1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijacks, Redirects, Blue Screen, .. AVG and MalBytes havent touched the problem. Hlep

Discussion in 'Virus & Other Malware Removal' started by number47, Feb 16, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. number47

    number47 Thread Starter

    Joined:
    Feb 10, 2015
    Messages:
    9
    My computer is so infected at this point its taking about 10 minutes to get through poputs and redirects to post this. I have scanned with AVG and Malware bytes. the lag and redirects every time i click on anything are making mundane tasks difficulst. I could really use some help on this. This is our main computer for the house.

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz, Intel64 Family 6 Model 37 Stepping 5
    Processor Count: 4
    RAM: 3892 Mb
    Graphics Card: Intel(R) HD Graphics, 1722 Mb
    Hard Drives: C: Total - 183295 MB, Free - 81671 MB; D: Total - 273060 MB, Free - 106739 MB;
    Motherboard: SAMSUNG ELECTRONICS CO., LTD., R530/R730/R540
    Antivirus: AVG AntiVirus Free Edition 2015, Updated and Enabled
     
  2. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Hi Number47,
    OK. Let's find out what's going on.
    -------------------------------------------------------
    IF You Don't Have Firefox, get it here and install it : http://www.getfirefox.net/
    During the installation you can likely import settings from Internet Explorer if you wish.
    ---------------------------------------------------------
    Set Firefox as Default and Always Ask Where to Save Downloads
    Open Firefox, then hit the Alt key if necessary, so you can see the menu bar at the top.
    In the top menu bar, click on Tools, and select Options.
    In the new dialog window that pops up:
    Click on the General icon in the top bar, and click the radiobutton labeled "Always ask me where to save files"
    Click on the Advanced icon in the top bar.
    Click the radiobutton labeled, "Always check to see if Firefox is the Default browser on startup."
    Click OK.
    -----------------------------------------------------------
    Download and Run the Farbar Scan Tool
    • Download FRST64 and save to your Desktop.
    • Double click Frst64.exe to launch it.
    • FRST64 will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press the Scan button.
      • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
    If you lose track of them, they will be saved in the same location as FRST64.exe
    Feel free to use separate replies if it's more convenient.

    askey127
     
  3. number47

    number47 Thread Starter

    Joined:
    Feb 10, 2015
    Messages:
    9
    Thanks so much Askey. Here we go:

