Page 1 of 4 123 ... LastLast
Results 1 to 10 of 34

Thread: FBI virus page

  1. #1
    Member
    Join Date
    May 2015
    Posts
    76
    Points
    0

    Default FBI virus page

    Joe, came here from the Gardenweb formuns. Having an issue cleaning my computer, got the FBI virus page earlier and immediately rebooted my system. I have run the recommended scans and here are the logs:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 05/31/2015 at 06:57 PM

    Application Version : 6.0.1170
    Database Version : 11898

    Scan type : Complete Scan
    Total Scan Time : 00:21:52

    Operating System Information
    Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 861
    Memory threats detected : 0
    Registry items scanned : 35226
    Registry threats detected : 0
    File items scanned : 23294
    File threats detected : 4

    Adware.Tracking Cookie
    .imrworldwide.com [ C:\USERS\HERB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 2\COOKIES ]
    .doubleclick.net [ C:\USERS\HERB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 2\COOKIES ]
    .adtechjp.com [ C:\USERS\HERB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 2\COOKIES ]
    .adtechjp.com [ C:\USERS\HERB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 2\COOKIES ]

    ============================
    Unwanted Programs Detected
    ============================
    Search Protection

    ============
    End of Log
    ============

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 7:07:12 PM, on 5/31/2015
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17801)


    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Microsoft Games\solitaire\solitaire.exe
    C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Users\Herb\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ad-Aware SecureSearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    O4 - HKLM\..\Run: [BbInstallUser] C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe
    O4 - HKLM\..\Run: [BbPrintMonitor] C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
    O4 - HKCU\..\Run: [WinPatrol] C:\Program Files\Ruiware\WinPatrol\winpatrol.exe -expressboot
    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6F9A4A8CE3698DD8CD7DB1498B0D00E1] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
    O4 - HKCU\..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
    O4 - HKUS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User '?')
    O4 - HKUS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User '?')
    O4 - HKUS\S-1-5-21-57612297-3157999027-2505413976-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
    O4 - HKUS\S-1-5-21-57612297-3157999027-2505413976-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [GoogleChromeAutoLaunch_6F9A4A8CE3698DD8CD7DB1498B0D00E1] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window (User '?')
    O4 - HKUS\S-1-5-21-57612297-3157999027-2505413976-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
    O4 - S-1-5-21-57612297-3157999027-2505413976-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Dropbox.lnk = Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?')
    O4 - Startup: Dropbox.lnk = Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: http://*.webcompanion.com
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
    O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
    O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe

    --
    End of file - 11657 bytes

    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 5/31/2015
    Scan Time: 7:04:46 PM
    Logfile: mwbites.txt
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.05.31.03
    Rootkit Database: v2015.05.31.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x86
    File System: NTFS
    User: Herb

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 403318
    Time Elapsed: 20 min, 57 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    Everything gets download to the desktop and tools are "Run as administrator."

    Please download Farbar Recovery Scan Tool and save it to your Desktop. Looks like 32 Bit one for you.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.[/*]
    • Press Scan button.[/*]
    • It will produce a log called FRST.txt in the same directory the tool is run from.[/*]
    • Please copy and paste log back here.[/*]
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.[/*]

  3. #3
    Member
    Join Date
    May 2015
    Posts
    76
    Points
    0

    Default

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
    Ran by Herb (administrator) on HERB-PC on 31-05-2015 19:40:12
    Running from C:\Users\Herb\Desktop
    Loaded Profiles: Herb (Available Profiles: Herb & Admiis)
    Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
    (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Bluebeam Software, Inc.) C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    (Dropbox, Inc.) C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
    () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
    (Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
    (Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-29] (Adobe Systems Incorporated)
    HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-29] (Adobe Systems Inc.)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [BbInstallUser] => C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe [48696 2014-10-13] (Bluebeam Software, Inc.)
    HKLM\...\Run: [BbPrintMonitor] => C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe [174136 2014-10-13] (Bluebeam Software, Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [8216048 2015-03-10] ()
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1160536 2015-02-22] (Ruiware LLC)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [GoogleChromeAutoLaunch_6F9A4A8CE3698DD8CD7DB1498B0D00E1] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: H - H:\LaunchU3.exe -a
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: {25fcc4e1-02ea-11e3-9780-6431508a79d6} - H:\PhotoViewer.exe
    HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-14] (Microsoft Corporation)
    Startup: C:\Users\Admiis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-23]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-01]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Users\Herb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-23]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-23] (Avast Software s.r.o.)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Ad-Aware SecureSearch
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-57612297-3157999027-2505413976-1001 -> DefaultScope {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150531&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-57612297-3157999027-2505413976-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150531&q={searchTerms}
    BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
    BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
    BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
    BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
    Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
    Toolbar: HKU\.DEFAULT -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 33 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
    FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
    FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-01]
    FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-01]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-16]

