I downloaded new version and it wouldn't update but it could have already been the current version so I didn't think that much of it. It did run the scan and create the logs but when I clicked on fix a pop up said the fix file wasn't found. I created a new folder just for this program and the logs were there so I will post them, I may have to make 2 posts to include it all.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2018 01
Ran by Cableman (administrator) on CABLEMAN-PC (14-06-2018 21:20:57)
Running from C:\Users\Cableman\Desktop\Fabar Tool
Loaded Profiles: Cableman (Available Profiles: Cableman)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Logitech Inc.) E:\program Files\LWS\Webcam Software\LWS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() E:\program Files\LWS\Webcam Software\CameraHelperShell.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LWS] => E:\program Files\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKU\S-1-5-21-472246324-4182351025-1742220698-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-01-21] (Siber Systems)
HKU\S-1-5-21-472246324-4182351025-1742220698-1000\...\Run: [GoogleChromeAutoLaunch_120C8E25DCD7D41020BE63147FD61AA0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-05-14] (Google Inc.)
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{556A0634-C59C-448B-8E03-E2392A335438}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55D76FDF-660D-4311-80DF-7F798AE0F150}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-472246324-4182351025-1742220698-1000 -> DefaultScope {271CD41F-B832-471F-8225-FC01F8ED3721} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-472246324-4182351025-1742220698-1000 -> {271CD41F-B832-471F-8225-FC01F8ED3721} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-21] (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-27] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-27] (Oracle Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-01-21] (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-21] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-01-21] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-472246324-4182351025-1742220698-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-21] (Siber Systems Inc.)
FireFox:
========
FF DefaultProfile: orqz79o3.default-1479538638542-1528069793611
FF DefaultProfile: cableman@bellsouth.net
FF ProfilePath: C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611 [2018-06-14]
FF user.js: detected! => C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\user.js [2018-06-14]
FF NetworkProxy: Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611 -> type", 0
FF Extension: (AdBlocker Ultimate) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\Extensions\adblockultimate@adblockultimate.net.xpi [2018-06-14]
FF Extension: (RoboForm Password Manager) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\Extensions\rf-firefox@siber.com.xpi [2018-06-06]
FF Extension: (Ad-Blocker) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\Extensions\{b89efd87-232e-4829-87d2-22148919d72f}.xpi [2018-06-06]
FF Extension: (Adblock Plus) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-14]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\features\{653fd210-8bf6-4d79-85a1-5bfabda0e2f4}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-06-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-23] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
StartMenuInternet: Firefox-C781389E15BFD1A7 - E:\program Files\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/webhp?source=search_app"
CHR NewTab: Default -> Active:"chrome-extension://ohdphinnjkbfgimbcpdjdigbbkmngcge/newtab.html"
CHR Profile: C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default [2018-06-14]
CHR Extension: (Slides) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-05]
CHR Extension: (YouTube) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Google Search) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-23]
CHR Extension: (Sheets) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-28]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-10]
CHR Extension: (filmsApp Search) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpecgipllfoebemnlokpldficknlfbcp [2017-09-27]
CHR Extension: (SearchLock) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdpgmeoacdoadgannnoajmnbodcfmbn [2018-06-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (SearchLock Tab) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdphinnjkbfgimbcpdjdigbbkmngcge [2017-09-27]
CHR Extension: (Gmail) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-16]
CHR Extension: (Chrome Media Router) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-13]
CHR Extension: (RoboForm Password Manager) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2018-04-24]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2018-01-21]
CHR HKU\S-1-5-21-472246324-4182351025-1742220698-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2018-01-21]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2195280 2018-06-07] (Bitdefender)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
S4 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2072896 2011-10-12] (TuneUp Software)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [239400 2018-06-07] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [239400 2018-06-07] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [239400 2018-06-07] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 atc; C:\Windows\System32\DRIVERS\atc.sys [1283464 2018-06-07] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1723552 2018-05-13] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
