While waiting for a response, I was able to run ADW Cleaner and Avast Browser Cleanup. This seemed to take care of the problem. However, when I saw your response, I ran the two tools that you mentioned. The text files are below.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 7 Professional x86
Ran by OMBLG on Mon 04/13/2015 at 7:40:19.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\browserpluginhelper
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\flexnet"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 04/13/2015 at 7:42:04.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-04-2015
Ran by OMBLG (administrator) on OMJHM-3GC6BP1 on 13-04-2015 07:43:38
Running from C:\Users\omblg\Downloads
Loaded Profiles: OMBLG (Available profiles: OXBBKP & OMJKE & OMBLG & OMTJH & OMJHM & OMDAS & OMSDW & WPMDK & COCRP & WPJEM & Administrator)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(DameWare Development LLC) C:\Windows\System32\DWRCS.EXE
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(DameWare Development) C:\Windows\System32\DWRCST.EXE
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Intel Corporation) C:\Program Files\Intel\AMT\lms.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [OfficeScanNT Monitor] => C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe [702072 2007-05-07] (Trend Micro Inc.)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2014-10-31] (LogMeIn, Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Player\DelayPluginI.exe
HKLM\...\Run: [DameWare MRC Agent] => C:\Windows\system32\DWRCST.exe [78848 2009-02-04] (DameWare Development)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist Corporate\1055\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-2090123917-190833012-3475663718-1662\...\Run: [AnyDVD] => C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-01-15] (SlySoft, Inc.)
HKU\S-1-5-21-2090123917-190833012-3475663718-1662\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4617600 2012-01-20] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2090123917-190833012-3475663718-1662\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-2090123917-190833012-3475663718-1662\...\MountPoints2: {235d9465-bdc2-11e4-b72e-bc305bd13ea7} - E:\LaunchU3.exe -a
Startup: C:\Users\omblg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizer.lnk
ShortcutTarget: SuperOptimizer.lnk -> C:\ProgramData\{3bd42a53-4d84-2f8f-3bd4-42a534d8a94d}\SuperOptimizer.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2090123917-190833012-3475663718-1662\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2090123917-190833012-3475663718-1662\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2090123917-190833012-3475663718-1662\Software\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/USREL/1
HKU\S-1-5-21-2090123917-190833012-3475663718-1662\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USREL/1
SearchScopes: HKLM -> {E35F80B1-62BC-4064-A7AE-E6F8F8F8C32B} URL = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2090123917-190833012-3475663718-1662 -> {E35F80B1-62BC-4064-A7AE-E6F8F8F8C32B} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-27] (Sun Microsystems, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-27] (Sun Microsystems, Inc.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
DPF: {00134F72-5284-44F7-95A8-52A619F70751}
https://boctmc.oxbow.com:4343/officescan/console/html/ClientInstall/WinNTChk.cab
DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B}
https://boctmc.oxbow.com:4343/officescan/console/html/ClientInstall/setup.cab
DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA}
http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4}
https://boctmc.oxbow.com:4343/officescan/console/html/root/AtxEnc.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://akamaicdn.webex.com/client/WBXclient-T27L10NSP28EP2-12243/event/ieatgpc1.cab
Handler: WSIEChrome - No CLSID Value - []
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 10.253.68.30 10.5.2.39
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 -> C:\Windows\system32\npdeployJava1.dll [2012-04-27] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-04-27] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-2090123917-190833012-3475663718-1662: @citrixonline.com/appdetectorplugin -> C:\Users\omblg\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-11-13] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Users\omblg\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-12-10] (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\omblg\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\omblg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-11]
CHR Extension: (Google Drive) - C:\Users\omblg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-11]
CHR Extension: (YouTube) - C:\Users\omblg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-11]
CHR Extension: (Google Search) - C:\Users\omblg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-11]
CHR Extension: (Cisco WebEx Extension) - C:\Users\omblg\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2014-12-10]
CHR Extension: (Google Wallet) - C:\Users\omblg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-11]
CHR Extension: (Gmail) - C:\Users\omblg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-11]
CHR HKLM\...\Chrome\Extension: [nedmkhahhppfofnniinaggmabnngddjk] - C:\Program Files\LinkiDoo\nedmkhahhppfofnniinaggmabnngddjk.crx [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 DWMRCS; C:\Windows\SYSTEM32\DWRCS.EXE [234496 2009-02-04] (DameWare Development LLC) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-04-12] (Flexera Software, Inc.)