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
    Ran by Sean (administrator) on SEAN-PC on 16-02-2015 17:17:46
    Running from D:\BitComet Downloads
    Loaded Profiles: Sean (Available profiles: Sean)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
    (Webroot Software, Inc. ) C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe
    ( ) C:\Windows\System32\lxducoms.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    (Dropbox, Inc.) C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Webroot Software, Inc.) C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
    (Webroot Software, Inc. (www.webroot.com)) C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe
    (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
    () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
    (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
    (Webroot Software, Inc. (www.webroot.com)) C:\Program Files (x86)\Webroot\WebrootSecurity\SSU.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
    HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3089688 2013-06-27] (Logitech, Inc.)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
    HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3081752 2014-12-13] ()
    HKLM-x32\...\Run: [SpySweeper] => C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe [6515784 2009-11-06] (Webroot Software, Inc.)
    Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-05-27] (Google Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [Windows Remote Service] => C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe [173568 2013-05-24] (Banamalon)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-20] (SUPERAntiSpyware)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [Google Update] => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-10] (Google Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [Google+ Auto Backup] => "C:\Users\Sean\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [GoogleChromeAutoLaunch_4C759CBE76051A54F37D4E70F0F48AE0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\MountPoints2: {202d88f5-0a10-11e3-91cf-e811328de355} - F:\LaunchU3.exe -a
    AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll" File Not Found
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [BackupIconOverlayId] -> {2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD} => C:\Program Files (x86)\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll (SOS Online Backup)
    BootExecute: autocheck autochk * sdnclean64.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    SearchScopes: HKLM -> DefaultScope value is missing.
    SearchScopes: HKLM-x32 -> DefaultScope value is missing.
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2942724973-3254444484-952029406-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2942724973-3254444484-952029406-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={82F7583C-11EA-4CED-AD2E-0796FE35AF52}&mid=bbfebc909cad47d3a8ae395874690aa6-72e125d5b9f4faf8e788deaf6fa06fc669a45ae5&lang=en&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-13 19:48:46&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKU\S-1-5-21-2942724973-3254444484-952029406-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\sxrr0l1q.default
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2942724973-3254444484-952029406-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-2942724973-3254444484-952029406-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
    FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-07-21]
    FF HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://search.babylon.com/?affID=119351&tt=300513_new&babsrc=HP_ss_din2g&mntrId=100CE0CA9467E177
    CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.kickass.so/"
    CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
    CHR Profile: C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-22]
    CHR Extension: (Google Docs) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-22]
    CHR Extension: (Google Drive) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04]
    CHR Extension: (YouTube) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04]
    CHR Extension: (Google Cast) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-02-10]
    CHR Extension: (caplfhpahpkhhckglldpmdmjclabckhc) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\caplfhpahpkhhckglldpmdmjclabckhc [2015-01-07]
    CHR Extension: (AVG Secure Search) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-12-16]
    CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-02-10]
    CHR Extension: (Google Sheets) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-22]
    CHR Extension: (Plex) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-02-11]
    CHR Extension: (Chrome Remote Desktop) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-02-11]
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-20] (SUPERAntiSpyware.com)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
    S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
    R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe [56648 2015-02-01] (Google Inc.)
    R2 lxdu_device; C:\windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 vToolbarUpdater18.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [1850392 2014-12-13] (AVG Secure Search)
    R2 WebrootSpySweeperService; C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe [4048240 2009-11-06] (Webroot Software, Inc. (www.webroot.com))
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    R2 WRConsumerService; C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe [1201640 2015-02-12] (Webroot Software, Inc. )
    S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc [X]
    S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]
    S2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [52000 2014-12-13] (AVG Technologies)
    S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Siliten)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-16] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R0 ssfs0bbc; C:\Windows\System32\DRIVERS\ssfs0bbc.sys [37488 2009-11-06] (Webroot Software, Inc. (www.webroot.com))
    R0 ssidrv; C:\Windows\System32\DRIVERS\ssidrv.sys [135280 2009-11-06] (Webroot Software, Inc. (www.webroot.com))
    R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-16 15:46 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Mozilla
    2015-02-16 15:46 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\Sean\AppData\Local\Mozilla
    2015-02-16 15:46 - 2015-02-16 15:46 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-02-16 15:46 - 2015-02-16 15:46 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-02-16 15:46 - 2015-02-16 15:46 - 00000000 ____D () C:\ProgramData\Mozilla
    2015-02-16 15:46 - 2015-02-16 15:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-02-16 15:44 - 2015-02-16 15:44 - 00243440 _____ () C:\Users\Sean\Downloads\Firefox Setup Stub 35.0.1.exe
    2015-02-16 15:44 - 2015-02-16 15:44 - 00243440 _____ () C:\Users\Sean\Downloads\Firefox Setup Stub 35.0.1 (1).exe
    2015-02-16 15:36 - 2015-02-16 15:36 - 00015560 _____ () C:\Users\Sean\Downloads\[kickass.to]the.wire.season.05.dvdrip.xvid.torrent
    2015-02-16 15:27 - 2015-02-16 15:27 - 00509440 _____ (Tech Support Guy System) C:\Users\Sean\Downloads\SysInfo.exe
    2015-02-16 15:05 - 2015-02-16 15:05 - 00026944 _____ () C:\Users\Sean\Downloads\[kickass.to]the.wire.season.5.complete.high.quality (1).torrent
    2015-02-16 15:04 - 2015-02-16 15:04 - 00026944 _____ () C:\Users\Sean\Downloads\[kickass.to]the.wire.season.5.complete.high.quality.torrent
    2015-02-14 03:01 - 2015-02-14 03:01 - 00284660 _____ () C:\windows\msxml4-KB973688-enu.LOG
    2015-02-14 03:00 - 2015-02-14 03:01 - 00288440 _____ () C:\windows\msxml4-KB954430-enu.LOG
    2015-02-14 03:00 - 2015-02-14 03:00 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
    2015-02-13 16:16 - 2015-02-13 16:16 - 00000000 ____D () C:\Users\Sean\AppData\Local\Adobe
    2015-02-12 20:46 - 2015-02-12 22:17 - 00001678 _____ () C:\windows\Tasks\wrSpySweeper_L49E7F6823FCE4597BAF0E07AB42649A2.job
    2015-02-12 20:46 - 2015-02-12 20:46 - 00008334 _____ () C:\windows\System32\Tasks\wrSpySweeper_L49E7F6823FCE4597BAF0E07AB42649A2
    2015-02-12 20:37 - 2015-02-12 20:37 - 00002016 _____ () C:\Users\Public\Desktop\Webroot AntiVirus.lnk
    2015-02-12 20:37 - 2015-02-12 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot
    2015-02-12 20:37 - 2009-11-06 15:14 - 00511328 _____ (Microsoft Corporation) C:\windows\SysWOW64\capicom.dll
    2015-02-12 20:36 - 2015-02-12 20:41 - 00000000 ____D () C:\ProgramData\Webroot
    2015-02-12 20:36 - 2015-02-12 20:36 - 00017264 _____ () C:\windows\system32\SsiEfr.exe
    2015-02-12 20:36 - 2015-02-12 20:36 - 00000164 _____ () C:\windows\install.dat
    2015-02-12 20:36 - 2015-02-12 20:36 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Webroot
    2015-02-12 20:36 - 2015-02-12 20:36 - 00000000 ____D () C:\Program Files (x86)\Webroot
    2015-02-12 20:36 - 2015-02-12 20:36 - 00000000 ____D () C:\Program Files (x86)\MSSOAP
    2015-02-12 20:36 - 2009-11-06 15:19 - 01563008 _____ (Webroot Software, Inc.) C:\windows\WRSetup.dll
    2015-02-12 20:09 - 2015-01-22 22:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2015-02-12 20:09 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2015-02-12 20:09 - 2015-01-22 21:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2015-02-12 20:09 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-02-11 23:53 - 2015-02-11 23:54 - 08317952 _____ () C:\Users\Sean\Downloads\chromeremotedesktophost.msi
    2015-02-11 17:56 - 2015-02-11 22:09 - 00000000 ____D () C:\Users\Sean\AppData\Local\Plex Media Server
    2015-02-11 17:55 - 2015-02-11 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
    2015-02-11 17:55 - 2015-02-11 17:55 - 00001252 _____ () C:\Users\Sean\Desktop\Plex Media Server.lnk
    2015-02-11 17:54 - 2015-02-11 17:54 - 00000000 ____D () C:\Program Files (x86)\Plex
    2015-02-11 17:53 - 2015-02-11 17:53 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-11 17:49 - 2015-02-11 17:51 - 86795776 _____ (Plex, Inc.) C:\Users\Sean\Downloads\Plex-Media-Server-0.9.1107.803-87d0708-en-US (1).exe
    2015-02-11 17:29 - 2015-02-16 17:14 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-11 17:28 - 2015-02-11 17:28 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-02-11 17:28 - 2015-02-11 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-02-11 17:28 - 2015-02-11 17:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-02-11 17:28 - 2015-02-11 17:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-02-11 17:28 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2015-02-11 17:28 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
    2015-02-11 17:28 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
    2015-02-10 20:35 - 2015-02-10 20:35 - 00002299 _____ () C:\Users\Sean\Desktop\Chrome App Launcher.lnk
    2015-02-10 20:35 - 2015-02-10 20:35 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-02-10 19:56 - 2015-01-08 21:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
    2015-02-10 19:56 - 2015-01-08 21:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
    2015-02-10 19:56 - 2015-01-08 21:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
    2015-02-10 19:56 - 2015-01-08 20:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
    2015-02-10 19:27 - 2015-02-16 17:19 - 00000000 ____D () C:\FRST
    2015-02-10 19:18 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
    2015-02-10 19:18 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2015-02-10 19:18 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
    2015-02-10 19:18 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-02-10 19:18 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2015-02-10 19:18 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2015-02-10 19:18 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2015-02-10 19:18 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2015-02-10 19:18 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-02-10 19:18 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2015-02-10 19:18 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2015-02-10 19:18 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2015-02-10 19:18 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2015-02-10 19:18 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2015-02-10 19:18 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-10 19:18 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-02-10 19:18 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-02-10 19:18 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-02-10 19:18 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2015-02-10 19:17 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2015-02-10 19:17 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2015-02-10 19:17 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2015-02-10 19:17 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2015-02-10 19:17 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2015-02-10 19:17 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2015-02-10 19:17 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2015-02-10 19:17 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2015-02-10 19:17 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2015-02-10 19:17 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2015-02-10 19:17 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2015-02-10 19:17 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2015-02-10 19:17 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2015-02-10 19:17 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-02-10 19:17 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2015-02-10 19:17 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2015-02-10 19:17 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2015-02-10 19:17 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2015-02-10 19:17 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-02-10 19:17 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2015-02-10 19:17 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2015-02-10 19:17 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2015-02-10 19:17 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2015-02-10 19:17 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2015-02-10 19:17 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2015-02-10 19:17 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2015-02-10 19:17 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2015-02-10 19:17 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2015-02-10 19:17 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2015-02-10 19:17 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-02-10 19:17 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2015-02-10 19:17 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-02-10 19:17 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2015-02-10 19:17 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2015-02-10 19:17 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2015-02-10 19:17 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-02-10 19:16 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2015-02-10 19:16 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
    2015-02-10 19:16 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2015-02-10 19:16 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
    2015-02-10 19:16 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
    2015-02-10 19:16 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
    2015-02-10 19:16 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
    2015-02-10 19:16 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
    2015-02-10 19:16 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2015-02-10 19:16 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
    2015-02-10 19:16 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2015-02-10 19:16 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
    2015-02-10 19:16 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2015-02-10 19:16 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2015-02-10 19:16 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2015-02-10 19:16 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
    2015-02-10 19:16 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2015-02-10 19:16 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
    2015-02-10 19:16 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
    2015-02-10 19:16 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
    2015-02-10 19:16 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
    2015-02-10 19:16 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
    2015-02-10 19:16 - 2014-07-06 20:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
    2015-02-10 19:16 - 2014-07-06 20:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
    2015-02-10 19:16 - 2014-07-06 19:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
    2015-02-10 19:16 - 2014-07-06 19:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
    2015-02-10 19:15 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
    2015-02-10 19:15 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
    2015-02-10 19:15 - 2014-10-03 20:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
    2015-02-10 19:15 - 2014-10-03 19:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
    2015-02-10 19:15 - 2014-10-03 19:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
    2015-02-10 19:13 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2015-02-10 19:13 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
    2015-02-10 19:13 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
    2015-02-10 19:13 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
    2015-02-10 19:13 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2015-02-10 19:13 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2015-02-10 19:13 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
    2015-02-10 19:13 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
    2015-02-10 19:13 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
    2015-02-10 19:11 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2015-02-10 19:08 - 2015-02-10 19:08 - 00001165 _____ () C:\Users\Sean\Desktop\Chromecast.lnk
    2015-02-10 19:08 - 2015-02-10 19:08 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
    2015-02-10 19:05 - 2015-02-10 19:05 - 00880208 _____ (Google Inc.) C:\Users\Sean\Downloads\chromecastinstaller.exe
    2015-01-27 20:46 - 2015-01-27 20:46 - 00003293 _____ () C:\Users\Sean\Downloads\[kickass.so]paper.love.sarah.wildman.epub.torrent
    2015-01-27 20:44 - 2015-01-27 20:44 - 00001420 _____ () C:\Users\Sean\Downloads\[kickass.so]all.the.light.we.cannot.see.epub.torrent
    2015-01-27 20:43 - 2015-01-27 20:43 - 00002767 _____ () C:\Users\Sean\Downloads\[kickass.so]the.rosie.project.2013.graeme.simsion.torrent
    2015-01-25 22:57 - 2015-01-25 22:57 - 00000000 __SHD () C:\found.001
    2015-01-25 20:58 - 2015-01-25 20:58 - 00278904 _____ () C:\windows\Minidump\012515-29983-01.dmp
    2015-01-21 18:40 - 2015-01-21 18:40 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\AVG2015
    2015-01-21 18:36 - 2015-01-21 18:36 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
    2015-01-21 18:34 - 2015-01-21 18:39 - 00000000 ____D () C:\ProgramData\AVG2015
    2015-01-21 18:32 - 2015-01-21 18:32 - 00000000 __SHD () C:\Users\Sean\AppData\Local\EmieBrowserModeList
    2015-01-21 18:28 - 2015-02-10 19:59 - 00000000 ____D () C:\Users\Sean\AppData\Local\Avg2015
    2015-01-21 18:27 - 2015-01-21 18:27 - 00000000 ____D () C:\Users\Sean\AppData\Local\MFAData