R0 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [152648 2018-05-13] (Bitdefender)
R3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [246064 2018-05-13] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\Windows\System32\drivers\gzflt.sys [189544 2018-05-13] (BitDefender LLC)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2016-09-21] (The OpenVPN Project)
R2 trufos; C:\Windows\System32\drivers\trufos.sys [607640 2018-05-13] (Bitdefender)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-09-22] (TuneUp Software)
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-08-10] ()
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-08-10] ()
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-08-10] ()
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-14 21:19 - 2018-06-14 21:20 - 000000000 ____D C:\Users\Cableman\Desktop\Fabar Tool
2018-06-14 21:02 - 2018-06-14 21:18 - 000040160 _____ C:\Users\Cableman\Desktop\Addition.txt
2018-06-14 21:01 - 2018-06-14 21:18 - 000024978 _____ C:\Users\Cableman\Desktop\FRST.txt
2018-06-14 20:38 - 2018-06-14 20:38 - 000007605 _____ C:\Users\Cableman\AppData\Local\Resmon.ResmonCfg
2018-06-11 09:53 - 2018-06-11 09:53 - 000000000 ____D C:\MFT 175238
2018-06-11 09:40 - 2018-06-11 09:40 - 000000000 ____D C:\MFT 486
2018-06-11 04:43 - 2018-06-11 04:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-06 19:45 - 2018-06-06 19:45 - 000000000 ____D C:\Program Files\Common Files\Avast Software
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-14 21:20 - 2018-01-13 18:54 - 000000000 ____D C:\FRST
2018-06-14 21:20 - 2017-02-16 15:49 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2018-06-14 21:00 - 2016-11-20 09:07 - 000000000 ____D C:\Users\Cableman\AppData\LocalLow\Mozilla
2018-06-14 04:39 - 2009-07-14 00:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-14 04:39 - 2009-07-14 00:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-13 21:38 - 2017-05-28 15:20 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 21:38 - 2017-05-28 15:20 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-13 02:03 - 2018-05-08 01:04 - 000000000 ____D C:\Users\Cableman\Desktop\Black Powder Facts & Tips
2018-06-13 02:00 - 2014-11-05 06:18 - 000000000 ____D C:\Users\Cableman\AppData\Local\Adobe
2018-06-11 14:27 - 2009-07-14 01:13 - 000796254 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-11 14:27 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2018-06-11 14:22 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-11 14:21 - 2017-05-28 15:19 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-11 14:21 - 2017-05-28 15:19 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-11 11:39 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-11 09:16 - 2014-11-04 18:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-11 04:43 - 2017-10-16 09:23 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-11 04:43 - 2017-10-16 09:23 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-06-11 04:43 - 2017-10-16 09:23 - 000000866 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk~RF3d9b7be.TMP
2018-06-10 10:46 - 2018-04-06 01:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-06-10 10:46 - 2015-12-03 17:47 - 000000000 ____D C:\Program Files\Common Files\AV
2018-06-07 04:14 - 2017-06-23 11:02 - 001283464 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2018-06-06 22:32 - 2016-07-06 22:33 - 000000406 _____ C:\Windows\Tasks\EasyShare Registration Task.job
2018-06-06 19:45 - 2015-12-03 17:47 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-06-05 18:12 - 2016-02-25 01:23 - 000000000 ____D C:\Users\Cableman\AppData\Local\Microsoft Games
2018-06-03 19:49 - 2014-12-03 04:34 - 000000000 ____D C:\Users\Cableman\Desktop\Old Firefox Data
2018-06-03 06:56 - 2014-12-09 23:03 - 000000000 ____D C:\Users\Cableman\AppData\Local\ElevatedDiagnostics
2018-05-26 02:42 - 2015-02-08 15:37 - 000007891 _____ C:\Windows\BRRBCOM.INI
2018-05-22 14:17 - 2017-11-04 14:28 - 000000000 ____D C:\Users\Cableman\Desktop\Soldiers Inc
2018-05-19 01:17 - 2015-07-17 08:36 - 000000000 ____D C:\Users\Cableman\AppData\Local\CrashDumps
2018-05-15 13:24 - 2017-10-16 08:54 - 000004486 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-05-15 13:24 - 2014-11-05 06:21 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-15 13:24 - 2014-11-05 06:21 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-15 13:24 - 2014-11-05 06:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-15 13:24 - 2014-11-05 06:21 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2018-06-14 20:38 - 2018-06-14 20:38 - 000007605 _____ () C:\Users\Cableman\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-07 06:00
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2018 01
Ran by Cableman (administrator) on CABLEMAN-PC (14-06-2018 21:20:57)
Running from C:\Users\Cableman\Desktop\Fabar Tool
Loaded Profiles: Cableman (Available Profiles: Cableman)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Logitech Inc.) E:\program Files\LWS\Webcam Software\LWS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() E:\program Files\LWS\Webcam Software\CameraHelperShell.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LWS] => E:\program Files\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKU\S-1-5-21-472246324-4182351025-1742220698-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-01-21] (Siber Systems)
HKU\S-1-5-21-472246324-4182351025-1742220698-1000\...\Run: [GoogleChromeAutoLaunch_120C8E25DCD7D41020BE63147FD61AA0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-05-14] (Google Inc.)