S3 GoToAssist; C:\Program Files\Citrix\GoToAssist Corporate\1055\G2AC_Service.exe [309568 2014-11-13] (Citrix Online, a division of Citrix Systems, Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2012-02-08] (Hewlett-Packard) [File not signed]
S2 ntrtscan; C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe [771704 2007-05-07] (Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2012-02-08] (Hewlett-Packard) [File not signed]
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S2 tmlisten; C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe [796280 2007-05-07] (Trend Micro Inc.)
S2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2071064 2010-05-21] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [136488 2014-12-23] (SlySoft, Inc.)
R3 DwMirror; C:\Windows\System32\DRIVERS\DamewareMini.sys [3712 2007-02-07] (DameWare Development, LLC)
R1 dwvkbd; C:\Windows\System32\DRIVERS\dwvkbd.sys [26624 2007-02-15] (DameWare)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 NAL; C:\Windows\system32\Drivers\iqvw32.sys [30880 2010-02-03] (Intel Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 TmFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys [205328 2008-05-02] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys [36368 2008-05-02] (Trend Micro Inc.)
S2 VSApiNt; C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys [1169240 2008-05-02] (Trend Micro Inc.)
S4 LMIRfsClientNP; No ImagePath
S0 PBADRV; system32\DRIVERS\PBADRV.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-13 07:43 - 2015-04-13 07:44 - 00018535 _____ () C:\Users\omblg\Downloads\FRST.txt
2015-04-13 07:43 - 2015-04-13 07:43 - 01135616 _____ (Farbar) C:\Users\omblg\Downloads\FRST.exe
2015-04-13 07:43 - 2015-04-13 07:43 - 00000000 ____D () C:\FRST
2015-04-13 07:42 - 2015-04-13 07:42 - 00000820 _____ () C:\Users\omblg\Desktop\JRT.txt
2015-04-13 07:40 - 2015-04-13 07:40 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OMJHM-3GC6BP1-Windows-7-Professional-(32-bit).dat
2015-04-13 07:40 - 2015-04-13 07:40 - 00000000 ____D () C:\RegBackup
2015-04-13 07:34 - 2015-04-13 07:34 - 02686959 _____ (Thisisu) C:\Users\omblg\Downloads\JRT.exe
2015-04-10 13:57 - 2015-04-10 13:57 - 00509440 _____ (Tech Support Guy System) C:\Users\omblg\Downloads\SysInfo.exe
2015-04-10 13:05 - 2015-04-10 13:05 - 00000000 ____D () C:\ProgramData\New folder
2015-04-10 10:02 - 2015-04-13 06:12 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-10 10:02 - 2015-04-10 10:02 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-10 10:02 - 2015-04-10 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-10 10:02 - 2015-04-10 10:02 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-10 10:02 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-10 10:02 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-10 09:59 - 2015-04-10 10:02 - 00000000 ____D () C:\Users\omblg\AppData\Roaming\Malwarebytes
2015-04-10 09:59 - 2015-04-10 09:59 - 00000000 ____D () C:\Users\omblg\AppData\Roaming\SUPERAntiSpyware.com
2015-04-10 09:58 - 2015-04-10 10:02 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-04-10 09:58 - 2015-04-10 09:59 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-04-10 09:58 - 2015-04-10 09:58 - 00001963 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-04-10 09:58 - 2015-04-10 09:58 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-04-10 09:58 - 2015-04-10 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-04-10 09:58 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-10 07:36 - 2015-04-10 12:44 - 00000020 _____ () C:\Users\omblg\AppData\Roaming\appdataFr3.bin
2015-04-09 03:38 - 2015-04-09 03:38 - 00000000 ____D () C:\Program Files\TransferBigFilescom Gmail Extension
2015-04-04 03:00 - 2015-04-04 03:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-31 08:03 - 2015-03-31 08:04 - 05761024 _____ () C:\Users\omblg\Downloads\SafetyTargetFall Protection2008.ppt
2015-03-31 07:57 - 2015-03-31 07:57 - 00000291 _____ () C:\Users\omblg\Downloads\fallprotect.wvx
2015-03-31 07:54 - 2015-03-31 07:54 - 00000266 _____ () C:\Users\omblg\Downloads\tieoff.wvx