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-16 17:17 - 2011-04-28 20:05 - 01352663 _____ () C:\windows\WindowsUpdate.log
    2015-02-16 17:14 - 2014-08-10 15:27 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000UA.job
    2015-02-16 17:14 - 2013-06-13 12:45 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-02-16 17:13 - 2013-05-01 20:57 - 00000000 ___RD () C:\Users\Sean\Dropbox
    2015-02-16 17:13 - 2013-05-01 20:53 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Dropbox
    2015-02-16 17:09 - 2013-05-27 17:09 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-16 17:08 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2015-02-16 17:08 - 2009-07-13 22:51 - 00087284 _____ () C:\windows\setupact.log
    2015-02-16 17:05 - 2013-05-28 18:12 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\BitComet
    2015-02-16 17:02 - 2013-06-12 22:31 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2015-02-16 16:55 - 2014-12-13 19:49 - 00021412 _____ () C:\windows\SysWOW64\debug.log
    2015-02-16 16:34 - 2013-05-27 17:09 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-16 15:46 - 2013-05-30 15:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-02-16 14:33 - 2013-04-21 09:16 - 00000000 ____D () C:\ProgramData\MFAData
    2015-02-16 12:09 - 2009-07-13 23:13 - 00783464 _____ () C:\windows\system32\PerfStringBackup.INI
    2015-02-16 12:07 - 2009-07-13 22:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-16 12:07 - 2009-07-13 22:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-14 19:12 - 2014-08-10 15:27 - 00000852 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000Core.job
    2015-02-13 13:08 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
    2015-02-12 20:37 - 2009-07-13 20:34 - 00000547 _____ () C:\windows\win.ini
    2015-02-12 20:35 - 2013-05-27 17:09 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-02-12 20:00 - 2010-11-20 21:47 - 00957054 _____ () C:\windows\PFRO.log
    2015-02-12 07:51 - 2013-05-01 20:55 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-02-12 07:40 - 2015-01-02 16:11 - 00000000 ____D () C:\Program Files (x86)\c6816a2e-c55e-421c-b1f8-f34293dd9209
    2015-02-12 07:40 - 2013-05-30 15:28 - 00000000 ____D () C:\Program Files (x86)\Amazon
    2015-02-12 00:01 - 2013-05-27 17:10 - 00000000 ____D () C:\ProgramData\Google
    2015-02-11 20:04 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\Web
    2015-02-11 20:01 - 2015-01-02 15:58 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
    2015-02-11 18:57 - 2009-07-13 22:45 - 00344592 _____ () C:\windows\system32\FNTCACHE.DAT
    2015-02-11 18:53 - 2014-12-13 03:37 - 00000000 ____D () C:\windows\system32\appraiser
    2015-02-11 18:53 - 2014-05-06 02:00 - 00000000 ___SD () C:\windows\system32\CompatTel
    2015-02-11 18:53 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\tracing
    2015-02-11 17:33 - 2014-07-13 21:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-02-11 17:21 - 2014-05-28 20:49 - 00000000 ____D () C:\windows\system32\MRT
    2015-02-11 17:06 - 2014-05-28 20:49 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2015-02-10 19:50 - 2014-09-19 23:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-02-10 19:27 - 2014-09-20 00:27 - 00000153 _____ () C:\windows\wininit.ini
    2015-02-10 19:26 - 2013-05-31 08:42 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2015-02-10 19:08 - 2013-05-27 17:09 - 00000000 ____D () C:\Users\Sean\AppData\Local\Google
    2015-02-10 19:07 - 2014-08-10 15:27 - 00003876 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000UA
    2015-02-10 19:07 - 2014-08-10 15:27 - 00003480 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000Core
    2015-02-05 00:02 - 2013-06-12 22:31 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2015-02-05 00:02 - 2013-06-12 22:31 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-05 00:02 - 2013-06-12 22:31 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-04 09:29 - 2013-05-27 17:09 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-04 09:29 - 2013-05-27 17:09 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-01-25 20:58 - 2014-05-16 20:07 - 00000000 ____D () C:\windows\Minidump
    2015-01-25 20:58 - 2014-05-16 20:06 - 552865119 _____ () C:\windows\MEMORY.DMP
    2015-01-22 18:55 - 2013-04-21 09:18 - 00000000 ____D () C:\ProgramData\AVG2013
    2015-01-21 18:40 - 2014-11-22 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2015-01-21 18:40 - 2013-04-21 09:18 - 00000000 ___HD () C:\$AVG
    2015-01-21 18:40 - 2013-04-21 09:18 - 00000000 ____D () C:\Program Files (x86)\AVG
    2015-01-21 18:32 - 2014-11-22 11:51 - 00000000 __SHD () C:\Users\Sean\AppData\Local\EmieUserList
    2015-01-21 18:32 - 2014-11-22 11:51 - 00000000 __SHD () C:\Users\Sean\AppData\Local\EmieSiteList

    ==================== Files in the root of some directories =======

    2013-04-21 08:41 - 2010-01-16 06:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe

    Some content of TEMP:
    ====================
    C:\Users\Sean\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiwbvrc.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-13 12:55

    ==================== End Of Log ============================
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
    Ran by Sean at 2015-02-16 17:20:56
    Running from D:\BitComet Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AV: Webroot AntiVirus with Spy Sweeper (Disabled - Up to date) {3A033352-45FD-579C-DF47-2D2DA7A56A3D}
    AS: Webroot AntiVirus with Spy Sweeper (Disabled - Up to date) {8162D2B6-63C7-5812-E5F7-165FDC222080}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
    „Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
    „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Reader 9.5.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)
    Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
    Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
    Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
    AVG 2015 (Version: 15.0.4284 - AVG Technologies) Hidden
    AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
    BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
    Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
    BitComet 1.36 (HKLM-x32\...\BitComet) (Version: 1.36 - CometNetwork)
    Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version: - Oberon Media)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
    Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
    Chrome Remote Desktop Host (HKLM-x32\...\{C9F8858E-B6F9-4E56-B155-2A5CE7FC74B9}) (Version: 41.0.2272.41 - Google Inc.)
    ChromecastApp (HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Daycare Nightmare (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113128447}) (Version: - Oberon Media)
    Dropbox (HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
    Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
    Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
    Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
    EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
    EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
    eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    ESPN Offline Draft (HKLM-x32\...\ESPNOfflineDraft.7DC32A23D84BA514BB63AC794BF941363003AC19.1) (Version: 042513 - ESPN, Inc.)
    ESPN Offline Draft (x32 Version: 255 - ESPN, Inc.) Hidden
    ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
    Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
    Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
    Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
    Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Google+ Auto Backup (HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
    GradeQuick Web Plugin (HKLM-x32\...\{0EB768CD-EF48-4C66-8BCB-2DA8166B2654}) (Version: 1.00.0000 - Edline)
    iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
    Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version: - Oberon Media)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
    iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Logitech SetPoint 6.60 (HKLM\...\sp6) (Version: 6.60.170 - Logitech)
    Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 and SOAP Toolkit 3.0 (x32 Version: 1.0.0.0 - Webroot Software, Inc.) Hidden
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Plex Media Server (HKLM-x32\...\{7425d872-d65d-42c9-8c6d-7a8a529a4b50}) (Version: 0.9.1107 - Plex, Inc.)
    Plex Media Server (x32 Version: 0.9.1107 - Plex, Inc.) Hidden
    Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
    Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
    Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
    Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.24 - Samsung)
    Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
    Spy Sweeper Core (x32 Version: 4.4.0.85 - Webroot Software) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
    TornPlusTV_version1.11 (HKLM-x32\...\TornPlusTV_version1.11) (Version: 1.35.12.18 - Qwerty) <==== ATTENTION
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
    Webroot AntiVirus with Spy Sweeper (HKLM-x32\...\{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1) (Version: 6.1 - Webroot Software, Inc.)
    Windows Live &#31243;&#24335;&#38598; (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    &#931;&#965;&#955;&#955;&#959;&#947;&#942; &#966;&#969;&#964;&#959;&#947;&#961;&#945;&#966;&#953;&#974;&#957; &#964;&#959;&#965; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1054;&#1089;&#1085;&#1086;&#1074;&#1085;&#1099;&#1077; &#1082;&#1086;&#1084;&#1087;&#1086;&#1085;&#1077;&#1085;&#1090;&#1099; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1055;&#1086;&#1095;&#1090;&#1072; Windows Live (x32 Version: 15.4.3502.0922 - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090;) Hidden
    &#1060;&#1086;&#1090;&#1086;&#1072;&#1083;&#1100;&#1073;&#1086;&#1084; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1060;&#1086;&#1090;&#1086;&#1075;&#1072;&#1083;&#1077;&#1088;&#1080;&#1103; &#1085;&#1072; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1490;&#1500;&#1512;&#1497;&#1497;&#1514; &#1492;&#1514;&#1502;&#1493;&#1504;&#1493;&#1514; &#1513;&#1500; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1576;&#1585;&#1610;&#1583; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1605;&#1593;&#1585;&#1590; &#1589;&#1608;&#1585; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    16-02-2015 14:43:03 Scheduled Checkpoint

