Son's gaming pc going c
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2015
Ran by Justin (administrator) on JGAMINGCOMPUTER on 14-04-2015 21:26:30
Running from C:\Users\Justin\Desktop
Loaded Profiles: Justin (Available profiles: Justin)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-16] (Synaptics Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3181081214-4100868398-1530923957-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3181081214-4100868398-1530923957-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-02-25] (Electronic Arts)
HKU\S-1-5-21-3181081214-4100868398-1530923957-1001\...\MountPoints2: {b703932e-92c3-11e4-8262-3863bbaab60d} - "F:\VerizonSWUpgradeAssistantLauncher.exe"
AppInit_DLLs-x32: d => "d" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3181081214-4100868398-1530923957-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-3181081214-4100868398-1530923957-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {1B537232-A5A2-4F4B-A112-81B10AAB3412} URL = http://www.amazon.co...ds={searchTerms}
SearchScopes: HKU\S-1-5-21-3181081214-4100868398-1530923957-1001 -> {1B537232-A5A2-4F4B-A112-81B10AAB3412} URL = http://www.amazon.co...ds={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-17] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-17] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-25] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-17] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-04-07]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-08]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2014-06-23] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2015-01-10] (EasyAntiCheat Ltd)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-14] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-28] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-16] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [32768 2013-08-01] (Validity Sensors, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3897856 2014-05-15] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-02-24] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150410.001\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150412.002\ENG64.SYS [129752 2015-03-25] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150412.002\EX64.SYS [2137304 2015-03-25] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-16] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1507000.00B\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 21:26 - 2015-04-14 21:30 - 00022579 _____ () C:\Users\Justin\Desktop\FRST.txt
2015-04-14 21:23 - 2015-04-14 21:26 - 00000000 ____D () C:\FRST
2015-04-14 21:21 - 2015-04-14 21:22 - 02096640 _____ (Farbar) C:\Users\Justin\Desktop\FRST64.exe
2015-04-14 17:52 - 2015-04-14 17:52 - 00007605 _____ () C:\Users\Justin\AppData\Local\Resmon.ResmonCfg
2015-04-14 17:36 - 2015-04-14 21:13 - 00002793 _____ () C:\Windows\setupact.log
2015-04-14 17:36 - 2015-04-14 17:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-14 17:15 - 2015-04-14 21:25 - 00109038 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 05:54 - 2015-04-14 05:56 - 00000080 _____ () C:\Users\Justin\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-04-13 06:08 - 2015-04-13 20:12 - 00000000 ____D () C:\Users\Justin\AppData\Local\GrowHome
2015-04-12 17:25 - 2015-04-12 17:25 - 62649363 _____ () C:\Users\Justin\Desktop\MOds.zip
2015-04-12 16:16 - 2015-04-12 16:16 - 28627034 _____ () C:\Users\Justin\Downloads\Lift 9 by CDFDMAN.zip
2015-04-12 15:51 - 2015-04-12 15:51 - 16878946 _____ () C:\Users\Justin\Downloads\GazzaIsland[1.7.4].zip
2015-04-12 15:28 - 2015-04-12 15:28 - 03091838 _____ () C:\Users\Justin\Downloads\Cops and Robbers 4.5 - High Security [By Podcrash].zip
2015-04-11 17:20 - 2015-04-14 21:09 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Notepad++
2015-04-11 17:20 - 2015-04-14 21:09 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-04-11 16:44 - 2015-04-11 17:09 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\.mcRPW
2015-04-11 16:44 - 2015-04-11 16:44 - 03597399 _____ () C:\Users\Justin\Downloads\RPW-LATEST.jar
2015-04-11 14:28 - 2015-04-11 14:29 - 51064840 _____ () C:\Users\Justin\Downloads\D2 PACKAGE - UNZIP THIS FIRST (1).zip
2015-04-11 14:24 - 2015-04-11 14:24 - 00000000 ____D () C:\Users\Justin\Downloads\D2 PACKAGE - UNZIP THIS FIRST
2015-04-11 14:23 - 2015-04-11 14:24 - 51064840 _____ () C:\Users\Justin\Downloads\D2 PACKAGE - UNZIP THIS FIRST.zip
2015-04-10 19:28 - 2015-04-11 17:41 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Audacity
