11-19 21:26 - 00000000 ____D C:\ProgramData\ProductData
2016-12-17 22:40 - 2013-08-14 04:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-17 22:32 - 2013-05-22 18:10 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-17 22:18 - 2014-01-15 22:11 - 87736320 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2016-12-17 22:18 - 2014-01-15 22:11 - 05742592 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2016-12-17 22:18 - 2014-01-15 22:11 - 00061440 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2016-12-17 22:18 - 2014-01-15 22:11 - 00024576 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2016-12-17 14:52 - 2013-05-21 18:24 - 00000000 ____D C:\Users\Rick\AppData\Local\Packages
2016-12-17 07:22 - 2013-08-22 09:44 - 00337808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-16 22:27 - 2013-05-22 05:18 - 00000000 ____D C:\Users\Rick\AppData\Local\CrashDumps
2016-12-16 22:21 - 2014-12-16 13:13 - 00000000 ____D C:\Users\Guest\Desktop\Vicki Lynn Stief_files
2016-12-16 22:21 - 2014-12-03 11:19 - 00000000 ____D C:\Users\Guest\Desktop\Facebook_files
2016-12-16 22:21 - 2014-11-15 11:24 - 00000000 ____D C:\Users\Guest\Desktop\Account Info_files
2016-12-16 22:21 - 2014-11-15 10:42 - 00000000 ____D C:\Users\Guest\Desktop\Remedy by our Grandmothers for Treating Asthma, Bronchitis, Coughs and Lung Problems - Daily Nutrition News_files
2016-12-16 22:21 - 2014-11-12 09:34 - 00000000 ____D C:\Users\Guest\Desktop\The 18 signs of a psychopath _ Health - WGAL Home_files
2016-12-16 22:21 - 2014-10-22 13:35 - 00000000 ____D C:\Users\Guest\Desktop\Classic - Miss Lippy By Vicki Stief (boobahh52) on Myspace_files
2016-12-16 22:21 - 2014-10-21 11:20 - 00000000 ____D C:\Users\Guest\Desktop\Natural Remedy to Rid of Wrinkles _ Health Digezt_files
2016-12-16 22:21 - 2014-10-18 10:44 - 00000000 ____D C:\Users\Guest\Desktop\Club Pogo YAHTZEE Party!_files
2016-12-16 22:21 - 2014-09-27 21:34 - 00000000 ____D C:\Users\Guest\Desktop\12 Ways Multiple Sclerosis Affects the Body_files
2016-12-16 22:19 - 2013-08-22 08:25 - 00000128 _____ C:\WINDOWS\win.ini
2016-12-16 18:13 - 2013-11-09 20:31 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 18:13 - 2013-11-09 20:31 - 00003202 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 13:26 - 2014-05-16 14:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-16 13:00 - 2014-11-21 10:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-12-16 13:00 - 2013-08-22 08:25 - 00000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_236
2016-12-15 20:41 - 2012-08-28 07:07 - 00000000 ____D C:\ProgramData\Norton
2016-12-15 20:37 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-12-15 20:30 - 2016-05-17 14:32 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-12-15 20:30 - 2012-07-26 03:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-12-15 20:28 - 2012-08-28 07:07 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-12-15 20:24 - 2016-05-15 09:27 - 00001298 _____ C:\Users\Rick\Desktop\Norton Installation Files.lnk
2016-12-15 20:24 - 2014-05-03 05:11 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-12-14 19:15 - 2016-01-15 19:55 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 19:15 - 2016-01-15 19:55 - 00002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-13 19:15 - 2014-05-04 20:08 - 00003582 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-13 19:14 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-13 19:14 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-13 18:03 - 2014-01-12 23:31 - 00003762 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CE73BFD4-8A76-4CEF-9A5E-A3B42F8E01F8}
2016-12-13 15:42 - 2013-09-05 17:30 - 00000000 ____D C:\Users\Rick\AppData\Roaming\PhotoScape
2016-12-13 15:11 - 2013-08-13 04:54 - 00000000 ____D C:\Users\Rick\AppData\Local\ElevatedDiagnostics
2016-12-10 14:41 - 2014-01-12 23:00 - 00000000 ____D C:\Users\Rick
2016-12-10 11:39 - 2014-01-12 23:00 - 00000000 ____D C:\Users\Guest
2016-12-06 21:21 - 2013-10-31 05:29 - 00000000 ____D C:\Users\Guest\AppData\LocalLow\IObit
2016-12-06 12:47 - 2013-11-11 13:49 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2016-12-05 21:18 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Performance
2016-12-05 15:21 - 2013-05-22 05:12 - 00000000 ____D C:\ProgramData\IObit
2016-12-05 15:21 - 2013-05-22 05:12 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-05 15:19 - 2013-05-22 05:12 - 00000000 ____D C:\Users\Rick\AppData\Roaming\IObit
2016-12-05 09:18 - 2014-04-29 05:56 - 74821632 _____ C:\WINDOWS\system32\config\COMPONENTS.iodefrag.bak
2016-12-04 16:44 - 2014-06-08 11:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-04 13:31 - 2015-02-11 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-04 13:28 - 2013-06-25 05:23 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-04 13:25 - 2014-06-24 18:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-04 12:39 - 2015-12-16 04:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-12-04 12:31 - 2013-09-29 21:20 - 00000000 ____D C:\Users\Rick\AppData\Local\Google
2016-12-04 12:30 - 2016-05-17 14:26 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSBUx64
2016-11-29 05:05 - 2015-12-01 17:51 - 00000000 ____D C:\Users\Rick\Documents\Swiss Beach_files
2016-11-27 16:37 - 2016-04-05 14:21 - 00000000 ____D C:\Users\Rick\Desktop\List of Emoticons for Facebook - Facebook Symbols and Chat Emoticons_files
2016-11-27 16:37 - 2015-12-24 17:10 - 00000000 ____D C:\Users\Rick\Desktop\MyLGHealth - Login Page_files
2016-11-27 16:37 - 2015-12-09 16:21 - 00000000 ____D C:\Users\Rick\Documents\Pervertians_files
2016-11-27 16:37 - 2015-12-07 18:31 - 00000000 ____D C:\Users\Rick\Documents\Stalkerish _ We Find the Hottest Girls on the Web For You_files
2016-11-27 16:37 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-11-27 16:30 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\registration
2016-11-26 10:44 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories =======
2014-06-19 14:13 - 2014-06-19 14:13 - 0000024 _____ () C:\Users\Rick\AppData\Roaming\temp.ini
2014-01-12 22:53 - 2014-01-12 22:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-19 05:22
==================== End of FRST.txt ============================