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 20:34 - 2015-02-12 20:47 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0C94A768-6EC8-4D70-9327-AB46090DEC44} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-02-07] (SAMSUNG Electronics)
    Task: {144E0FBC-DC65-4066-A5F1-2D7336D0151A} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
    Task: {1AEEA205-C55F-49EC-B0E8-7D27CA99CFE5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000UA => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-10] (Google Inc.)
    Task: {2985BD72-513A-4FB9-9171-EF6AF68F350C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-26] (Samsung Electronics)
    Task: {2BDBAB56-0A6D-485E-A87A-17223D9315C5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-28] (SAMSUNG Electronics co., LTD.)
    Task: {397C8787-EBD6-4162-8AA1-1843F248F167} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
    Task: {483876E1-3A29-4BEF-AEE1-A2D2132ED7DE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
    Task: {60523C36-7A83-4CF3-82C0-B5487A92C773} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-06-08] (Samsung Electronics Co., Ltd.)
    Task: {699A590C-580C-42BB-8ABB-869BEA1465B2} - \DealPly No Task File <==== ATTENTION
    Task: {6B414DED-CA04-4014-AE2B-B4533D7290B1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {6CD6EA57-6782-47FA-9D6E-418D8DBA194D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000Core => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-10] (Google Inc.)
    Task: {73C7B60D-37B5-49E5-813A-E383FCFD59B7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {982BA644-C78E-4F20-81EB-1858E48F181F} - System32\Tasks\DSite => C:\Users\Sean\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {9D3825F2-808E-445A-B0B1-CD0D25C0B7B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
    Task: {BE977A29-DBBE-4B2A-95B9-3342278E1BC1} - \EPUpdater No Task File <==== ATTENTION
    Task: {CB282F5E-7BC5-4994-82ED-255217C76F6D} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-18] (SEC)
    Task: {CD19AC8C-9963-460B-9FA9-C7331010A864} - System32\Tasks\wrSpySweeper_L49E7F6823FCE4597BAF0E07AB42649A2 => C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-11-06] (Webroot Software, Inc.)
    Task: {D21F9B53-5BED-4F42-9889-18832A7690C1} - \BrowserDefendert No Task File <==== ATTENTION
    Task: {E7FB6889-6D64-43D8-ABDA-3FB7511C7F4F} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-17] (Samsung Electronics. Co. Ltd.)
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000Core.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000UA.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\wrSpySweeper_L49E7F6823FCE4597BAF0E07AB42649A2.job => C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe

    ==================== Loaded Modules (whitelisted) ==============

    2013-07-10 12:34 - 2009-10-16 15:07 - 00186880 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll
    2014-12-13 19:48 - 2014-12-13 19:48 - 03081752 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    2014-12-13 19:48 - 2014-12-13 19:48 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
    2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-04-28 04:20 - 2006-08-11 21:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
    2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
    2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00072840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00196232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00838792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00049800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00086664 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 02092680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 01883272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00502920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
    2015-02-10 15:00 - 2015-02-10 15:00 - 00750080 _____ () C:\Users\Sean\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-02-16 17:12 - 2015-02-16 17:12 - 00043008 _____ () c:\users\sean\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiwbvrc.dll
    2015-02-10 15:00 - 2015-02-10 15:00 - 00047616 _____ () C:\Users\Sean\AppData\Roaming\Dropbox\bin\libEGL.dll
    2015-02-10 15:00 - 2015-02-10 15:00 - 00865280 _____ () C:\Users\Sean\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2015-02-10 15:00 - 2015-02-10 15:00 - 00200704 _____ () C:\Users\Sean\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2015-02-05 20:35 - 2015-02-04 03:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
    2015-02-05 20:35 - 2015-02-04 03:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
    2014-12-13 19:48 - 2014-12-13 19:48 - 01686552 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
    2015-02-05 20:35 - 2015-02-04 03:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
    2014-12-13 19:48 - 2014-12-13 19:48 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\log4cplusU.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00027784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00018568 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00034952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00836232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00192136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00054920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00017032 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00043656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00081544 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00111240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00689800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
    2015-02-16 15:46 - 2015-01-23 04:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebrootSpySweeperService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService => ""="Service"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.254

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2942724973-3254444484-952029406-500 - Administrator - Disabled)
    Guest (S-1-5-21-2942724973-3254444484-952029406-501 - Limited - Disabled)
    Sean (S-1-5-21-2942724973-3254444484-952029406-1000 - Administrator - Enabled) => C:\Users\Sean

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/16/2015 05:12:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/16/2015 05:10:20 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WindowsRemoteService.exe, version: 1.2.9.0, time stamp: 0x519f4ed8
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
    Exception code: 0xe0434352
    Fault offset: 0x0000c42d
    Faulting process id: 0x8c8
    Faulting application start time: 0xWindowsRemoteService.exe0
    Faulting application path: WindowsRemoteService.exe1
    Faulting module path: WindowsRemoteService.exe2
    Report Id: WindowsRemoteService.exe3

    Error: (02/16/2015 05:09:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: WindowsRemoteService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.IO.FileNotFoundException
    Stack:
    at WindowsRemoteService.SingleInstanceManager.Main(System.String[])

    Error: (02/16/2015 00:10:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 9313

    Error: (02/16/2015 00:10:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 9313

    Error: (02/16/2015 00:10:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/16/2015 00:10:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 8315

    Error: (02/16/2015 00:10:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 8315

    Error: (02/16/2015 00:10:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/16/2015 00:10:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7269


    System errors:
    =============
    Error: (02/16/2015 05:14:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The globalUpdate Update Service (globalUpdate) service failed to start due to the following error:
    %%2

    Error: (02/16/2015 05:09:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The vToolbarUpdater15.2.0 service failed to start due to the following error:
    %%2

    Error: (02/16/2015 05:09:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Norton Online Backup service failed to start due to the following error:
    %%1053

    Error: (02/16/2015 05:09:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Norton Online Backup service to connect.

    Error: (02/16/2015 05:08:24 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 5:05:02 PM on &#8206;2/&#8206;16/&#8206;2015 was unexpected.

    Error: (02/16/2015 00:11:52 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (02/16/2015 00:11:50 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (02/16/2015 00:02:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The globalUpdate Update Service (globalUpdate) service failed to start due to the following error:
    %%2

    Error: (02/16/2015 00:00:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The vToolbarUpdater15.2.0 service failed to start due to the following error:
    %%2

    Error: (02/16/2015 00:00:22 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 5:27:42 PM on &#8206;2/&#8206;15/&#8206;2015 was unexpected.


    Microsoft Office Sessions:
    =========================
    Error: (08/14/2014 10:53:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8617 seconds with 3420 seconds of active time. This session ended with a crash.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
    Percentage of memory in use: 55%
    Total physical RAM: 3892.55 MB
    Available physical RAM: 1720.75 MB
    Total Pagefile: 7783.29 MB
    Available Pagefile: 5296.32 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:179 GB) (Free:79.62 GB) NTFS
    Drive d: () (Fixed) (Total:266.66 GB) (Free:103.16 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: BDC35F75)
    Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=179 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=266.7 GB) - (Type=OF Extended)

    ==================== End Of Log ============================
     
  4. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    It will take a while to analyze the logs.
    probably respond in the morning my time.
     
  5. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Hi Number47,
    Please do the following in the order given, Thanks.
    ---------------------------------------------------------------
    Avoid Using P2P file sharing programs
    This includes µTorrent, Bearshare, Bittorrent, BitComet, Azureus, Frostwire, Vuze, Shareaza, Bitlord.
    The Unethical have "planted" thousands upon thousands of infections and Adware items in the shared torrent files.