    Chrome:
    =======
    CHR Profile: C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (HP Product Detection Plugin) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-07-29]
    CHR Extension: (Google Docs) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-13]
    CHR Extension: (Google Drive) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-13]
    CHR Extension: (WOT) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-09-21]
    CHR Extension: (YouTube) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-13]
    CHR Extension: (Google Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-13]
    CHR Extension: (avast! Online Security) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-16]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-07-13]
    CHR Extension: (Crackle) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2013-07-13]
    CHR Extension: (Social Fixer for Facebook) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2013-07-13]
    CHR Extension: (Chrome In-App Payments service) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
    CHR Extension: (LogMeIn) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-07-17]
    CHR Extension: (Gmail) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-13]
    CHR Profile: C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2
    CHR Extension: (Google Docs) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-16]
    CHR Extension: (Google Drive) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
    CHR Extension: (WOT) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-16]
    CHR Extension: (Adblock Plus) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-27]
    CHR Extension: (Bookmark Manager) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
    CHR Extension: (Avast Online Security) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-17]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-01-16]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
    CHR Extension: (Google Wallet) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-16]
    CHR Extension: (Gmail) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-16]
    CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-10-26] (SUPERAntiSpyware.com)
    R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-23] (Avast Software)
    S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-05-15] (Flexera Software LLC)
    R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Users\Admiis\AppData\Local\Temp\7zS495B\hpslpsvc32.dll [701288 2013-07-19] (Hewlett-Packard Co.)
    R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1795176 2011-08-29] (Realsil Microelectronics Inc.)
    R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
    R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-23] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-23] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-23] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-23] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-23] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-23] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-23] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-23] ()
    R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
    R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254568 2011-08-29] (Realtek Semiconductor Corp.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-23] (Avast Software)
    S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
    S4 LMIRfsClientNP; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-31 19:39 - 2015-05-31 19:39 - 00022941 _____ () C:\Users\Herb\Desktop\Addition.txt
    2015-05-31 19:38 - 2015-05-31 19:40 - 00022935 _____ () C:\Users\Herb\Desktop\FRST.txt
    2015-05-31 19:38 - 2015-05-31 19:40 - 00000000 ____D () C:\FRST
    2015-05-31 19:37 - 2015-05-31 19:37 - 01147392 _____ (Farbar) C:\Users\Herb\Downloads\FRST.exe
    2015-05-31 19:37 - 2015-05-31 19:37 - 01147392 _____ (Farbar) C:\Users\Herb\Desktop\FRST.exe
    2015-05-31 19:07 - 2015-05-31 19:07 - 00011659 _____ () C:\Users\Herb\Downloads\hijackthis.log
    2015-05-31 19:05 - 2015-05-31 19:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\Herb\Downloads\HijackThis.exe
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000246 _____ () C:\prefs.js
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\LavasoftStatistics
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\Users\Herb\AppData\Local\Lavasoft
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\searchplugins
    2015-05-31 18:04 - 2015-05-31 18:04 - 00002920 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
    2015-05-31 18:04 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
    2015-05-31 18:03 - 2015-05-31 18:21 - 00002281 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    2015-05-31 18:03 - 2015-05-31 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2015-05-31 18:03 - 2015-05-31 18:04 - 00000000 ____D () C:\Program Files\Lavasoft
    2015-05-31 18:02 - 2015-05-31 18:03 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\Lavasoft
    2015-05-31 18:02 - 2015-05-31 18:02 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
    2015-05-31 18:01 - 2015-05-31 18:03 - 00000000 ____D () C:\ProgramData\Lavasoft
    2015-05-31 18:01 - 2015-05-31 18:01 - 02057008 _____ () C:\Users\Herb\Downloads\Adaware_Installer.exe
    2015-05-31 15:24 - 2015-05-31 15:24 - 00000000 __SHD () C:\Users\Herb\AppData\Local\EmieBrowserModeList
    2015-05-29 19:06 - 2015-05-31 17:43 - 00000168 _____ () C:\Windows\setupact.log
    2015-05-29 19:06 - 2015-05-29 19:06 - 00000000 _____ () C:\Windows\setuperr.log
    2015-05-27 19:30 - 2015-05-27 19:31 - 06549184 _____ (Piriform Ltd) C:\Users\Herb\Downloads\ccsetup506.exe
    2015-05-14 01:20 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 22:06 - 2015-05-13 23:06 - 00000000 ____D () C:\8c6aba52f3a6838f02942beb65
    2015-05-13 19:29 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-13 19:29 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2015-05-13 19:29 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-13 19:29 - 2015-04-27 15:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-13 19:29 - 2015-04-27 15:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-13 19:29 - 2015-04-27 15:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-13 19:29 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-13 19:29 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-13 19:29 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-13 19:29 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-13 19:29 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-13 19:29 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-13 19:29 - 2015-04-27 14:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 19:29 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-13 19:29 - 2015-04-19 22:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-13 19:29 - 2015-04-19 22:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-13 19:29 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-13 19:29 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-13 19:28 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-13 19:28 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-13 19:28 - 2015-04-21 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-13 19:28 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-13 19:28 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-13 19:28 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-13 19:28 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-13 19:28 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-13 19:28 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-13 19:28 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-13 19:28 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-13 19:28 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-13 19:28 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-13 19:28 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-13 19:28 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-13 19:28 - 2015-04-21 11:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-13 19:28 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-13 19:28 - 2015-04-21 11:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-13 19:28 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-13 19:28 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-13 19:28 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-13 19:28 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-13 19:28 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-13 19:28 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-13 19:28 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-13 19:28 - 2015-04-21 11:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-13 19:28 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-13 19:28 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-13 19:28 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-13 19:28 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-13 19:28 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-13 19:28 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-13 19:28 - 2015-04-12 23:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-13 19:28 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-13 19:28 - 2015-04-07 23:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-13 19:28 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-13 19:28 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-31 19:22 - 2013-07-19 18:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-05-31 19:09 - 2013-07-13 19:30 - 01117708 _____ () C:\Windows\WindowsUpdate.log
    2015-05-31 19:06 - 2013-07-13 16:36 - 00000000 ____D () C:\Users\Herb\AppData\Local\VirtualStore
    2015-05-31 19:04 - 2014-07-27 12:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-31 18:56 - 2013-07-13 17:06 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-05-31 18:27 - 2013-07-13 17:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-05-31 17:52 - 2009-07-14 00:34 - 00026016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-05-31 17:52 - 2009-07-14 00:34 - 00026016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-05-31 17:45 - 2013-07-13 21:32 - 00000000 ___RD () C:\Users\Herb\Dropbox
    2015-05-31 17:45 - 2013-07-13 21:23 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\Dropbox
    2015-05-31 17:44 - 2013-07-13 17:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-05-31 17:43 - 2014-07-27 12:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-05-31 17:43 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-31 15:19 - 2014-07-27 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-31 15:19 - 2013-07-13 17:57 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-05-27 19:32 - 2013-07-23 19:43 - 00000925 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2015-05-27 19:32 - 2013-07-23 19:43 - 00000000 ____D () C:\Program Files\CCleaner
    2015-05-26 19:57 - 2013-07-13 17:07 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-05-20 18:47 - 2015-04-05 08:02 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-05-16 14:38 - 2013-09-01 21:12 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00001956 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
    2015-05-15 21:38 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
    2015-05-15 21:10 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2015-05-14 21:11 - 2009-07-14 03:50 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-14 19:35 - 2013-07-13 16:42 - 00397910 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-14 19:30 - 2009-07-14 00:33 - 00365936 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-05-14 19:28 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-14 01:20 - 2013-07-13 18:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-05-14 01:18 - 2013-08-14 22:45 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-14 01:10 - 2013-07-16 19:46 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-13 23:07 - 2013-07-16 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-13 23:06 - 2013-07-16 19:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-05-13 20:31 - 2014-01-09 19:45 - 00000000 ____D () C:\Users\Herb\Desktop\Receipts
    2015-05-11 19:06 - 2014-02-23 16:48 - 00001013 _____ () C:\Users\Herb\Desktop\Dropbox.lnk

    ==================== Files in the root of some directories =======

    2013-09-01 10:12 - 2015-03-05 19:58 - 0006624 _____ () C:\ProgramData\hpzinstall.log
    2014-04-24 21:14 - 2014-05-15 20:25 - 0000263 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    2015-02-15 15:29 - 2015-02-15 15:29 - 0000125 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

    Some files in TEMP:
    ====================
    C:\Users\Herb\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm3shxz.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-24 09:20

    ==================== End of log ============================

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
    Ran by Herb (administrator) on HERB-PC on 31-05-2015 19:40:12
    Running from C:\Users\Herb\Desktop
    Loaded Profiles: Herb (Available Profiles: Herb & Admiis)
    Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
    (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Bluebeam Software, Inc.) C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    (Dropbox, Inc.) C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
    () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
    (Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
    (Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-29] (Adobe Systems Incorporated)
    HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-29] (Adobe Systems Inc.)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [BbInstallUser] => C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe [48696 2014-10-13] (Bluebeam Software, Inc.)
    HKLM\...\Run: [BbPrintMonitor] => C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe [174136 2014-10-13] (Bluebeam Software, Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [8216048 2015-03-10] ()
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1160536 2015-02-22] (Ruiware LLC)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [GoogleChromeAutoLaunch_6F9A4A8CE3698DD8CD7DB1498B0D00E1] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: H - H:\LaunchU3.exe -a
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: {25fcc4e1-02ea-11e3-9780-6431508a79d6} - H:\PhotoViewer.exe
    HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-14] (Microsoft Corporation)
    Startup: C:\Users\Admiis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-23]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-01]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Users\Herb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-23]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-23] (Avast Software s.r.o.)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Ad-Aware SecureSearch
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-57612297-3157999027-2505413976-1001 -> DefaultScope {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150531&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-57612297-3157999027-2505413976-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150531&q={searchTerms}
    BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
    BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
    BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
    BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
    Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
    Toolbar: HKU\.DEFAULT -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 33 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
    FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
    FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-01]
    FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-01]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-16]