2015-04-10 17:30 - 2015-04-10 17:30 - 10802262 _____ () C:\Users\Justin\Downloads\Breakable 2 by CDFDMAN.zip
2015-04-10 17:19 - 2015-04-10 17:19 - 01195992 _____ () C:\Users\Justin\Downloads\The Day Before Christmas.zip
2015-04-10 17:10 - 2015-04-10 17:10 - 03464973 _____ () C:\Users\Justin\Downloads\Sleepless Nights, by GoC.rar
2015-04-10 17:00 - 2015-04-10 17:00 - 00262601 _____ () C:\Users\Justin\Downloads\One Way Prison Escape 2.zip
2015-04-10 16:49 - 2015-04-10 16:49 - 00333921 _____ () C:\Users\Justin\Downloads\Test _11232.zip
2015-04-08 16:32 - 2015-04-08 16:32 - 00000222 _____ () C:\Users\Justin\Desktop\Grand Theft Auto V.url
2015-04-08 16:32 - 2015-04-08 16:32 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-08 06:43 - 2015-04-08 06:43 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-04-06 20:02 - 2015-04-14 21:10 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-06 20:02 - 2015-04-14 21:08 - 00000000 ____D () C:\Users\Justin\AppData\Local\Google
2015-04-06 20:01 - 2015-04-06 20:02 - 00000000 ____D () C:\Users\Justin\AppData\Local\Deployment
2015-04-06 20:01 - 2015-04-06 20:01 - 00000000 ____D () C:\Users\Justin\AppData\Local\Apps\2.0
2015-04-05 12:40 - 2015-04-12 17:22 - 00000000 ____D () C:\Users\Justin\Desktop\MOds
2015-04-05 10:44 - 2015-04-05 10:44 - 36914207 _____ (Igor Pavlov) C:\Users\Justin\Downloads\mcedit2-2.0.0-alpha1-win-amd64.exe
2015-04-05 10:44 - 2015-04-05 10:44 - 00000000 ____D () C:\Users\Justin\Downloads\mcedit2-2.0.0-alpha1-win-amd64
2015-04-05 10:44 - 2015-04-05 10:44 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Python-Eggs
2015-04-04 19:28 - 2015-04-04 19:28 - 03401621 _____ () C:\Users\Justin\Downloads\forge-1.8-11.14.1.1333-installer.jar
2015-04-04 19:19 - 2015-04-04 19:19 - 03443226 _____ () C:\Users\Justin\Downloads\forge-1.8-11.14.1.1354-installer.jar
2015-04-04 18:42 - 2015-04-04 18:42 - 37151149 _____ () C:\Users\Justin\Downloads\MC1.7.10_mcheli_0.9.3.zip
2015-04-04 17:21 - 2015-04-04 17:21 - 03047295 _____ () C:\Users\Justin\Downloads\forge-1.7.10-10.13.1.1216-new-installer (1).jar
2015-04-04 17:20 - 2015-04-04 17:20 - 03047295 _____ () C:\Users\Justin\Downloads\forge-1.7.10-10.13.1.1216-new-installer.jar
2015-04-04 17:14 - 2015-04-04 17:14 - 01769757 _____ () C:\Users\Justin\Downloads\fml-1.8-8.0.20.1023-1.8-installer.jar
2015-04-04 17:01 - 2015-04-04 17:04 - 468940286 _____ () C:\Users\Justin\Downloads\Greenfield v0.4.6.zip
2015-04-04 16:37 - 2013-08-13 11:42 - 00000000 ____D () C:\Users\Justin\Downloads\Minecraft_Server - Avalon Port
2015-03-25 06:22 - 2015-03-10 22:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 06:22 - 2015-03-10 18:08 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-25 06:22 - 2015-03-10 18:08 - 00943104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 06:22 - 2015-03-10 18:08 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 06:22 - 2015-03-10 18:08 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 06:22 - 2015-03-10 18:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 06:22 - 2015-03-10 18:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-24 06:16 - 2015-03-24 06:17 - 00000000 ____D () C:\Users\Justin\Desktop\New folder
2015-03-23 19:38 - 2015-03-23 19:40 - 00779759 _____ () C:\Users\Justin\Downloads\Swimwear_set_v1.0.zip
2015-03-23 19:25 - 2015-01-24 22:19 - 00000000 ____D () C:\Users\Justin\Downloads\7
2015-03-23 19:25 - 2015-01-24 22:19 - 00000000 ____D () C:\Users\Justin\Downloads\6
2015-03-23 19:25 - 2015-01-24 22:19 - 00000000 ____D () C:\Users\Justin\Downloads\5
2015-03-23 19:25 - 2015-01-24 22:18 - 00000000 ____D () C:\Users\Justin\Downloads\4
2015-03-23 19:25 - 2015-01-24 22:18 - 00000000 ____D () C:\Users\Justin\Downloads\3
2015-03-23 19:25 - 2015-01-24 22:18 - 00000000 ____D () C:\Users\Justin\Downloads\2
2015-03-23 19:25 - 2015-01-24 22:18 - 00000000 ____D () C:\Users\Justin\Downloads\1
2015-03-23 19:24 - 2015-03-23 19:26 - 00000000 ____D () C:\Users\Justin\Downloads\Odejda
2015-03-23 19:24 - 2015-01-29 21:43 - 05403096 _____ () C:\Users\Justin\Downloads\Balmain.rar
2015-03-23 19:21 - 2015-03-23 19:21 - 20320320 _____ () C:\Users\Justin\Downloads\Set_of_Clothes_v1.0.rar
2015-03-23 18:28 - 2015-03-23 18:28 - 00000000 ____D () C:\Users\Justin\Downloads\Big_Clothing_Pack_v1.0
2015-03-23 17:52 - 2015-03-23 17:52 - 50144315 _____ () C:\Users\Justin\Downloads\Big_Clothing_Pack_v1.0.rar
2015-03-23 17:39 - 2015-03-23 17:39 - 09285759 _____ () C:\Users\Justin\Downloads\Clothing_Pack_for_Female_v1.0.rar
2015-03-22 16:18 - 2015-03-22 16:18 - 00426081 _____ () C:\Users\Justin\Downloads\NRaas_Career_V86.zip