    This means some of the stuff in your BitComet Downloads Folder may be infected.
    ------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Control Panel, click on Programs and Features
    Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

    Adobe Reader 9.5.0
    BitComet 1.36
    Insaniquarium Deluxe
    McAfee Security Scan Plus
    Webroot AntiVirus with Spy Sweeper

    Take extra care in answering questions posed by any Uninstaller.
    -----------------------------------------------------------
    REBOOT (RESTART) Your Machine
    -----------------------------------------------------------
    Move the FRST64.exe file
    Cut or Copy the FRST64.exe file from its present location here: D:\BitComet Downloads\
    Paste it on your desktop.
    --------------------------------------------------------
    Run A Fix With FRST
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
    (Both on the Desktop is OK, or both in the same folder elsewhere)

    Run FRST64 and press the Fix button just once and wait. DO NOT PRESS THE SCAN BUTTON.
    If for some reason the tool needs a restart, please make sure you let the system restart normally.
    The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
    When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

    Let me know how it goes.
    askey127
     

    Attached Files:

  6. number47

    number47 Thread Starter

    Joined:
    Feb 10, 2015
    Messages:
    9
    Alright Professor Askey, Here is my log:
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015
    Ran by Sean at 2015-02-17 12:00:21 Run:1
    Running from C:\Users\Sean\Desktop
    Loaded Profiles: Sean (Available profiles: Sean)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    (HKLM-x32\...\TornPlusTV_version1.11) (Version: 1.35.12.18 - Qwerty) <==== ATTENTION
    Task: {699A590C-580C-42BB-8ABB-869BEA1465B2} - \DealPly No Task File <==== ATTENTION
    Task: {BE977A29-DBBE-4B2A-95B9-3342278E1BC1} - \EPUpdater No Task File <==== ATTENTION
    Task: {D21F9B53-5BED-4F42-9889-18832A7690C1} - \BrowserDefendert No Task File <==== ATTENTION
    Task: {982BA644-C78E-4F20-81EB-1858E48F181F} - System32\Tasks\DSite => C:\Users\Sean\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebrootSpySweeperService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperSer vice => ""="Service"
    HKLM-x32\...\Run: [SpySweeper] => C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe [6515784 2009-11-06] (Webroot Software, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
    CHR HomePage: Default -> hxxp://search.babylon.com/?affID=119351&tt=300513_new&babsrc=HP_ss_din2g&mntrId=100CE0CA9467E177
    S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 WebrootSpySweeperService; C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe [4048240 2009-11-06] (Webroot Software, Inc. (www.webroot.com))
    R2 WRConsumerService; C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe [1201640 2015-02-12] (Webroot Software, Inc. )
    S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc [X]
    S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]
    2015-02-16 17:05 - 2013-05-28 18:12 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\BitComet
    2015-02-11 20:01 - 2015-01-02 15:58 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

    *****************

    (Version: 1.35.12.18 - Qwerty) <==== ATTENTION => No running process found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{699A590C-580C-42BB-8ABB-869BEA1465B2}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{699A590C-580C-42BB-8ABB-869BEA1465B2}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE977A29-DBBE-4B2A-95B9-3342278E1BC1}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE977A29-DBBE-4B2A-95B9-3342278E1BC1}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21F9B53-5BED-4F42-9889-18832A7690C1}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F9B53-5BED-4F42-9889-18832A7690C1}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{982BA644-C78E-4F20-81EB-1858E48F181F}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{982BA644-C78E-4F20-81EB-1858E48F181F}" => Key deleted successfully.
    C:\Windows\System32\Tasks\DSite => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite" => Key deleted successfully.
    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WebrootSpySweeperService => Key not found.
    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService => Key not found.
    HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperSer vice => Key not found.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SpySweeper => Value not found.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk not found.
    C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key not found.
    HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key not found.
    C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi not found.
    Chrome HomePage deleted successfully.
    BITCOMET_HELPER_SERVICE => Service not found.
    McComponentHostService => Service not found.
    WebrootSpySweeperService => Service not found.
    WRConsumerService => Service not found.
    globalUpdate => Service deleted successfully.
    globalUpdatem => Service deleted successfully.
    C:\Users\Sean\AppData\Roaming\BitComet => Moved successfully.
    C:\Program Files (x86)\globalUpdate => Moved successfully.

    ==== End of Fixlog 12:00:46 ====
     
  7. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Number47,
    Good so far. Now let's see what we have left.
    -----------------------------------------------------------
    Run a New Scan With the Farbar Scan Tool
    • Double click FRST64.exe on your desktop to launch it.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning, a new version of the log FRST.txt will be saved on your Desktop and opened in Notepad.
    • Please post the contents in your next reply.

    askey127
     
  8. number47

    number47 Thread Starter

    Joined:
    Feb 10, 2015
    Messages:
    9
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
    Ran by Sean (administrator) on SEAN-PC on 17-02-2015 15:03:54
    Running from C:\Users\Sean\Desktop
    Loaded Profiles: Sean (Available profiles: Sean)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe
    ( ) C:\Windows\System32\lxducoms.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Dropbox, Inc.) C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
    (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
    (SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
    (Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
    (Microsoft Corporation) C:\Windows\System32\calc.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
    HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3089688 2013-06-27] (Logitech, Inc.)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
    HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3081752 2014-12-13] ()
    Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-05-27] (Google Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [Windows Remote Service] => C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe [173568 2013-05-24] (Banamalon)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-20] (SUPERAntiSpyware)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [Google Update] => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-10] (Google Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [Google+ Auto Backup] => "C:\Users\Sean\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [GoogleChromeAutoLaunch_4C759CBE76051A54F37D4E70F0F48AE0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\MountPoints2: {202d88f5-0a10-11e3-91cf-e811328de355} - F:\LaunchU3.exe -a
    AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll" File Not Found
    Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exeSsiEfr.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    SearchScopes: HKLM -> DefaultScope value is missing.
    SearchScopes: HKLM-x32 -> DefaultScope value is missing.
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2942724973-3254444484-952029406-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2942724973-3254444484-952029406-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={82F7583C-11EA-4CED-AD2E-0796FE35AF52}&mid=bbfebc909cad47d3a8ae395874690aa6-72e125d5b9f4faf8e788deaf6fa06fc669a45ae5&lang=en&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-13 19:48:46&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKU\S-1-5-21-2942724973-3254444484-952029406-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\sxrr0l1q.default
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin HKU\S-1-5-21-2942724973-3254444484-952029406-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-2942724973-3254444484-952029406-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
    FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-07-21]