    Chrome:
    =======
    CHR Profile: C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (HP Product Detection Plugin) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-07-29]
    CHR Extension: (Google Docs) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-13]
    CHR Extension: (Google Drive) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-13]
    CHR Extension: (WOT) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-09-21]
    CHR Extension: (YouTube) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-13]
    CHR Extension: (Google Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-13]
    CHR Extension: (avast! Online Security) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-16]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-07-13]
    CHR Extension: (Crackle) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2013-07-13]
    CHR Extension: (Social Fixer for Facebook) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2013-07-13]
    CHR Extension: (Chrome In-App Payments service) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
    CHR Extension: (LogMeIn) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-07-17]
    CHR Extension: (Gmail) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-13]
    CHR Profile: C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2
    CHR Extension: (Google Docs) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-16]
    CHR Extension: (Google Drive) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
    CHR Extension: (WOT) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-16]
    CHR Extension: (Adblock Plus) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-27]
    CHR Extension: (Bookmark Manager) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
    CHR Extension: (Avast Online Security) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-17]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-01-16]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
    CHR Extension: (Google Wallet) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-16]
    CHR Extension: (Gmail) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-16]
    CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-10-26] (SUPERAntiSpyware.com)
    R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-23] (Avast Software)
    S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-05-15] (Flexera Software LLC)
    R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Users\Admiis\AppData\Local\Temp\7zS495B\hpslpsvc32.dll [701288 2013-07-19] (Hewlett-Packard Co.)
    R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1795176 2011-08-29] (Realsil Microelectronics Inc.)
    R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
    R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-23] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-23] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-23] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-23] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-23] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-23] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-23] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-23] ()
    R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
    R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254568 2011-08-29] (Realtek Semiconductor Corp.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-23] (Avast Software)
    S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
    S4 LMIRfsClientNP; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-31 19:39 - 2015-05-31 19:39 - 00022941 _____ () C:\Users\Herb\Desktop\Addition.txt
    2015-05-31 19:38 - 2015-05-31 19:40 - 00022935 _____ () C:\Users\Herb\Desktop\FRST.txt
    2015-05-31 19:38 - 2015-05-31 19:40 - 00000000 ____D () C:\FRST
    2015-05-31 19:37 - 2015-05-31 19:37 - 01147392 _____ (Farbar) C:\Users\Herb\Downloads\FRST.exe
    2015-05-31 19:37 - 2015-05-31 19:37 - 01147392 _____ (Farbar) C:\Users\Herb\Desktop\FRST.exe
    2015-05-31 19:07 - 2015-05-31 19:07 - 00011659 _____ () C:\Users\Herb\Downloads\hijackthis.log
    2015-05-31 19:05 - 2015-05-31 19:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\Herb\Downloads\HijackThis.exe
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000246 _____ () C:\prefs.js
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\LavasoftStatistics
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\Users\Herb\AppData\Local\Lavasoft
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\searchplugins
    2015-05-31 18:04 - 2015-05-31 18:04 - 00002920 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
    2015-05-31 18:04 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
    2015-05-31 18:03 - 2015-05-31 18:21 - 00002281 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    2015-05-31 18:03 - 2015-05-31 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2015-05-31 18:03 - 2015-05-31 18:04 - 00000000 ____D () C:\Program Files\Lavasoft
    2015-05-31 18:02 - 2015-05-31 18:03 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\Lavasoft
    2015-05-31 18:02 - 2015-05-31 18:02 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
    2015-05-31 18:01 - 2015-05-31 18:03 - 00000000 ____D () C:\ProgramData\Lavasoft
    2015-05-31 18:01 - 2015-05-31 18:01 - 02057008 _____ () C:\Users\Herb\Downloads\Adaware_Installer.exe
    2015-05-31 15:24 - 2015-05-31 15:24 - 00000000 __SHD () C:\Users\Herb\AppData\Local\EmieBrowserModeList
    2015-05-29 19:06 - 2015-05-31 17:43 - 00000168 _____ () C:\Windows\setupact.log
    2015-05-29 19:06 - 2015-05-29 19:06 - 00000000 _____ () C:\Windows\setuperr.log
    2015-05-27 19:30 - 2015-05-27 19:31 - 06549184 _____ (Piriform Ltd) C:\Users\Herb\Downloads\ccsetup506.exe
    2015-05-14 01:20 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 22:06 - 2015-05-13 23:06 - 00000000 ____D () C:\8c6aba52f3a6838f02942beb65
    2015-05-13 19:29 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-13 19:29 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2015-05-13 19:29 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-13 19:29 - 2015-04-27 15:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-13 19:29 - 2015-04-27 15:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-13 19:29 - 2015-04-27 15:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-13 19:29 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-13 19:29 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-13 19:29 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-13 19:29 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-13 19:29 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-13 19:29 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-13 19:29 - 2015-04-27 14:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 19:29 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-13 19:29 - 2015-04-19 22:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-13 19:29 - 2015-04-19 22:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-13 19:29 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-13 19:29 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-13 19:28 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-13 19:28 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-13 19:28 - 2015-04-21 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-13 19:28 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-13 19:28 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-13 19:28 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-13 19:28 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-13 19:28 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-13 19:28 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-13 19:28 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-13 19:28 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-13 19:28 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-13 19:28 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-13 19:28 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-13 19:28 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-13 19:28 - 2015-04-21 11:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-13 19:28 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-13 19:28 - 2015-04-21 11:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-13 19:28 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-13 19:28 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-13 19:28 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-13 19:28 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-13 19:28 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-13 19:28 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-13 19:28 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-13 19:28 - 2015-04-21 11:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-13 19:28 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-13 19:28 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-13 19:28 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-13 19:28 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-13 19:28 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-13 19:28 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-13 19:28 - 2015-04-12 23:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-13 19:28 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-13 19:28 - 2015-04-07 23:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-13 19:28 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-13 19:28 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-31 19:22 - 2013-07-19 18:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-05-31 19:09 - 2013-07-13 19:30 - 01117708 _____ () C:\Windows\WindowsUpdate.log
    2015-05-31 19:06 - 2013-07-13 16:36 - 00000000 ____D () C:\Users\Herb\AppData\Local\VirtualStore
    2015-05-31 19:04 - 2014-07-27 12:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-31 18:56 - 2013-07-13 17:06 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-05-31 18:27 - 2013-07-13 17:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-05-31 17:52 - 2009-07-14 00:34 - 00026016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-05-31 17:52 - 2009-07-14 00:34 - 00026016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-05-31 17:45 - 2013-07-13 21:32 - 00000000 ___RD () C:\Users\Herb\Dropbox
    2015-05-31 17:45 - 2013-07-13 21:23 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\Dropbox
    2015-05-31 17:44 - 2013-07-13 17:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-05-31 17:43 - 2014-07-27 12:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-05-31 17:43 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-31 15:19 - 2014-07-27 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-31 15:19 - 2013-07-13 17:57 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-05-27 19:32 - 2013-07-23 19:43 - 00000925 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2015-05-27 19:32 - 2013-07-23 19:43 - 00000000 ____D () C:\Program Files\CCleaner
    2015-05-26 19:57 - 2013-07-13 17:07 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-05-20 18:47 - 2015-04-05 08:02 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-05-16 14:38 - 2013-09-01 21:12 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00001956 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
    2015-05-15 21:38 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
    2015-05-15 21:10 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2015-05-14 21:11 - 2009-07-14 03:50 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-14 19:35 - 2013-07-13 16:42 - 00397910 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-14 19:30 - 2009-07-14 00:33 - 00365936 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-05-14 19:28 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-14 01:20 - 2013-07-13 18:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-05-14 01:18 - 2013-08-14 22:45 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-14 01:10 - 2013-07-16 19:46 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-13 23:07 - 2013-07-16 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-13 23:06 - 2013-07-16 19:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-05-13 20:31 - 2014-01-09 19:45 - 00000000 ____D () C:\Users\Herb\Desktop\Receipts
    2015-05-11 19:06 - 2014-02-23 16:48 - 00001013 _____ () C:\Users\Herb\Desktop\Dropbox.lnk