2015-03-22 16:04 - 2015-03-22 16:04 - 00005297 _____ () C:\Users\Justin\Downloads\MTS_nesleyswipes_1482840_StringsProWrestlingEnglish.rar
2015-03-22 13:57 - 2015-03-22 13:57 - 00000000 ____D () C:\Users\Justin\AppData\Local\Microsoft Help
2015-03-22 10:27 - 2015-03-22 11:50 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Tropico 5
2015-03-22 10:25 - 2015-03-22 10:25 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Kalypso Media
2015-03-22 08:57 - 2015-03-22 08:57 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\WinRAR
2015-03-22 08:57 - 2015-03-22 08:57 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-22 08:57 - 2015-03-22 08:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-22 08:56 - 2015-03-22 08:57 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-20 16:41 - 2015-03-20 16:41 - 00000000 ____D () C:\ProgramData\EA Core
2015-03-16 16:31 - 2015-03-20 16:44 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\SPORE
2015-03-16 16:31 - 2015-03-16 16:31 - 00000000 ____D () C:\Users\Justin\Documents\My Spore Creations
2015-03-16 16:30 - 2015-03-16 16:30 - 00000000 __RHD () C:\Users\Justin\AppData\Roaming\SecuROM
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 21:32 - 2014-12-27 16:32 - 00000000 ____D () C:\Users\Justin\AppData\Local\CrashDumps
2015-04-14 21:20 - 2015-03-13 07:22 - 00003184 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJustin
2015-04-14 21:20 - 2015-03-13 07:22 - 00000368 _____ () C:\Windows\Tasks\HPCeeScheduleForJustin.job
2015-04-14 21:16 - 2015-03-10 19:11 - 00005006 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JGAMINGCOMPUTER-Justin JGamingcomputer
2015-04-14 21:16 - 2014-12-25 17:33 - 00000000 ____D () C:\Users\Justin\OneDrive
2015-04-14 21:16 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-14 21:15 - 2014-12-25 17:32 - 00000000 ____D () C:\Users\Justin\Documents\Youcam
2015-04-14 21:14 - 2014-12-25 17:29 - 00000000 ____D () C:\Users\Justin
2015-04-14 21:13 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 21:04 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-14 21:00 - 2014-12-25 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-14 16:17 - 2014-12-25 20:01 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{34E2BEC5-97D6-40F4-9C46-8BC4012CDAB7}
2015-04-14 05:57 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-14 05:52 - 2014-12-25 17:36 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3181081214-4100868398-1530923957-1001
2015-04-13 05:58 - 2015-02-24 17:47 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-04-13 05:58 - 2015-02-24 17:47 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-04-13 05:57 - 2015-02-24 17:47 - 00002467 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2015-04-13 05:57 - 2015-02-24 17:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-04-12 18:16 - 2014-12-25 20:12 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\.minecraft
2015-04-11 22:29 - 2015-02-25 20:56 - 00000000 ____D () C:\ProgramData\Origin
2015-04-10 16:55 - 2014-12-26 18:59 - 00000000 ____D () C:\Fraps
2015-04-10 16:49 - 2014-12-26 12:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-09 14:59 - 2015-02-25 20:56 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-07 21:04 - 2014-08-26 05:56 - 00000000 ____D () C:\ProgramData\CyberLink
2015-04-05 09:51 - 2015-01-10 15:59 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\.mono
2015-04-04 17:53 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-28 17:32 - 2015-02-28 17:37 - 00000000 ____D () C:\Users\Justin\Documents\Electronic Arts
2015-03-28 17:32 - 2015-02-28 17:37 - 00000000 ____D () C:\Users\Justin\Desktop\The Sims 3
2015-03-26 16:45 - 2014-12-28 22:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-26 16:45 - 2014-12-28 22:20 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 20:55 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-22 14:00 - 2014-12-25 17:30 - 00000000 ____D () C:\Users\Justin\AppData\Local\Packages
2015-03-17 17:13 - 2015-01-16 12:13 - 00003232 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJGAMINGCOMPUTER$
2015-03-17 17:13 - 2015-01-16 12:13 - 00000396 _____ () C:\Windows\Tasks\HPCeeScheduleForJGAMINGCOMPUTER$.job
2015-03-17 06:52 - 2015-03-10 19:07 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-15 12:47 - 2014-03-18 05:53 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2015-04-14 17:52 - 2015-04-14 17:52 - 0007605 _____ () C:\Users\Justin\AppData\Local\Resmon.ResmonCfg
2015-02-24 17:46 - 2015-02-24 17:46 - 0274187 _____ () C:\ProgramData\1424814279.bdinstall.bin
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-08 17:33
==================== End Of Log ============================