2015-03-27 09:04 - 2015-03-27 09:04 - 01126489 _____ () C:\Users\omblg\Documents\Map 5 TCC.bak
2015-03-27 07:46 - 2015-03-27 09:58 - 01181016 _____ () C:\Users\omblg\Documents\Map 5 TCC.dwg
2015-03-25 00:06 - 2015-03-10 21:30 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 00:06 - 2015-03-10 21:30 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 00:06 - 2015-03-10 21:29 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 00:06 - 2015-03-10 21:29 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 00:06 - 2015-03-10 21:29 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 00:06 - 2015-03-10 21:29 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 00:06 - 2015-03-10 21:29 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 00:06 - 2015-03-10 21:26 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 11:56 - 2015-03-24 11:56 - 00009489 _____ () C:\Users\omblg\Downloads\Schedule43231-ALLCLUBHOMEExport.xls
2015-03-20 13:35 - 2015-03-20 13:35 - 00026788 _____ () C:\Users\omblg\Downloads\Schedule43232-ALLCLUBHOMEExport (4).xls
2015-03-20 08:17 - 2015-03-20 08:17 - 00000000 ____D () C:\Users\omblg\AppData\Roaming\Serif
2015-03-20 08:09 - 2015-03-20 08:09 - 00002507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PhotoPlus Starter Edition.lnk
2015-03-20 08:09 - 2015-03-20 08:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications
2015-03-20 08:09 - 2015-03-20 08:09 - 00000000 ____D () C:\Program Files\Serif
2015-03-20 08:09 - 2015-03-20 08:09 - 00000000 ____D () C:\Program Files\Common Files\MSSoap
2015-03-20 08:05 - 2015-03-20 08:05 - 118250544 _____ (Serif (Europe) Ltd.,
[email protected]) C:\Users\omblg\Downloads\ESDPK-HLX5-PhotoPlusSE_Downloader_Setup-EN-irnsrc3.exe
2015-03-20 08:05 - 2015-03-20 08:05 - 00000000 ____D () C:\Users\omblg\AppData\Roaming\0S1P1C1L1O
2015-03-20 07:59 - 2015-03-20 08:16 - 00000000 ____D () C:\ProgramData\{3bd42a53-4d84-2f8f-3bd4-42a534d8a94d}
2015-03-20 07:57 - 2015-03-20 07:58 - 00842296 _____ ( ) C:\Users\omblg\Downloads\HLX5-PhotoPlus-SE-Installer-EN.exe
2015-03-19 11:22 - 2015-03-19 11:22 - 00026752 _____ () C:\Users\omblg\Downloads\Schedule43232-ALLCLUBHOMEExport (3).xls
2015-03-17 15:36 - 2015-03-17 15:36 - 00026066 _____ () C:\Users\omblg\Downloads\Schedule43232-ALLCLUBHOMEExport (2).xls
2015-03-17 09:24 - 2015-03-17 09:24 - 00025887 _____ () C:\Users\omblg\Downloads\Schedule43232-ALLCLUBHOMEExport (1).xls
2015-03-16 10:43 - 2015-03-16 10:43 - 00025887 _____ () C:\Users\omblg\Downloads\Schedule43232-ALLCLUBHOMEExport.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-13 07:19 - 2014-01-07 09:36 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 07:17 - 2009-07-13 22:55 - 02045268 _____ () C:\Windows\WindowsUpdate.log
2015-04-13 05:56 - 2011-02-01 14:51 - 00000112 _____ () C:\Windows\system32\config\netlogon.ftl
2015-04-13 04:53 - 2013-01-28 13:10 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-04-13 00:19 - 2014-01-07 09:36 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-12 11:01 - 2009-07-13 22:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-12 11:01 - 2009-07-13 22:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-10 14:40 - 2011-01-25 17:50 - 00797150 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-10 14:37 - 2015-01-21 12:16 - 00000125 ___SH () C:\ProgramData\.zreglib
2015-04-10 14:36 - 2014-11-13 11:30 - 00000976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-04-10 14:36 - 2014-11-13 11:30 - 00000960 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-04-10 14:35 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-10 14:35 - 2009-07-13 22:39 - 00046618 _____ () C:\Windows\setupact.log
2015-04-10 14:34 - 2012-09-22 03:18 - 00009506 _____ () C:\Windows\TMFilter.log
2015-04-10 13:11 - 2011-01-25 19:40 - 00215384 _____ () C:\Windows\PFRO.log
2015-04-10 12:59 - 2014-11-13 11:31 - 00000000 ____D () C:\Users\omblg\AppData\Local\LogMeInIgnition
2015-04-10 11:54 - 2014-06-11 09:53 - 00000000 ____D () C:\Users\omblg\AppData\Roaming\Real
2015-04-10 11:54 - 2014-01-07 09:32 - 00000000 ____D () C:\ProgramData\Real