    ==================== Files in the root of some directories =======

    2013-09-01 10:12 - 2015-03-05 19:58 - 0006624 _____ () C:\ProgramData\hpzinstall.log
    2014-04-24 21:14 - 2014-05-15 20:25 - 0000263 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    2015-02-15 15:29 - 2015-02-15 15:29 - 0000125 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

    Some files in TEMP:
    ====================
    C:\Users\Herb\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm3shxz.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-24 09:20

    ==================== End of log ============================

  4. #4
    Member
    Join Date
    May 2015
    Posts
    76
    Points
    0

    Default

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
    Ran by Herb (administrator) on HERB-PC on 31-05-2015 19:40:12
    Running from C:\Users\Herb\Desktop
    Loaded Profiles: Herb (Available Profiles: Herb & Admiis)
    Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
    (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Bluebeam Software, Inc.) C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    (Dropbox, Inc.) C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
    () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
    (Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
    (Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-29] (Adobe Systems Incorporated)
    HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-29] (Adobe Systems Inc.)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [BbInstallUser] => C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe [48696 2014-10-13] (Bluebeam Software, Inc.)
    HKLM\...\Run: [BbPrintMonitor] => C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe [174136 2014-10-13] (Bluebeam Software, Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [8216048 2015-03-10] ()
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1160536 2015-02-22] (Ruiware LLC)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [GoogleChromeAutoLaunch_6F9A4A8CE3698DD8CD7DB1498B0D00E1] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: H - H:\LaunchU3.exe -a
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: {25fcc4e1-02ea-11e3-9780-6431508a79d6} - H:\PhotoViewer.exe
    HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-14] (Microsoft Corporation)
    Startup: C:\Users\Admiis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-23]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-01]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Users\Herb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-23]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-23] (Avast Software s.r.o.)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Ad-Aware SecureSearch
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-57612297-3157999027-2505413976-1001 -> DefaultScope {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150531&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-57612297-3157999027-2505413976-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150531&q={searchTerms}
    BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
    BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
    BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
    BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
    Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
    Toolbar: HKU\.DEFAULT -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 33 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
    FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
    FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-01]
    FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-01]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-16]

    Chrome:
    =======
    CHR Profile: C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (HP Product Detection Plugin) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-07-29]
    CHR Extension: (Google Docs) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-13]
    CHR Extension: (Google Drive) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-13]
    CHR Extension: (WOT) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-09-21]
    CHR Extension: (YouTube) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-13]
    CHR Extension: (Google Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-13]
    CHR Extension: (avast! Online Security) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-16]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-07-13]
    CHR Extension: (Crackle) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2013-07-13]
    CHR Extension: (Social Fixer for Facebook) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2013-07-13]
    CHR Extension: (Chrome In-App Payments service) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
    CHR Extension: (LogMeIn) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-07-17]
    CHR Extension: (Gmail) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-13]
    CHR Profile: C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2
    CHR Extension: (Google Docs) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-16]
    CHR Extension: (Google Drive) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
    CHR Extension: (WOT) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-16]
    CHR Extension: (Adblock Plus) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-27]
    CHR Extension: (Bookmark Manager) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
    CHR Extension: (Avast Online Security) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-17]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-01-16]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
    CHR Extension: (Google Wallet) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-16]
    CHR Extension: (Gmail) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-16]
    CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-10-26] (SUPERAntiSpyware.com)
    R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-23] (Avast Software)
    S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-05-15] (Flexera Software LLC)
    R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Users\Admiis\AppData\Local\Temp\7zS495B\hpslpsvc32.dll [701288 2013-07-19] (Hewlett-Packard Co.)
    R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1795176 2011-08-29] (Realsil Microelectronics Inc.)
    R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
    R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-23] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-23] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-23] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-23] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-23] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-23] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-23] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-23] ()
    R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
    R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254568 2011-08-29] (Realtek Semiconductor Corp.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-23] (Avast Software)
    S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
    S4 LMIRfsClientNP; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-31 19:39 - 2015-05-31 19:39 - 00022941 _____ () C:\Users\Herb\Desktop\Addition.txt
    2015-05-31 19:38 - 2015-05-31 19:40 - 00022935 _____ () C:\Users\Herb\Desktop\FRST.txt
    2015-05-31 19:38 - 2015-05-31 19:40 - 00000000 ____D () C:\FRST
    2015-05-31 19:37 - 2015-05-31 19:37 - 01147392 _____ (Farbar) C:\Users\Herb\Downloads\FRST.exe
    2015-05-31 19:37 - 2015-05-31 19:37 - 01147392 _____ (Farbar) C:\Users\Herb\Desktop\FRST.exe
    2015-05-31 19:07 - 2015-05-31 19:07 - 00011659 _____ () C:\Users\Herb\Downloads\hijackthis.log
    2015-05-31 19:05 - 2015-05-31 19:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\Herb\Downloads\HijackThis.exe
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000246 _____ () C:\prefs.js
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\LavasoftStatistics
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\Users\Herb\AppData\Local\Lavasoft
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\searchplugins
    2015-05-31 18:04 - 2015-05-31 18:04 - 00002920 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
    2015-05-31 18:04 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
    2015-05-31 18:03 - 2015-05-31 18:21 - 00002281 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    2015-05-31 18:03 - 2015-05-31 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2015-05-31 18:03 - 2015-05-31 18:04 - 00000000 ____D () C:\Program Files\Lavasoft
    2015-05-31 18:02 - 2015-05-31 18:03 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\Lavasoft
    2015-05-31 18:02 - 2015-05-31 18:02 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
    2015-05-31 18:01 - 2015-05-31 18:03 - 00000000 ____D () C:\ProgramData\Lavasoft
    2015-05-31 18:01 - 2015-05-31 18:01 - 02057008 _____ () C:\Users\Herb\Downloads\Adaware_Installer.exe
    2015-05-31 15:24 - 2015-05-31 15:24 - 00000000 __SHD () C:\Users\Herb\AppData\Local\EmieBrowserModeList
    2015-05-29 19:06 - 2015-05-31 17:43 - 00000168 _____ () C:\Windows\setupact.log
    2015-05-29 19:06 - 2015-05-29 19:06 - 00000000 _____ () C:\Windows\setuperr.log
    2015-05-27 19:30 - 2015-05-27 19:31 - 06549184 _____ (Piriform Ltd) C:\Users\Herb\Downloads\ccsetup506.exe
    2015-05-14 01:20 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 22:06 - 2015-05-13 23:06 - 00000000 ____D () C:\8c6aba52f3a6838f02942beb65
    2015-05-13 19:29 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-13 19:29 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2015-05-13 19:29 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-13 19:29 - 2015-04-27 15:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-13 19:29 - 2015-04-27 15:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-13 19:29 - 2015-04-27 15:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-13 19:29 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-13 19:29 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-13 19:29 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-13 19:29 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-13 19:29 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-13 19:29 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-13 19:29 - 2015-04-27 14:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 19:29 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-13 19:29 - 2015-04-19 22:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-13 19:29 - 2015-04-19 22:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-13 19:29 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-13 19:29 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-13 19:28 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-13 19:28 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-13 19:28 - 2015-04-21 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-13 19:28 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-13 19:28 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-13 19:28 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-13 19:28 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-13 19:28 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-13 19:28 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-13 19:28 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-13 19:28 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-13 19:28 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-13 19:28 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-13 19:28 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-13 19:28 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-13 19:28 - 2015-04-21 11:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-13 19:28 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-13 19:28 - 2015-04-21 11:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-13 19:28 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-13 19:28 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-13 19:28 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-13 19:28 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-13 19:28 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-13 19:28 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-13 19:28 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-13 19:28 - 2015-04-21 11:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-13 19:28 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-13 19:28 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-13 19:28 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-13 19:28 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-13 19:28 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-13 19:28 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-13 19:28 - 2015-04-12 23:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-13 19:28 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-13 19:28 - 2015-04-07 23:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-13 19:28 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-13 19:28 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-31 19:22 - 2013-07-19 18:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-05-31 19:09 - 2013-07-13 19:30 - 01117708 _____ () C:\Windows\WindowsUpdate.log
    2015-05-31 19:06 - 2013-07-13 16:36 - 00000000 ____D () C:\Users\Herb\AppData\Local\VirtualStore
    2015-05-31 19:04 - 2014-07-27 12:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-31 18:56 - 2013-07-13 17:06 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-05-31 18:27 - 2013-07-13 17:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-05-31 17:52 - 2009-07-14 00:34 - 00026016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-05-31 17:52 - 2009-07-14 00:34 - 00026016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-05-31 17:45 - 2013-07-13 21:32 - 00000000 ___RD () C:\Users\Herb\Dropbox
    2015-05-31 17:45 - 2013-07-13 21:23 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\Dropbox
    2015-05-31 17:44 - 2013-07-13 17:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-05-31 17:43 - 2014-07-27 12:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-05-31 17:43 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-31 15:19 - 2014-07-27 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-31 15:19 - 2013-07-13 17:57 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-05-27 19:32 - 2013-07-23 19:43 - 00000925 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2015-05-27 19:32 - 2013-07-23 19:43 - 00000000 ____D () C:\Program Files\CCleaner
    2015-05-26 19:57 - 2013-07-13 17:07 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-05-20 18:47 - 2015-04-05 08:02 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-05-16 14:38 - 2013-09-01 21:12 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00001956 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
    2015-05-15 21:38 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
    2015-05-15 21:10 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2015-05-14 21:11 - 2009-07-14 03:50 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-14 19:35 - 2013-07-13 16:42 - 00397910 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-14 19:30 - 2009-07-14 00:33 - 00365936 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-05-14 19:28 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-14 01:20 - 2013-07-13 18:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-05-14 01:18 - 2013-08-14 22:45 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-14 01:10 - 2013-07-16 19:46 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-13 23:07 - 2013-07-16 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-13 23:06 - 2013-07-16 19:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-05-13 20:31 - 2014-01-09 19:45 - 00000000 ____D () C:\Users\Herb\Desktop\Receipts
    2015-05-11 19:06 - 2014-02-23 16:48 - 00001013 _____ () C:\Users\Herb\Desktop\Dropbox.lnk