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{556A0634-C59C-448B-8E03-E2392A335438}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55D76FDF-660D-4311-80DF-7F798AE0F150}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-472246324-4182351025-1742220698-1000 -> DefaultScope {271CD41F-B832-471F-8225-FC01F8ED3721} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-472246324-4182351025-1742220698-1000 -> {271CD41F-B832-471F-8225-FC01F8ED3721} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-21] (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-27] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-27] (Oracle Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-01-21] (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-21] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-01-21] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-472246324-4182351025-1742220698-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-01-21] (Siber Systems Inc.)
FireFox:
========
FF DefaultProfile: orqz79o3.default-1479538638542-1528069793611
FF DefaultProfile: cableman@bellsouth.net
FF ProfilePath: C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611 [2018-06-14]
FF user.js: detected! => C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\user.js [2018-06-14]
FF NetworkProxy: Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611 -> type", 0
FF Extension: (AdBlocker Ultimate) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\Extensions\adblockultimate@adblockultimate.net.xpi [2018-06-14]
FF Extension: (RoboForm Password Manager) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\Extensions\rf-firefox@siber.com.xpi [2018-06-06]
FF Extension: (Ad-Blocker) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\Extensions\{b89efd87-232e-4829-87d2-22148919d72f}.xpi [2018-06-06]
FF Extension: (Adblock Plus) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-06-14]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\Cableman\AppData\Roaming\Mozilla\Firefox\Profiles\orqz79o3.default-1479538638542-1528069793611\features\{653fd210-8bf6-4d79-85a1-5bfabda0e2f4}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-06-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-23] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
StartMenuInternet: Firefox-C781389E15BFD1A7 - E:\program Files\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/webhp?source=search_app"
CHR NewTab: Default -> Active:"chrome-extension://ohdphinnjkbfgimbcpdjdigbbkmngcge/newtab.html"
CHR Profile: C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default [2018-06-14]
CHR Extension: (Slides) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-05]
CHR Extension: (YouTube) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Google Search) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-23]
CHR Extension: (Sheets) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-28]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-06-10]
CHR Extension: (filmsApp Search) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpecgipllfoebemnlokpldficknlfbcp [2017-09-27]
CHR Extension: (SearchLock) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdpgmeoacdoadgannnoajmnbodcfmbn [2018-06-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (SearchLock Tab) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdphinnjkbfgimbcpdjdigbbkmngcge [2017-09-27]
CHR Extension: (Gmail) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-16]
CHR Extension: (Chrome Media Router) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-13]
CHR Extension: (RoboForm Password Manager) - C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2018-04-24]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2018-01-21]
CHR HKU\S-1-5-21-472246324-4182351025-1742220698-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2018-01-21]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2195280 2018-06-07] (Bitdefender)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
S4 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2072896 2011-10-12] (TuneUp Software)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [239400 2018-06-07] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [239400 2018-06-07] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [239400 2018-06-07] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 atc; C:\Windows\System32\DRIVERS\atc.sys [1283464 2018-06-07] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1723552 2018-05-13] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
R0 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [152648 2018-05-13] (Bitdefender)