2015-04-10 09:58 - 2012-08-30 11:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-10 09:47 - 2013-01-28 13:10 - 00000000 ____D () C:\Program Files\LogMeIn
2015-04-06 13:46 - 2014-11-11 09:50 - 00000000 ____D () C:\Users\omblg\Documents\Personal
2015-04-03 10:20 - 2014-01-07 09:37 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-02 15:51 - 2014-12-18 16:58 - 00000931 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-02 15:51 - 2014-12-18 16:58 - 00000919 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-02 15:51 - 2014-12-18 16:58 - 00000000 ____D () C:\Program Files\TeamViewer
2015-03-30 18:41 - 2012-05-01 08:50 - 00010932 __RSH () C:\Users\omblg\ntuser.pol
2015-03-30 18:41 - 2012-05-01 08:50 - 00000000 ____D () C:\Users\omblg
2015-03-28 03:35 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-03-28 03:24 - 2014-11-11 10:18 - 00000000 ____D () C:\Users\omblg\AppData\Roaming\TeamViewer
2015-03-27 09:59 - 2014-11-11 09:41 - 00001589 _____ () C:\Users\omblg\Documents\plot.log
2015-03-25 03:15 - 2014-12-11 04:35 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 03:15 - 2014-09-02 13:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-24 13:01 - 2015-03-02 10:48 - 00000000 ____D () C:\Users\omblg\AppData\Local\WinZip
==================== Files in the root of some directories =======
2015-04-10 07:36 - 2015-04-10 12:44 - 0000020 _____ () C:\Users\omblg\AppData\Roaming\appdataFr3.bin
2015-01-21 12:16 - 2015-04-10 14:37 - 0000125 ___SH () C:\ProgramData\.zreglib
2012-04-12 10:09 - 2012-04-12 10:09 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
ZeroAccess:
C:\Windows\Installer\{36e98b7d-841b-f0c5-0ecb-4d9390dd1f73}
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2090123917-190833012-3475663718-1672\$36e98b7d841bf0c50ecb4d9390dd1f73
ZeroAccess:
C:\Users\omjhm\AppData\Local\{36e98b7d-841b-f0c5-0ecb-4d9390dd1f73}
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\MSN8CB6.exe
C:\Users\omblg\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\omblg\AppData\Local\Temp\Quarantine.exe
C:\Users\omblg\AppData\Local\Temp\sqlite3.dll
C:\Users\omblg\AppData\Local\Temp\supoptsetup.exe
C:\Users\omjhm\AppData\Local\Temp\2jfuweif.exe
C:\Users\omjhm\AppData\Local\Temp\AcDeltree.exe
C:\Users\omjhm\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\omjhm\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\omjhm\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\omjhm\AppData\Local\Temp\lowproc.exe
C:\Users\omjhm\AppData\Local\Temp\nss1723.tmp.tbProd.dll
C:\Users\omjhm\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\omjhm\AppData\Local\Temp\setup.exe
C:\Users\omjhm\AppData\Local\Temp\stubhelper.dll
C:\Users\omjke\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
LastRegBack: 2015-04-04 00:10
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-04-2015
Ran by OMBLG at 2015-04-13 07:44:19
Running from C:\Users\omblg\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 13.1.1 - Hewlett-Packard) Hidden
Adobe Acrobat 9 Standard (HKLM\...\{AC76BA86-1033-0000-BA7E-000000000004}{AC76BA86-1033-0000-BA7E-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.5.7.0 - SlySoft)
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
BioAPI Framework (HKLM\...\{AF7E4468-E364-4991-BC2A-6E8293E1055B}) (Version: 1.0.1 - Dell Inc.)
Brother's Keeper 6.6 (HKLM\...\Brother's Keeper 6.6) (Version: - )
Citrix Online Launcher (HKLM\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix)
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 13.0.0.6685 - Citrix Systems, Inc.)
CloneDVD2 (HKLM\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Earth Pro (HKLM\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GoToAssist Corporate (HKLM\...\GoToAssist) (Version: 11.1.0.1055 - Citrix Online, a division of Citrix Systems, Inc.)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Network Connections 15.2.89.0 (HKLM\...\PROSetDX) (Version: 15.2.89.0 - Dell)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Java(TM) 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
LogMeIn (HKLM\...\{F93EE340-3735-4032-8B74-0A3E489017A0}) (Version: 4.1.4670 - LogMeIn, Inc.)