    ==================== Files in the root of some directories =======

    2013-09-01 10:12 - 2015-03-05 19:58 - 0006624 _____ () C:\ProgramData\hpzinstall.log
    2014-04-24 21:14 - 2014-05-15 20:25 - 0000263 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    2015-02-15 15:29 - 2015-02-15 15:29 - 0000125 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

    Some files in TEMP:
    ====================
    C:\Users\Herb\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm3shxz.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-24 09:20

    ==================== End of log ============================

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
    Ran by Herb (administrator) on HERB-PC on 31-05-2015 19:40:12
    Running from C:\Users\Herb\Desktop
    Loaded Profiles: Herb (Available Profiles: Herb & Admiis)
    Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
    (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Bluebeam Software, Inc.) C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    (Dropbox, Inc.) C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
    () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
    (Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
    (Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-29] (Adobe Systems Incorporated)
    HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-29] (Adobe Systems Inc.)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [BbInstallUser] => C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe [48696 2014-10-13] (Bluebeam Software, Inc.)
    HKLM\...\Run: [BbPrintMonitor] => C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe [174136 2014-10-13] (Bluebeam Software, Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [8216048 2015-03-10] ()
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1160536 2015-02-22] (Ruiware LLC)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [GoogleChromeAutoLaunch_6F9A4A8CE3698DD8CD7DB1498B0D00E1] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: H - H:\LaunchU3.exe -a
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: {25fcc4e1-02ea-11e3-9780-6431508a79d6} - H:\PhotoViewer.exe
    HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-14] (Microsoft Corporation)
    Startup: C:\Users\Admiis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-23]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-01]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Users\Herb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-23]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-23] (Avast Software s.r.o.)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Ad-Aware SecureSearch
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-57612297-3157999027-2505413976-1001 -> DefaultScope {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150531&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-57612297-3157999027-2505413976-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150531&q={searchTerms}
    BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
    BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
    BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
    BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
    Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
    Toolbar: HKU\.DEFAULT -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
    Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Winsock: Catalog9 33 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
    FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
    FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-01]
    FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-01]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-16]