R3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [246064 2018-05-13] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\Windows\System32\drivers\gzflt.sys [189544 2018-05-13] (BitDefender LLC)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2016-09-21] (The OpenVPN Project)
R2 trufos; C:\Windows\System32\drivers\trufos.sys [607640 2018-05-13] (Bitdefender)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-09-22] (TuneUp Software)
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-08-10] ()
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-08-10] ()
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-08-10] ()
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-14 21:19 - 2018-06-14 21:20 - 000000000 ____D C:\Users\Cableman\Desktop\Fabar Tool
2018-06-14 21:02 - 2018-06-14 21:18 - 000040160 _____ C:\Users\Cableman\Desktop\Addition.txt
2018-06-14 21:01 - 2018-06-14 21:18 - 000024978 _____ C:\Users\Cableman\Desktop\FRST.txt
2018-06-14 20:38 - 2018-06-14 20:38 - 000007605 _____ C:\Users\Cableman\AppData\Local\Resmon.ResmonCfg
2018-06-11 09:53 - 2018-06-11 09:53 - 000000000 ____D C:\MFT 175238
2018-06-11 09:40 - 2018-06-11 09:40 - 000000000 ____D C:\MFT 486
2018-06-11 04:43 - 2018-06-11 04:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-06 19:45 - 2018-06-06 19:45 - 000000000 ____D C:\Program Files\Common Files\Avast Software
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-14 21:20 - 2018-01-13 18:54 - 000000000 ____D C:\FRST
2018-06-14 21:20 - 2017-02-16 15:49 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2018-06-14 21:00 - 2016-11-20 09:07 - 000000000 ____D C:\Users\Cableman\AppData\LocalLow\Mozilla
2018-06-14 04:39 - 2009-07-14 00:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-14 04:39 - 2009-07-14 00:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-13 21:38 - 2017-05-28 15:20 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 21:38 - 2017-05-28 15:20 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-13 02:03 - 2018-05-08 01:04 - 000000000 ____D C:\Users\Cableman\Desktop\Black Powder Facts & Tips
2018-06-13 02:00 - 2014-11-05 06:18 - 000000000 ____D C:\Users\Cableman\AppData\Local\Adobe
2018-06-11 14:27 - 2009-07-14 01:13 - 000796254 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-11 14:27 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2018-06-11 14:22 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-11 14:21 - 2017-05-28 15:19 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-11 14:21 - 2017-05-28 15:19 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-11 11:39 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-11 09:16 - 2014-11-04 18:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-11 04:43 - 2017-10-16 09:23 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-11 04:43 - 2017-10-16 09:23 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-06-11 04:43 - 2017-10-16 09:23 - 000000866 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk~RF3d9b7be.TMP
2018-06-10 10:46 - 2018-04-06 01:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-06-10 10:46 - 2015-12-03 17:47 - 000000000 ____D C:\Program Files\Common Files\AV
2018-06-07 04:14 - 2017-06-23 11:02 - 001283464 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2018-06-06 22:32 - 2016-07-06 22:33 - 000000406 _____ C:\Windows\Tasks\EasyShare Registration Task.job
2018-06-06 19:45 - 2015-12-03 17:47 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-06-05 18:12 - 2016-02-25 01:23 - 000000000 ____D C:\Users\Cableman\AppData\Local\Microsoft Games
2018-06-03 19:49 - 2014-12-03 04:34 - 000000000 ____D C:\Users\Cableman\Desktop\Old Firefox Data
2018-06-03 06:56 - 2014-12-09 23:03 - 000000000 ____D C:\Users\Cableman\AppData\Local\ElevatedDiagnostics
2018-05-26 02:42 - 2015-02-08 15:37 - 000007891 _____ C:\Windows\BRRBCOM.INI
2018-05-22 14:17 - 2017-11-04 14:28 - 000000000 ____D C:\Users\Cableman\Desktop\Soldiers Inc
2018-05-19 01:17 - 2015-07-17 08:36 - 000000000 ____D C:\Users\Cableman\AppData\Local\CrashDumps
2018-05-15 13:24 - 2017-10-16 08:54 - 000004486 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-05-15 13:24 - 2014-11-05 06:21 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-15 13:24 - 2014-11-05 06:21 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-15 13:24 - 2014-11-05 06:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-15 13:24 - 2014-11-05 06:21 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2018-06-14 20:38 - 2018-06-14 20:38 - 000007605 _____ () C:\Users\Cableman\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-07 06:00
==================== End of FRST.txt ============================