    Chrome:
    =======
    CHR Profile: C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-17]
    CHR Extension: (Google Wallet) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-17]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-20] (SUPERAntiSpyware.com)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
    R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe [56648 2015-02-01] (Google Inc.)
    R2 lxdu_device; C:\windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 vToolbarUpdater18.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [1850392 2014-12-13] (AVG Secure Search)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    S2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [52000 2014-12-13] (AVG Technologies)
    S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Siliten)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-17] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-17 12:37 - 2015-02-17 12:39 - 00000000 ____D () C:\Users\Sean\Desktop\FFootball
    2015-02-17 11:58 - 2015-02-16 16:54 - 02085888 _____ (Farbar) C:\Users\Sean\Desktop\FRST64.exe
    2015-02-17 11:55 - 2015-02-17 15:04 - 00022484 _____ () C:\Users\Sean\Desktop\FRST.txt
    2015-02-16 15:46 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Mozilla
    2015-02-16 15:46 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\Sean\AppData\Local\Mozilla
    2015-02-16 15:46 - 2015-02-16 15:46 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-02-16 15:46 - 2015-02-16 15:46 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-02-16 15:46 - 2015-02-16 15:46 - 00000000 ____D () C:\ProgramData\Mozilla
    2015-02-16 15:46 - 2015-02-16 15:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-02-16 15:44 - 2015-02-16 15:44 - 00243440 _____ () C:\Users\Sean\Downloads\Firefox Setup Stub 35.0.1.exe
    2015-02-16 15:44 - 2015-02-16 15:44 - 00243440 _____ () C:\Users\Sean\Downloads\Firefox Setup Stub 35.0.1 (1).exe
    2015-02-16 15:36 - 2015-02-16 15:36 - 00015560 _____ () C:\Users\Sean\Downloads\[kickass.to]the.wire.season.05.dvdrip.xvid.torrent
    2015-02-16 15:27 - 2015-02-16 15:27 - 00509440 _____ (Tech Support Guy System) C:\Users\Sean\Downloads\SysInfo.exe
    2015-02-16 15:05 - 2015-02-16 15:05 - 00026944 _____ () C:\Users\Sean\Downloads\[kickass.to]the.wire.season.5.complete.high.quality (1).torrent
    2015-02-16 15:04 - 2015-02-16 15:04 - 00026944 _____ () C:\Users\Sean\Downloads\[kickass.to]the.wire.season.5.complete.high.quality.torrent
    2015-02-14 03:01 - 2015-02-14 03:01 - 00284660 _____ () C:\windows\msxml4-KB973688-enu.LOG
    2015-02-14 03:00 - 2015-02-14 03:01 - 00288440 _____ () C:\windows\msxml4-KB954430-enu.LOG
    2015-02-14 03:00 - 2015-02-14 03:00 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
    2015-02-13 16:16 - 2015-02-17 11:45 - 00000000 ____D () C:\Users\Sean\AppData\Local\Adobe
    2015-02-12 20:36 - 2015-02-12 20:36 - 00000164 _____ () C:\windows\install.dat
    2015-02-12 20:36 - 2015-02-12 20:36 - 00000000 ____D () C:\Program Files (x86)\Webroot
    2015-02-12 20:36 - 2015-02-12 20:36 - 00000000 ____D () C:\Program Files (x86)\MSSOAP
    2015-02-12 20:09 - 2015-01-22 22:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2015-02-12 20:09 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2015-02-12 20:09 - 2015-01-22 21:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2015-02-12 20:09 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-02-11 23:53 - 2015-02-11 23:54 - 08317952 _____ () C:\Users\Sean\Downloads\chromeremotedesktophost.msi
    2015-02-11 17:56 - 2015-02-11 22:09 - 00000000 ____D () C:\Users\Sean\AppData\Local\Plex Media Server
    2015-02-11 17:55 - 2015-02-11 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
    2015-02-11 17:55 - 2015-02-11 17:55 - 00001252 _____ () C:\Users\Sean\Desktop\Plex Media Server.lnk
    2015-02-11 17:54 - 2015-02-11 17:54 - 00000000 ____D () C:\Program Files (x86)\Plex
    2015-02-11 17:53 - 2015-02-11 17:53 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-11 17:49 - 2015-02-11 17:51 - 86795776 _____ (Plex, Inc.) C:\Users\Sean\Downloads\Plex-Media-Server-0.9.1107.803-87d0708-en-US (1).exe
    2015-02-11 17:29 - 2015-02-17 13:40 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-11 17:28 - 2015-02-11 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-02-11 17:28 - 2015-02-11 17:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-02-11 17:28 - 2015-02-11 17:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-02-11 17:28 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2015-02-11 17:28 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
    2015-02-11 17:28 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
    2015-02-10 20:35 - 2015-02-10 20:35 - 00002299 _____ () C:\Users\Sean\Desktop\Chrome App Launcher.lnk
    2015-02-10 20:35 - 2015-02-10 20:35 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-02-10 19:56 - 2015-01-08 21:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
    2015-02-10 19:56 - 2015-01-08 21:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
    2015-02-10 19:56 - 2015-01-08 21:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
    2015-02-10 19:56 - 2015-01-08 20:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
    2015-02-10 19:27 - 2015-02-17 15:04 - 00000000 ____D () C:\FRST
    2015-02-10 19:18 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2015-02-10 19:18 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
    2015-02-10 19:18 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2015-02-10 19:18 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
    2015-02-10 19:18 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-02-10 19:18 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2015-02-10 19:18 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2015-02-10 19:18 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2015-02-10 19:18 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2015-02-10 19:18 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-02-10 19:18 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2015-02-10 19:18 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2015-02-10 19:18 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2015-02-10 19:18 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2015-02-10 19:18 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2015-02-10 19:18 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-10 19:18 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-02-10 19:18 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-02-10 19:18 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-02-10 19:18 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2015-02-10 19:18 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2015-02-10 19:18 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2015-02-10 19:17 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2015-02-10 19:17 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2015-02-10 19:17 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2015-02-10 19:17 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2015-02-10 19:17 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2015-02-10 19:17 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2015-02-10 19:17 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2015-02-10 19:17 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2015-02-10 19:17 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2015-02-10 19:17 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2015-02-10 19:17 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2015-02-10 19:17 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2015-02-10 19:17 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2015-02-10 19:17 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-02-10 19:17 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2015-02-10 19:17 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2015-02-10 19:17 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2015-02-10 19:17 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2015-02-10 19:17 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-02-10 19:17 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2015-02-10 19:17 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2015-02-10 19:17 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2015-02-10 19:17 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2015-02-10 19:17 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2015-02-10 19:17 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2015-02-10 19:17 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2015-02-10 19:17 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2015-02-10 19:17 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2015-02-10 19:17 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2015-02-10 19:17 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-02-10 19:17 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2015-02-10 19:17 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-02-10 19:17 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2015-02-10 19:17 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2015-02-10 19:17 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2015-02-10 19:17 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-02-10 19:16 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2015-02-10 19:16 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
    2015-02-10 19:16 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2015-02-10 19:16 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
    2015-02-10 19:16 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
    2015-02-10 19:16 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
    2015-02-10 19:16 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
    2015-02-10 19:16 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
    2015-02-10 19:16 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2015-02-10 19:16 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
    2015-02-10 19:16 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2015-02-10 19:16 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
    2015-02-10 19:16 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2015-02-10 19:16 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2015-02-10 19:16 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2015-02-10 19:16 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
    2015-02-10 19:16 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2015-02-10 19:16 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
    2015-02-10 19:16 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
    2015-02-10 19:16 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
    2015-02-10 19:16 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
    2015-02-10 19:16 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
    2015-02-10 19:16 - 2014-07-06 20:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
    2015-02-10 19:16 - 2014-07-06 20:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
    2015-02-10 19:16 - 2014-07-06 19:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
    2015-02-10 19:16 - 2014-07-06 19:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
    2015-02-10 19:15 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
    2015-02-10 19:15 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
    2015-02-10 19:15 - 2014-10-03 20:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
    2015-02-10 19:15 - 2014-10-03 19:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
    2015-02-10 19:15 - 2014-10-03 19:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
    2015-02-10 19:13 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2015-02-10 19:13 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
    2015-02-10 19:13 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
    2015-02-10 19:13 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
    2015-02-10 19:13 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2015-02-10 19:13 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2015-02-10 19:13 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
    2015-02-10 19:13 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
    2015-02-10 19:13 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
    2015-02-10 19:11 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2015-02-10 19:08 - 2015-02-10 19:08 - 00001165 _____ () C:\Users\Sean\Desktop\Chromecast.lnk
    2015-02-10 19:08 - 2015-02-10 19:08 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
    2015-02-10 19:05 - 2015-02-10 19:05 - 00880208 _____ (Google Inc.) C:\Users\Sean\Downloads\chromecastinstaller.exe
    2015-01-27 20:46 - 2015-01-27 20:46 - 00003293 _____ () C:\Users\Sean\Downloads\[kickass.so]paper.love.sarah.wildman.epub.torrent
    2015-01-27 20:44 - 2015-01-27 20:44 - 00001420 _____ () C:\Users\Sean\Downloads\[kickass.so]all.the.light.we.cannot.see.epub.torrent
    2015-01-27 20:43 - 2015-01-27 20:43 - 00002767 _____ () C:\Users\Sean\Downloads\[kickass.so]the.rosie.project.2013.graeme.simsion.torrent
    2015-01-25 22:57 - 2015-01-25 22:57 - 00000000 __SHD () C:\found.001
    2015-01-25 20:58 - 2015-01-25 20:58 - 00278904 _____ () C:\windows\Minidump\012515-29983-01.dmp
    2015-01-21 18:40 - 2015-01-21 18:40 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\AVG2015
    2015-01-21 18:36 - 2015-01-21 18:36 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
    2015-01-21 18:34 - 2015-01-21 18:39 - 00000000 ____D () C:\ProgramData\AVG2015
    2015-01-21 18:32 - 2015-01-21 18:32 - 00000000 __SHD () C:\Users\Sean\AppData\Local\EmieBrowserModeList
    2015-01-21 18:28 - 2015-02-10 19:59 - 00000000 ____D () C:\Users\Sean\AppData\Local\Avg2015
    2015-01-21 18:27 - 2015-01-21 18:27 - 00000000 ____D () C:\Users\Sean\AppData\Local\MFAData