    Chrome:
    =======
    CHR Profile: C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (HP Product Detection Plugin) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-07-29]
    CHR Extension: (Google Docs) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-13]
    CHR Extension: (Google Drive) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-13]
    CHR Extension: (WOT) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-09-21]
    CHR Extension: (YouTube) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-13]
    CHR Extension: (Google Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-13]
    CHR Extension: (avast! Online Security) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-16]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-07-13]
    CHR Extension: (Crackle) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2013-07-13]
    CHR Extension: (Social Fixer for Facebook) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2013-07-13]
    CHR Extension: (Chrome In-App Payments service) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
    CHR Extension: (LogMeIn) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-07-17]
    CHR Extension: (Gmail) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-13]
    CHR Profile: C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2
    CHR Extension: (Google Docs) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-16]
    CHR Extension: (Google Drive) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
    CHR Extension: (WOT) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-16]
    CHR Extension: (Adblock Plus) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-27]
    CHR Extension: (Bookmark Manager) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
    CHR Extension: (Avast Online Security) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-17]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-01-16]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
    CHR Extension: (Google Wallet) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-16]
    CHR Extension: (Gmail) - C:\Users\Herb\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-16]
    CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-10-26] (SUPERAntiSpyware.com)
    R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-23] (Avast Software)
    S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-05-15] (Flexera Software LLC)
    R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Users\Admiis\AppData\Local\Temp\7zS495B\hpslpsvc32.dll [701288 2013-07-19] (Hewlett-Packard Co.)
    R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1795176 2011-08-29] (Realsil Microelectronics Inc.)
    R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
    R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-23] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-23] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-23] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-23] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-23] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-23] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-23] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-23] ()
    R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
    R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254568 2011-08-29] (Realtek Semiconductor Corp.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-23] (Avast Software)
    S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
    S4 LMIRfsClientNP; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-31 19:39 - 2015-05-31 19:39 - 00022941 _____ () C:\Users\Herb\Desktop\Addition.txt
    2015-05-31 19:38 - 2015-05-31 19:40 - 00022935 _____ () C:\Users\Herb\Desktop\FRST.txt
    2015-05-31 19:38 - 2015-05-31 19:40 - 00000000 ____D () C:\FRST
    2015-05-31 19:37 - 2015-05-31 19:37 - 01147392 _____ (Farbar) C:\Users\Herb\Downloads\FRST.exe
    2015-05-31 19:37 - 2015-05-31 19:37 - 01147392 _____ (Farbar) C:\Users\Herb\Desktop\FRST.exe
    2015-05-31 19:07 - 2015-05-31 19:07 - 00011659 _____ () C:\Users\Herb\Downloads\hijackthis.log
    2015-05-31 19:05 - 2015-05-31 19:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\Herb\Downloads\HijackThis.exe
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000246 _____ () C:\prefs.js
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\LavasoftStatistics
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\Users\Herb\AppData\Local\Lavasoft
    2015-05-31 18:05 - 2015-05-31 18:05 - 00000000 ____D () C:\searchplugins
    2015-05-31 18:04 - 2015-05-31 18:04 - 00002920 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
    2015-05-31 18:04 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
    2015-05-31 18:03 - 2015-05-31 18:21 - 00002281 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    2015-05-31 18:03 - 2015-05-31 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2015-05-31 18:03 - 2015-05-31 18:04 - 00000000 ____D () C:\Program Files\Lavasoft
    2015-05-31 18:02 - 2015-05-31 18:03 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\Lavasoft
    2015-05-31 18:02 - 2015-05-31 18:02 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
    2015-05-31 18:01 - 2015-05-31 18:03 - 00000000 ____D () C:\ProgramData\Lavasoft
    2015-05-31 18:01 - 2015-05-31 18:01 - 02057008 _____ () C:\Users\Herb\Downloads\Adaware_Installer.exe
    2015-05-31 15:24 - 2015-05-31 15:24 - 00000000 __SHD () C:\Users\Herb\AppData\Local\EmieBrowserModeList
    2015-05-29 19:06 - 2015-05-31 17:43 - 00000168 _____ () C:\Windows\setupact.log
    2015-05-29 19:06 - 2015-05-29 19:06 - 00000000 _____ () C:\Windows\setuperr.log
    2015-05-27 19:30 - 2015-05-27 19:31 - 06549184 _____ (Piriform Ltd) C:\Users\Herb\Downloads\ccsetup506.exe
    2015-05-14 01:20 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 22:06 - 2015-05-13 23:06 - 00000000 ____D () C:\8c6aba52f3a6838f02942beb65
    2015-05-13 19:29 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-13 19:29 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2015-05-13 19:29 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-13 19:29 - 2015-04-27 15:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-13 19:29 - 2015-04-27 15:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-13 19:29 - 2015-04-27 15:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-13 19:29 - 2015-04-27 15:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-13 19:29 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-13 19:29 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-13 19:29 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-13 19:29 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-13 19:29 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-13 19:29 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-13 19:29 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-13 19:29 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-13 19:29 - 2015-04-27 14:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 19:29 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-13 19:29 - 2015-04-19 22:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-13 19:29 - 2015-04-19 22:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-13 19:29 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-13 19:29 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-13 19:28 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-13 19:28 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-13 19:28 - 2015-04-21 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-13 19:28 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-13 19:28 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-13 19:28 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-13 19:28 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-13 19:28 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-13 19:28 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-13 19:28 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-13 19:28 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-13 19:28 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-13 19:28 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-13 19:28 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-13 19:28 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-13 19:28 - 2015-04-21 11:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-13 19:28 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-13 19:28 - 2015-04-21 11:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-13 19:28 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-13 19:28 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-13 19:28 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-13 19:28 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-13 19:28 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-13 19:28 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-13 19:28 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-13 19:28 - 2015-04-21 11:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-13 19:28 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-13 19:28 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-13 19:28 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-13 19:28 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-13 19:28 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-13 19:28 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-13 19:28 - 2015-04-12 23:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-13 19:28 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-13 19:28 - 2015-04-07 23:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-13 19:28 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-13 19:28 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-13 19:28 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-31 19:22 - 2013-07-19 18:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-05-31 19:09 - 2013-07-13 19:30 - 01117708 _____ () C:\Windows\WindowsUpdate.log
    2015-05-31 19:06 - 2013-07-13 16:36 - 00000000 ____D () C:\Users\Herb\AppData\Local\VirtualStore
    2015-05-31 19:04 - 2014-07-27 12:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-31 18:56 - 2013-07-13 17:06 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-05-31 18:27 - 2013-07-13 17:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-05-31 17:52 - 2009-07-14 00:34 - 00026016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-05-31 17:52 - 2009-07-14 00:34 - 00026016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-05-31 17:45 - 2013-07-13 21:32 - 00000000 ___RD () C:\Users\Herb\Dropbox
    2015-05-31 17:45 - 2013-07-13 21:23 - 00000000 ____D () C:\Users\Herb\AppData\Roaming\Dropbox
    2015-05-31 17:44 - 2013-07-13 17:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-05-31 17:43 - 2014-07-27 12:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-05-31 17:43 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-31 15:19 - 2014-07-27 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-31 15:19 - 2013-07-13 17:57 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-05-27 19:32 - 2013-07-23 19:43 - 00000925 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2015-05-27 19:32 - 2013-07-23 19:43 - 00000000 ____D () C:\Program Files\CCleaner
    2015-05-26 19:57 - 2013-07-13 17:07 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-05-20 18:47 - 2015-04-05 08:02 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-05-16 14:38 - 2013-09-01 21:12 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00001956 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
    2015-05-16 14:38 - 2013-09-01 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
    2015-05-15 21:38 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
    2015-05-15 21:10 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2015-05-14 21:11 - 2009-07-14 03:50 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-14 19:35 - 2013-07-13 16:42 - 00397910 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-14 19:30 - 2009-07-14 00:33 - 00365936 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-05-14 19:28 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-14 01:20 - 2013-07-13 18:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-05-14 01:18 - 2013-08-14 22:45 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-14 01:10 - 2013-07-16 19:46 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-13 23:07 - 2013-07-16 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-13 23:06 - 2013-07-16 19:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-05-13 20:31 - 2014-01-09 19:45 - 00000000 ____D () C:\Users\Herb\Desktop\Receipts
    2015-05-11 19:06 - 2014-02-23 16:48 - 00001013 _____ () C:\Users\Herb\Desktop\Dropbox.lnk

    ==================== Files in the root of some directories =======

    2013-09-01 10:12 - 2015-03-05 19:58 - 0006624 _____ () C:\ProgramData\hpzinstall.log
    2014-04-24 21:14 - 2014-05-15 20:25 - 0000263 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    2015-02-15 15:29 - 2015-02-15 15:29 - 0000125 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

    Some files in TEMP:
    ====================
    C:\Users\Herb\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm3shxz.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-24 09:20

    ==================== End of log ============================

  5. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    What Anti virus are you using ?

    Please post the additions.txt log. Look on the desktop for it.