MacX DVD Ripper Pro For Windows 7.6.4 (HKLM\...\MacX DVD Ripper Pro For Windows_is1) (Version: - Digiarty Software, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.00 - NVIDIA Corporation)
Online Plug-in (Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
PhotoPlus Starter Edition Packages (HKU\S-1-5-21-2090123917-190833012-3475663718-1662\...\PhotoPlus Starter Edition Packages) (Version: - ) <==== ATTENTION
PhotoShowExpress (Version: 2.0.028 - Sonic Solutions) Hidden
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
Serif PhotoPlus Starter Edition 3 (HKLM\...\{5DF61899-B4D4-4CD5-9F3D-78ADBBF7DC2A}) (Version: 3.0.0.008 - Serif (Europe) Ltd)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1144 - SUPERAntiSpyware.com)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Trend Micro OfficeScan Client (HKLM\...\OfficeScanNT) (Version: - )
UPEK TouchChip Fingerprint Reader (HKLM\...\{0003C1E0-E0E7-49BB-A0F6-4AE6D2B09202}) (Version: 1.2.0 - Dell Inc.)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinX DVD Ripper 5.6.0 (HKLM\...\WinX DVD Ripper_is1) (Version: - Digiarty Software, Inc.)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E6}) (Version: 19.0.11294 - WinZip Computing, S.L. )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2090123917-190833012-3475663718-1662_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2090123917-190833012-3475663718-1662_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2090123917-190833012-3475663718-1662_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
==================== Restore Points =========================
20-03-2015 08:07:44 Installed Serif PhotoPlus Starter Edition 3
24-03-2015 02:49:33 Windows Update
25-03-2015 03:00:12 Windows Update
28-03-2015 03:00:15 Windows Update
03-04-2015 02:21:23 Windows Update
04-04-2015 03:00:14 Windows Update
10-04-2015 02:21:24 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:04 - 2009-06-10 15:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {008054AE-2332-44E0-BE3D-744397CC4B5D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2090123917-190833012-3475663718-1672 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1CEE4AD7-8D30-4CBD-8369-9B3935C3D895} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {43265A3B-0499-4C9D-8E7C-1FD181FF329E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2090123917-190833012-3475663718-1672 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5E120666-5FC4-4301-8DCF-20DCD0C8CD83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-07] (Google Inc.)
Task: {941965E3-99E4-4802-8484-9F8491FEB683} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {A51F6398-EA19-40C8-9395-B7E2FDE9E4D6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {EF6DD827-A1D8-4ED2-9CCE-C8C2D0934E20} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F753EA49-C9D6-4067-8DE0-DE6838BD44EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-07] (Google Inc.)
Task: {FBE29A8D-9157-4F2B-B5F1-B0CFA497D7E8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-04-03 10:20 - 2015-03-30 15:07 - 01174856 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-03 10:20 - 2015-03-30 15:07 - 00080200 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-03 10:20 - 2015-03-30 15:07 - 09279304 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows\system32\Drivers\ahbnlgvg.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\alscwwjs.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\avoxiuxj.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\avvqdonk.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\blqjrscj.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\bnmenzpg.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\ccwetpxz.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\dnerbkmo.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\dxibwdgd.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\evlxjdri.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\gfbgcafy.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\ggzzfdsn.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\gmdtuoma.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\gnwomxjv.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\gwwubkmd.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\hmahlzmv.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\ibgasucc.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\ikynyidu.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\iselpbvz.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\iwudvajj.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\jghacamt.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\jhnekwke.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\jhphdzpd.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\jkcmglai.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\kyyqjank.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\lcaczqhl.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\lusiyczm.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\mdntzmig.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\momznddd.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\ngojzaur.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\niajyyjh.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\nvqtzzir.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\osbqvzpv.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\phpvrlpv.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\piqahlxj.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\pjaebock.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\pkhfbcse.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\pnyxknhr.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qizvxbue.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qjrwcusk.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qnbvwjxh.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qvtmlsgj.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\revtgjhv.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\rhvbkcwn.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\rszqyoee.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\rwhlhlfg.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\sthwhxox.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\tritubnu.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\ttsxiznr.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\urlvnbxz.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\urxncmjn.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\vgjhcrdu.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\vsnenzwp.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\vugfarqv.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\vuuicamr.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\wfhncouo.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\wjryhzhd.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\wqgfpuzu.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xkrjamou.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xoatwmzi.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xzjvaiwv.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\ysuxhghn.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\zeeweeth.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\zmaumofr.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\zsisnyoc.sys:changelist
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2090123917-190833012-3475663718-1662\Control Panel\Desktop\\Wallpaper -> C:\Users\omblg\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.253.68.30 - 10.5.2.39
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: DameWare MRC Agent => C:\Windows\system32\DWRCST.exe
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: picon => "C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe" -startup
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-319076873-3345597711-2242175296-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-319076873-3345597711-2242175296-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 39%
Total physical RAM: 3709.59 MB
Available physical RAM: 2247.82 MB
Total Pagefile: 7417.48 MB
Available Pagefile: 5798.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.57 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:232.06 GB) (Free:94.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.8 GB) (Disk ID: 77E3ED41)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=750 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================