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-17 15:02 - 2013-06-12 22:31 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2015-02-17 15:00 - 2011-04-28 20:05 - 01420551 _____ () C:\windows\WindowsUpdate.log
    2015-02-17 14:34 - 2013-05-27 17:09 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-17 14:34 - 2013-04-21 09:16 - 00000000 ____D () C:\ProgramData\MFAData
    2015-02-17 14:12 - 2014-08-10 15:27 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000UA.job
    2015-02-17 12:48 - 2014-12-13 19:49 - 00022264 _____ () C:\windows\SysWOW64\debug.log
    2015-02-17 12:02 - 2009-07-13 22:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-17 12:02 - 2009-07-13 22:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-17 11:57 - 2013-06-13 12:45 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-02-17 11:54 - 2013-05-01 20:57 - 00000000 ___RD () C:\Users\Sean\Dropbox
    2015-02-17 11:54 - 2013-05-01 20:53 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Dropbox
    2015-02-17 11:52 - 2013-05-27 17:09 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-17 11:52 - 2010-11-20 21:47 - 00960640 _____ () C:\windows\PFRO.log
    2015-02-17 11:52 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2015-02-17 11:52 - 2009-07-13 22:51 - 00087340 _____ () C:\windows\setupact.log
    2015-02-17 11:48 - 2013-04-21 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Pack
    2015-02-17 11:48 - 2013-04-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Game Pack
    2015-02-17 11:46 - 2013-04-21 08:40 - 00000000 ____D () C:\ProgramData\Adobe
    2015-02-17 11:46 - 2013-04-21 08:40 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2015-02-16 19:12 - 2014-08-10 15:27 - 00000852 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000Core.job
    2015-02-16 15:46 - 2013-05-30 15:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-02-16 12:09 - 2009-07-13 23:13 - 00783464 _____ () C:\windows\system32\PerfStringBackup.INI
    2015-02-13 13:08 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
    2015-02-12 20:37 - 2009-07-13 20:34 - 00000547 _____ () C:\windows\win.ini
    2015-02-12 20:35 - 2013-05-27 17:09 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-02-12 07:51 - 2013-05-01 20:55 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-02-12 07:40 - 2015-01-02 16:11 - 00000000 ____D () C:\Program Files (x86)\c6816a2e-c55e-421c-b1f8-f34293dd9209
    2015-02-12 07:40 - 2013-05-30 15:28 - 00000000 ____D () C:\Program Files (x86)\Amazon
    2015-02-12 00:01 - 2013-05-27 17:10 - 00000000 ____D () C:\ProgramData\Google
    2015-02-11 20:04 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\Web
    2015-02-11 18:57 - 2009-07-13 22:45 - 00344592 _____ () C:\windows\system32\FNTCACHE.DAT
    2015-02-11 18:53 - 2014-12-13 03:37 - 00000000 ____D () C:\windows\system32\appraiser
    2015-02-11 18:53 - 2014-05-06 02:00 - 00000000 ___SD () C:\windows\system32\CompatTel
    2015-02-11 18:53 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\tracing
    2015-02-11 17:33 - 2014-07-13 21:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-02-11 17:21 - 2014-05-28 20:49 - 00000000 ____D () C:\windows\system32\MRT
    2015-02-11 17:06 - 2014-05-28 20:49 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2015-02-10 19:50 - 2014-09-19 23:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-02-10 19:27 - 2014-09-20 00:27 - 00000153 _____ () C:\windows\wininit.ini
    2015-02-10 19:26 - 2013-05-31 08:42 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2015-02-10 19:08 - 2013-05-27 17:09 - 00000000 ____D () C:\Users\Sean\AppData\Local\Google
    2015-02-10 19:07 - 2014-08-10 15:27 - 00003876 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000UA
    2015-02-10 19:07 - 2014-08-10 15:27 - 00003480 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000Core
    2015-02-05 00:02 - 2013-06-12 22:31 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2015-02-05 00:02 - 2013-06-12 22:31 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-05 00:02 - 2013-06-12 22:31 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-04 09:29 - 2013-05-27 17:09 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-04 09:29 - 2013-05-27 17:09 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-01-25 20:58 - 2014-05-16 20:07 - 00000000 ____D () C:\windows\Minidump
    2015-01-25 20:58 - 2014-05-16 20:06 - 552865119 _____ () C:\windows\MEMORY.DMP
    2015-01-22 18:55 - 2013-04-21 09:18 - 00000000 ____D () C:\ProgramData\AVG2013
    2015-01-21 18:40 - 2014-11-22 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2015-01-21 18:40 - 2013-04-21 09:18 - 00000000 ___HD () C:\$AVG
    2015-01-21 18:40 - 2013-04-21 09:18 - 00000000 ____D () C:\Program Files (x86)\AVG
    2015-01-21 18:32 - 2014-11-22 11:51 - 00000000 __SHD () C:\Users\Sean\AppData\Local\EmieUserList
    2015-01-21 18:32 - 2014-11-22 11:51 - 00000000 __SHD () C:\Users\Sean\AppData\Local\EmieSiteList

    ==================== Files in the root of some directories =======

    2013-04-21 08:41 - 2010-01-16 06:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe

    Some content of TEMP:
    ====================
    C:\Users\Sean\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqfmfrl.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-13 12:55

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
    Ran by Sean at 2015-02-17 15:05:15
    Running from C:\Users\Sean\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
    „Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
    „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
    Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
    Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
    AVG 2015 (Version: 15.0.4284 - AVG Technologies) Hidden
    AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
    BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
    Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
    Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version: - Oberon Media)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
    Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
    Chrome Remote Desktop Host (HKLM-x32\...\{C9F8858E-B6F9-4E56-B155-2A5CE7FC74B9}) (Version: 41.0.2272.41 - Google Inc.)
    ChromecastApp (HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Daycare Nightmare (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113128447}) (Version: - Oberon Media)
    Dropbox (HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
    Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
    Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
    Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
    EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
    EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
    eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    ESPN Offline Draft (HKLM-x32\...\ESPNOfflineDraft.7DC32A23D84BA514BB63AC794BF941363003AC19.1) (Version: 042513 - ESPN, Inc.)
    ESPN Offline Draft (x32 Version: 255 - ESPN, Inc.) Hidden
    ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
    Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
    Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
    Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galeria fotografii us&#322;ugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
    Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Google+ Auto Backup (HKU\S-1-5-21-2942724973-3254444484-952029406-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
    GradeQuick Web Plugin (HKLM-x32\...\{0EB768CD-EF48-4C66-8BCB-2DA8166B2654}) (Version: 1.00.0000 - Edline)
    iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
    iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Logitech SetPoint 6.60 (HKLM\...\sp6) (Version: 6.60.170 - Logitech)
    Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 and SOAP Toolkit 3.0 (x32 Version: 1.0.0.0 - Webroot Software, Inc.) Hidden
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Plex Media Server (HKLM-x32\...\{7425d872-d65d-42c9-8c6d-7a8a529a4b50}) (Version: 0.9.1107 - Plex, Inc.)
    Plex Media Server (x32 Version: 0.9.1107 - Plex, Inc.) Hidden
    Poczta us&#322;ugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
    Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
    Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
    Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.24 - Samsung)
    Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
    Windows Live &#31243;&#24335;&#38598; (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    &#931;&#965;&#955;&#955;&#959;&#947;&#942; &#966;&#969;&#964;&#959;&#947;&#961;&#945;&#966;&#953;&#974;&#957; &#964;&#959;&#965; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1054;&#1089;&#1085;&#1086;&#1074;&#1085;&#1099;&#1077; &#1082;&#1086;&#1084;&#1087;&#1086;&#1085;&#1077;&#1085;&#1090;&#1099; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1055;&#1086;&#1095;&#1090;&#1072; Windows Live (x32 Version: 15.4.3502.0922 - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090;) Hidden
    &#1060;&#1086;&#1090;&#1086;&#1072;&#1083;&#1100;&#1073;&#1086;&#1084; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1060;&#1086;&#1090;&#1086;&#1075;&#1072;&#1083;&#1077;&#1088;&#1080;&#1103; &#1085;&#1072; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1490;&#1500;&#1512;&#1497;&#1497;&#1514; &#1492;&#1514;&#1502;&#1493;&#1504;&#1493;&#1514; &#1513;&#1500; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1576;&#1585;&#1610;&#1583; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    &#1605;&#1593;&#1585;&#1590; &#1589;&#1608;&#1585; Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sean\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2942724973-3254444484-952029406-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    16-02-2015 14:43:03 Scheduled Checkpoint
    17-02-2015 11:43:46 Removed Adobe Reader 9.5.0.