    Please uninstall spybot

  6. #6
    Member
    Join Date
    May 2015
    Posts
    76
    Points
    0

    Default

    Avast is my AV
    Spybot is removed

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-05-2015
    Ran by Herb at 2015-05-31 19:39:19
    Running from C:\Users\Herb\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Admiis (S-1-5-21-57612297-3157999027-2505413976-1005 - Administrator - Enabled) => C:\Users\Admiis
    Administrator (S-1-5-21-57612297-3157999027-2505413976-500 - Administrator - Disabled)
    Guest (S-1-5-21-57612297-3157999027-2505413976-501 - Limited - Disabled)
    Herb (S-1-5-21-57612297-3157999027-2505413976-1001 - Administrator - Enabled) => C:\Users\Herb
    HomeGroupUser$ (S-1-5-21-57612297-3157999027-2505413976-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
    7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
    Ad-Aware Antivirus (HKLM\...\{35CC81F8-F385-4B79-91A8-3163420F5D01}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
    Ad-Aware Web Companion (Version: 2.0.1013.2086 - Lavasoft) Hidden
    AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
    AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
    Adobe Acrobat X Pro - English, Franšais, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.14 - Adobe Systems)
    Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
    AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
    AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
    Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
    Autodesk App Manager (HKLM\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
    Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
    Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
    Autodesk Content Service (Version: 3.1.3.0 - Autodesk) Hidden
    Autodesk Content Service Language Pack (Version: 3.1.3.0 - Autodesk) Hidden
    Autodesk Featured Apps (HKLM\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
    Autodesk Material Library 2014 (HKLM\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2014 (HKLM\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
    Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
    Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
    Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
    Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
    BbeXtreme (Version: 12.6.0 - Bluebeam Software) Hidden
    Bluebeam Revu 12 (HKLM\...\InstallShield_{8C284678-3F62-48F1-8B2C-2B102D2D6867}) (Version: 12.6.0 - Bluebeam Software)
    Bluebeam Revu 12 (Version: 12.6.0 - Bluebeam Software) Hidden
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    C4400 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
    Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
    CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
    D2400 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    D2400_Help (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
    dj_sf_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    dj_sf_software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    dj_sf_software_req (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dropbox (HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
    FARO LS 1.1.501.0 (HKLM\...\{8F196892-666A-4A40-8587-6AE38F78A5C2}) (Version: 5.1.0.30630 - FARO Scanner Production)
    Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
    GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Deskjet Printer Driver Software 13.0 Rel. 1 (HKLM\...\{3CDDD063-7FC2-43A7-9EC0-B3F1E38C7649}) (Version: 13.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
    HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
    HP Product Detection (HKLM\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
    LavasoftTcpService (Version: 2.3.4.2 - Lavasoft) Hidden
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Basic 2007 (HKLM\...\BASICR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    partypoker (HKLM\...\PartyPoker) (Version: - PartyGaming)
    partypoker (HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\PartyPoker) (Version: - )
    PS_AIO_03_C4400_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.84 - Realtek Semiconductor Corp.)
    RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.10.00.04 - RICOH)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
    Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    SketchUp Import for AutoCAD 2014 (HKLM\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
    SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
    SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
    Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
    UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Web Companion (HKLM\...\{7ADC1B3B-06CB-4EC2-80A7-F063B2C5FE42}_WebCompanion) (Version: 2.0.1013.2086 - Lavasoft)
    WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - WinPatrol)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{6813A122-4BBF-4408-8C87-07176246B992}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{697DE5F4-0D13-4608-9728-7539F704E51C}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe /Automation No File
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{70A294B3-FE6F-4af9-9395-CFC58FC07C30}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe No File
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{DFAB83E9-EBA6-4425-928B-B15A57F39469}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{E27473C6-A63D-4b85-95FC-C7DE20306C0D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)

    ==================== Restore Points =========================

    26-02-2015 19:33:26 Windows Modules Installer
    04-03-2015 20:06:40 Windows Update
    11-03-2015 18:56:36 Windows Update
    11-03-2015 20:59:37 Windows Update
    18-03-2015 19:28:43 Windows Update
    19-03-2015 19:01:50 avast! antivirus system restore point
    25-03-2015 19:19:28 Windows Update
    01-04-2015 18:59:49 Windows Update
    05-04-2015 08:01:55 Windows Modules Installer
    08-04-2015 19:36:18 Windows Update
    15-04-2015 19:19:53 Windows Update
    16-04-2015 19:17:38 Windows Modules Installer
    22-04-2015 19:39:46 Windows Update
    23-04-2015 20:23:16 avast! antivirus system restore point
    29-04-2015 19:21:06 Windows Update
    06-05-2015 19:17:16 Windows Update
    13-05-2015 19:25:10 Windows Update
    13-05-2015 22:05:26 Windows Update
    14-05-2015 21:09:36 Windows Update
    20-05-2015 18:39:40 Windows Update
    20-05-2015 18:47:26 Windows Update
    26-05-2015 19:27:35 Windows Update
    31-05-2015 18:01:54 AA11
    31-05-2015 18:03:59 LavasoftWeCompanion

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:04 - 2014-03-10 20:36 - 00450131 ____R C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 00hq.com*-*This website is for sale!*-*00hq Resources and Information.
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com*-*This website is for sale!*-*032439 Resources and Information.
    127.0.0.1 032439.com
    127.0.0.1 0scan.com*-*This website is for sale!*-*0scan Resources and Information.
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 1000gratisproben.com*-*This website is for sale!*-*1000gratisproben Resources and Information.
    127.0.0.1 1001namen.com
    127.0.0.1 404 Not Found
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sex links Resources and Information.
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 Gadgets And More
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info

    There are 1000 more lines.


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0C40E1FD-B0A3-4851-96A5-33418CDC96FA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
    Task: {44DCEA3F-C3DB-4522-B017-D36DC2C1894D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
    Task: {5FD0B8AF-A380-4498-9874-A6871E887FF5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-23] (Avast Software s.r.o.)
    Task: {7F0775AE-DF0C-475C-8101-82628A04B75C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {82EF410C-BB9E-4E5D-96D9-60484D565DCA} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2012-10-26] (CyberLink)
    Task: {9F1D62CC-AC2A-4247-8554-C11D510A0493} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
    Task: {B2A3E12C-0DF1-46DF-AFE4-21AB4FA2E4CD} - System32\Tasks\{F1F9E6CA-6117-4E85-98D6-0D35134F53BE} => pcalua.exe -a C:\Users\Herb\Downloads\Vistawall-OldCastle-v15.exe -d C:\Users\Herb\Downloads
    Task: {BFBEF902-7ADC-4A61-8D26-7B7A154C6DE3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {DAB75F4C-DD5C-4785-9809-04A4D5A7BBB9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
    Task: {E631B780-04DD-46C3-A8D9-1CECE540646C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
    Task: {F71BF47C-4A4C-4289-82C6-A9FD61FB999B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

  7. #7
    Member
    Join Date
    May 2015
    Posts
    76
    Points
    0

    Default

    Avast is my AV
    Spybot is removed

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-05-2015
    Ran by Herb at 2015-05-31 19:39:19
    Running from C:\Users\Herb\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Admiis (S-1-5-21-57612297-3157999027-2505413976-1005 - Administrator - Enabled) => C:\Users\Admiis
    Administrator (S-1-5-21-57612297-3157999027-2505413976-500 - Administrator - Disabled)
    Guest (S-1-5-21-57612297-3157999027-2505413976-501 - Limited - Disabled)
    Herb (S-1-5-21-57612297-3157999027-2505413976-1001 - Administrator - Enabled) => C:\Users\Herb
    HomeGroupUser$ (S-1-5-21-57612297-3157999027-2505413976-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
    7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
    Ad-Aware Antivirus (HKLM\...\{35CC81F8-F385-4B79-91A8-3163420F5D01}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
    Ad-Aware Web Companion (Version: 2.0.1013.2086 - Lavasoft) Hidden
    AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
    AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
    Adobe Acrobat X Pro - English, Franšais, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.14 - Adobe Systems)
    Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
    AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
    AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
    Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
    Autodesk App Manager (HKLM\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
    Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
    Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
    Autodesk Content Service (Version: 3.1.3.0 - Autodesk) Hidden
    Autodesk Content Service Language Pack (Version: 3.1.3.0 - Autodesk) Hidden
    Autodesk Featured Apps (HKLM\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
    Autodesk Material Library 2014 (HKLM\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2014 (HKLM\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
    Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
    Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
    Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
    Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
    BbeXtreme (Version: 12.6.0 - Bluebeam Software) Hidden
    Bluebeam Revu 12 (HKLM\...\InstallShield_{8C284678-3F62-48F1-8B2C-2B102D2D6867}) (Version: 12.6.0 - Bluebeam Software)
    Bluebeam Revu 12 (Version: 12.6.0 - Bluebeam Software) Hidden
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    C4400 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
    Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
    CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
    D2400 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    D2400_Help (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
    dj_sf_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    dj_sf_software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    dj_sf_software_req (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dropbox (HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
    FARO LS 1.1.501.0 (HKLM\...\{8F196892-666A-4A40-8587-6AE38F78A5C2}) (Version: 5.1.0.30630 - FARO Scanner Production)
    Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
    GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Deskjet Printer Driver Software 13.0 Rel. 1 (HKLM\...\{3CDDD063-7FC2-43A7-9EC0-B3F1E38C7649}) (Version: 13.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
    HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
    HP Product Detection (HKLM\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
    LavasoftTcpService (Version: 2.3.4.2 - Lavasoft) Hidden
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Basic 2007 (HKLM\...\BASICR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    partypoker (HKLM\...\PartyPoker) (Version: - PartyGaming)
    partypoker (HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\PartyPoker) (Version: - )
    PS_AIO_03_C4400_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) Hidden
    Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.84 - Realtek Semiconductor Corp.)
    RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.10.00.04 - RICOH)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
    Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    SketchUp Import for AutoCAD 2014 (HKLM\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
    SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
    SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
    Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
    UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Web Companion (HKLM\...\{7ADC1B3B-06CB-4EC2-80A7-F063B2C5FE42}_WebCompanion) (Version: 2.0.1013.2086 - Lavasoft)
    WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - WinPatrol)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{6813A122-4BBF-4408-8C87-07176246B992}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{697DE5F4-0D13-4608-9728-7539F704E51C}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe /Automation No File
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{70A294B3-FE6F-4af9-9395-CFC58FC07C30}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe No File
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{DFAB83E9-EBA6-4425-928B-B15A57F39469}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{E27473C6-A63D-4b85-95FC-C7DE20306C0D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herb\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated)

    ==================== Restore Points =========================

    26-02-2015 19:33:26 Windows Modules Installer
    04-03-2015 20:06:40 Windows Update
    11-03-2015 18:56:36 Windows Update
    11-03-2015 20:59:37 Windows Update
    18-03-2015 19:28:43 Windows Update
    19-03-2015 19:01:50 avast! antivirus system restore point
    25-03-2015 19:19:28 Windows Update
    01-04-2015 18:59:49 Windows Update
    05-04-2015 08:01:55 Windows Modules Installer
    08-04-2015 19:36:18 Windows Update
    15-04-2015 19:19:53 Windows Update
    16-04-2015 19:17:38 Windows Modules Installer
    22-04-2015 19:39:46 Windows Update
    23-04-2015 20:23:16 avast! antivirus system restore point
    29-04-2015 19:21:06 Windows Update
    06-05-2015 19:17:16 Windows Update
    13-05-2015 19:25:10 Windows Update
    13-05-2015 22:05:26 Windows Update
    14-05-2015 21:09:36 Windows Update
    20-05-2015 18:39:40 Windows Update
    20-05-2015 18:47:26 Windows Update
    26-05-2015 19:27:35 Windows Update
    31-05-2015 18:01:54 AA11
    31-05-2015 18:03:59 LavasoftWeCompanion

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:04 - 2014-03-10 20:36 - 00450131 ____R C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 00hq.com*-*This website is for sale!*-*00hq Resources and Information.
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 032439.com
    127.0.0.1 0scan.com*-*This website is for sale!*-*0scan Resources and Information.
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 1000gratisproben.com*-*This website is for sale!*-*1000gratisproben Resources and Information.
    127.0.0.1 1001namen.com
    127.0.0.1 404 Not Found
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sex links Resources and Information.
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 Gadgets And More
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info

    There are 1000 more lines.


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0C40E1FD-B0A3-4851-96A5-33418CDC96FA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
    Task: {44DCEA3F-C3DB-4522-B017-D36DC2C1894D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
    Task: {5FD0B8AF-A380-4498-9874-A6871E887FF5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-23] (Avast Software s.r.o.)
    Task: {7F0775AE-DF0C-475C-8101-82628A04B75C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {82EF410C-BB9E-4E5D-96D9-60484D565DCA} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2012-10-26] (CyberLink)
    Task: {9F1D62CC-AC2A-4247-8554-C11D510A0493} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
    Task: {B2A3E12C-0DF1-46DF-AFE4-21AB4FA2E4CD} - System32\Tasks\{F1F9E6CA-6117-4E85-98D6-0D35134F53BE} => pcalua.exe -a C:\Users\Herb\Downloads\Vistawall-OldCastle-v15.exe -d C:\Users\Herb\Downloads
    Task: {BFBEF902-7ADC-4A61-8D26-7B7A154C6DE3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {DAB75F4C-DD5C-4785-9809-04A4D5A7BBB9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
    Task: {E631B780-04DD-46C3-A8D9-1CECE540646C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
    Task: {F71BF47C-4A4C-4289-82C6-A9FD61FB999B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    First
    Please remove this program from your programs an features list, Start > Control panel > Programs an features. In the list find the program listed below and uninstall it.
    • Ad-Aware Antivirus


    What browser did the FBI Window pop up in ?

  9. #9
    Member
    Join Date
    May 2015
    Posts
    76
    Points
    0

    Default

    Removed Ad-aware and I use Chrome.

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Not seeing the FBI Virus.

    Please carry on with instructions

    A few items to fix

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.

    Code:
    start
    CloseProcesses:
    CreateRestorePoint:
    HKLM\...\Run: [] => [X]
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: H - H:\LaunchU3.exe -a
    HKU\S-1-5-21-57612297-3157999027-2505413976-1001\...\MountPoints2: {25fcc4e1-02ea-11e3-9780-6431508a79d6} - H:\PhotoViewer.exe
    SearchScopes: HKLM -> DefaultScope value is missing
    S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
    S4 LMIRfsClientNP; No ImagePath
    C:\Users\Herb\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm3shxz.dll
    C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
    C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
    C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
    C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
    C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
    C:\Program Files\Lavasoft
    R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
    R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
    R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
    C:\Users\Herb\AppData\Roaming\Lavasoft
    C:\Program Files\Common Files\Lavasoft
    C:\ProgramData\Lavasoft
    C:\Users\Herb\Downloads\Adaware_Installer.exe
    Ad-Aware Web Companion (Version: 2.0.1013.2086 - Lavasoft) Hidden
    AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
    AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe /Automation No File
    CustomCLSID: HKU\S-1-5-21-57612297-3157999027-2505413976-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe No File
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    RemoveProxy:
    hosts:
    Emptytemp:
    Click Format and ensure Wordwrap is unchecked.
    Save as Fixlist.txt to your Desktop (Must be in this location)
    Run FRST/FRST64 and press the Fix button just once and wait.
    If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the logfile button and the log will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.[/*]
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner


    Next

    Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    In your next reply post;

    • Fixlog.txt
    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log


    Thanks
    Joe

Page 1 of 4 123 ... LastLast