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 20:34 - 2015-02-17 11:50 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0C94A768-6EC8-4D70-9327-AB46090DEC44} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-02-07] (SAMSUNG Electronics)
    Task: {144E0FBC-DC65-4066-A5F1-2D7336D0151A} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
    Task: {1AEEA205-C55F-49EC-B0E8-7D27CA99CFE5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000UA => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-10] (Google Inc.)
    Task: {2985BD72-513A-4FB9-9171-EF6AF68F350C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-26] (Samsung Electronics)
    Task: {2BDBAB56-0A6D-485E-A87A-17223D9315C5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-28] (SAMSUNG Electronics co., LTD.)
    Task: {397C8787-EBD6-4162-8AA1-1843F248F167} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
    Task: {483876E1-3A29-4BEF-AEE1-A2D2132ED7DE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
    Task: {60523C36-7A83-4CF3-82C0-B5487A92C773} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-06-08] (Samsung Electronics Co., Ltd.)
    Task: {6B414DED-CA04-4014-AE2B-B4533D7290B1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {6CD6EA57-6782-47FA-9D6E-418D8DBA194D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000Core => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-10] (Google Inc.)
    Task: {73C7B60D-37B5-49E5-813A-E383FCFD59B7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {9D3825F2-808E-445A-B0B1-CD0D25C0B7B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
    Task: {CB282F5E-7BC5-4994-82ED-255217C76F6D} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-18] (SEC)
    Task: {E7FB6889-6D64-43D8-ABDA-3FB7511C7F4F} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-17] (Samsung Electronics. Co. Ltd.)
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000Core.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2942724973-3254444484-952029406-1000UA.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2013-07-10 12:34 - 2009-10-16 15:07 - 00186880 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll
    2014-12-13 19:48 - 2014-12-13 19:48 - 03081752 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    2014-12-13 19:48 - 2014-12-13 19:48 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
    2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-04-28 04:20 - 2006-08-11 21:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
    2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
    2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00072840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00196232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00838792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00049800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00086664 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 02092680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 01883272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00502920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
    2015-02-10 15:00 - 2015-02-10 15:00 - 00750080 _____ () C:\Users\Sean\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-02-17 11:53 - 2015-02-17 11:53 - 00043008 _____ () c:\users\sean\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqfmfrl.dll
    2015-02-10 15:00 - 2015-02-10 15:00 - 00047616 _____ () C:\Users\Sean\AppData\Roaming\Dropbox\bin\libEGL.dll
    2015-02-10 15:00 - 2015-02-10 15:00 - 00865280 _____ () C:\Users\Sean\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2015-02-10 15:00 - 2015-02-10 15:00 - 00200704 _____ () C:\Users\Sean\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2014-12-13 19:48 - 2014-12-13 19:48 - 01686552 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
    2014-12-13 19:48 - 2014-12-13 19:48 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\log4cplusU.dll
    2014-12-13 19:48 - 2014-12-13 19:48 - 40630296 _____ () C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00027784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00018568 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00034952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00836232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
    2014-12-21 22:31 - 2014-12-21 22:31 - 00192136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00054920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00017032 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00043656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00081544 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00111240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
    2014-12-21 22:31 - 2014-12-21 22:31 - 00689800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
    2015-02-16 15:46 - 2015-01-23 04:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2942724973-3254444484-952029406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.254

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2942724973-3254444484-952029406-500 - Administrator - Disabled)
    Guest (S-1-5-21-2942724973-3254444484-952029406-501 - Limited - Disabled)
    Sean (S-1-5-21-2942724973-3254444484-952029406-1000 - Administrator - Enabled) => C:\Users\Sean

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/17/2015 11:53:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/17/2015 11:53:28 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WindowsRemoteService.exe, version: 1.2.9.0, time stamp: 0x519f4ed8
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
    Exception code: 0xe0434352
    Fault offset: 0x0000c42d
    Faulting process id: 0xdf4
    Faulting application start time: 0xWindowsRemoteService.exe0
    Faulting application path: WindowsRemoteService.exe1
    Faulting module path: WindowsRemoteService.exe2
    Report Id: WindowsRemoteService.exe3

    Error: (02/17/2015 11:53:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: WindowsRemoteService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.IO.FileNotFoundException
    Stack:
    at WindowsRemoteService.SingleInstanceManager.Main(System.String[])

    Error: (02/16/2015 05:12:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/16/2015 05:10:20 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WindowsRemoteService.exe, version: 1.2.9.0, time stamp: 0x519f4ed8
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
    Exception code: 0xe0434352
    Fault offset: 0x0000c42d
    Faulting process id: 0x8c8
    Faulting application start time: 0xWindowsRemoteService.exe0
    Faulting application path: WindowsRemoteService.exe1
    Faulting module path: WindowsRemoteService.exe2
    Report Id: WindowsRemoteService.exe3

    Error: (02/16/2015 05:09:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: WindowsRemoteService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.IO.FileNotFoundException
    Stack:
    at WindowsRemoteService.SingleInstanceManager.Main(System.String[])

    Error: (02/16/2015 00:10:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 9313

    Error: (02/16/2015 00:10:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 9313

    Error: (02/16/2015 00:10:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/16/2015 00:10:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 8315


    System errors:
    =============
    Error: (02/17/2015 11:57:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The globalUpdate Update Service (globalUpdate) service failed to start due to the following error:
    %%2

    Error: (02/17/2015 11:52:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The vToolbarUpdater15.2.0 service failed to start due to the following error:
    %%2

    Error: (02/17/2015 11:49:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Webroot Client Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (02/17/2015 11:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Webroot Spy Sweeper Engine service terminated unexpectedly. It has done this 1 time(s).

    Error: (02/17/2015 11:49:25 AM) (Source: ssidrv) (EventID: 26) (User: )
    Description: ssi122

    Error: (02/16/2015 05:14:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The globalUpdate Update Service (globalUpdate) service failed to start due to the following error:
    %%2

    Error: (02/16/2015 05:09:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The vToolbarUpdater15.2.0 service failed to start due to the following error:
    %%2

    Error: (02/16/2015 05:09:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Norton Online Backup service failed to start due to the following error:
    %%1053

    Error: (02/16/2015 05:09:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Norton Online Backup service to connect.

    Error: (02/16/2015 05:08:24 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 5:05:02 PM on &#8206;2/&#8206;16/&#8206;2015 was unexpected.


    Microsoft Office Sessions:
    =========================
    Error: (08/14/2014 10:53:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8617 seconds with 3420 seconds of active time. This session ended with a crash.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
    Percentage of memory in use: 51%
    Total physical RAM: 3892.55 MB
    Available physical RAM: 1893.7 MB
    Total Pagefile: 7783.29 MB
    Available Pagefile: 5174.98 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:179 GB) (Free:78.94 GB) NTFS
    Drive d: () (Fixed) (Total:266.66 GB) (Free:101.52 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: BDC35F75)
    Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=179 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=266.7 GB) - (Type=OF Extended)

    ==================== End Of Log ============================
     
  9. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Number47,
    ------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Control Panel, click on Programs and Features
    Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

    Bing bar

    Take extra care in answering questions posed by any Uninstaller.

    If you don't use Skype, I would suggest removing it also.

    -----------------------------------------------------------
    REBOOT (RESTART) Your Machine
    --------------------------------------------------------
    Download and Install the newest version of Adobe Reader for reading pdf files
    There are security vulnerabilities in earlier versions of both Reader and Acrobat Pro. All versions numbered lower than 11.0.08 are vulnerable.
    Go HERE to download the Installer AdbeRdr11008_en_US.exe .
    Save the file to your desktop and run it to install the latest version of Adobe Reader.
    Always be careful to UNCHECK any offer for toolbars, helpers or other "partner" Free programs
    After the new Reader is installed, Open Adobe Reader XI, as it is called, and OK the license.
    Click on Edit and select Preferences.
    On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
    Click on the Security (Enhanced) category
    Uncheck Automatically trust sites from my Win OS security zones, and under Protected View, click on Files from potentially unsafe locations.
    Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
    Click the OK button
    When it asks if you are sure you want to make changes to Advanced Security Preferences, answer Yes.
    When it finishes, you can remove the Installer from your desktop.

    Let me know how it looks to you now.
    askey127
     
  10. number47

    number47 Thread Starter

    Joined:
    Feb 10, 2015
    Messages:
    9
    It's looking great Prof. I can't thank you enough. Can you give me some reccos for what I should have running/be running for spyware/malware in the future? AVG and MalwareBytes? Anything else?
     
  11. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    My recommendation for you would be Microsoft Security Essentials antivirus, coupled with Malwarebytes antispyware.
    The other stuff - AVG and Superantispyware, would best be uninstalled first.
    It's your call.
    AVG has its linkscanner toolbar which is a shill for ask.com hijacks and adware.
    I don't like it personally, but a lot of people do..
     
  12. number47

    number47 Thread Starter

    Joined:
    Feb 10, 2015
    Messages:
    9
    Alright, I've got AVG and SAS uninstalled and I've got Microsoft Essentials installed and updated along with Malware Bytes.

    I cant thank you enough... I really appreciate the help, Professor. Many thanks.
     
  13. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    You're most welcome.
    (Retired Engineer is closer to the truth).
    Good Luck!
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1143205

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice