Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SLOW Computer, AIM, saving files, gifs, keyboard words jumbled, not responding


  • This topic is locked This topic is locked
12 replies to this topic

#1 JassaxRae

JassaxRae

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 24 July 2014 - 01:55 PM

Problem: Not Responding / Slow / AIM freezes / Constant freeze / slow to save images and gifs / keys on keyboard mess up from time to time (Caps suddenly, words jumbled). Computer doesn't show the volume rising and falling like it used to when I press FN+arrow keys.

I have AVG, Microsoft Security Essentials, Malwarebytes, and Webroot. Nothing has picked up anything. I was thinking of system restoring as the last possible solutions.

_____________________________________________DDS PASTE.




DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.60.2
Run by de Lioncourt at 11:34:27 on 2014-07-24
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3765.913 [GMT -7:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe
C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\AIM7\aim.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AVG-Secure-Search-Update_1113a] C:\Users\de Lioncourt\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=04fbe4fc9b3347d0b9383909b49192bb-0c90018be938b6ae3d5da4121ce067fa69ee3f22 /CMPID=1113a
uRun: [Spotify] "C:\Users\de Lioncourt\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
uRun: [GoogleChromeAutoLaunch_CCD4209411BD0B171A44D4481482F399] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Spotify Web Helper] "C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Google Update] "C:\Users\de Lioncourt\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Aim] "C:\Program Files (x86)\AIM7\aim.exe" /d locale=en-US
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\DELION~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{38937926-D8D6-4182-B049-5E7D8E65AC10} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\14E6A71624160747963747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\2656C6B696E6E233035303 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\34861646779636B63456E647562753 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\4656C496F6E636F6572747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\74F6F676C6560235471627265736B637 : DHCPNameServer = 4.2.2.2 4.2.2.4
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\C41602155796E647160294E6E602620235579647563702F4E6D275966496 : DHCPNameServer = 192.168.182.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Users\de Lioncourt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\de Lioncourt\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-6-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-9-5 30496]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2014-5-13 114176]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-17 153368]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-6-17 242968]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-6-27 3241488]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-6-17 289328]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-11-4 353360]
R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-3-23 872552]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-11-4 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-11-4 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-4 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-11-4 77936]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-11-4 250984]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 ElgatoGC658Y;Elgato Game Capture;C:\Windows\System32\drivers\ElgatoGC658.sys [2012-11-12 50288]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-4-2 122584]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-7 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-7 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-7 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2014-07-24 17:02:47    75888    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1D1DC43-F147-4B38-9DC7-2BB64A6103E4}\offreg.dll
2014-07-23 22:10:51    10924376    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1D1DC43-F147-4B38-9DC7-2BB64A6103E4}\mpengine.dll
2014-07-23 19:49:58    46704    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-07-23 19:49:57    75376    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2014-07-23 19:49:57    20080    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2014-07-23 05:27:25    --------    d-----w-    C:\Users\de Lioncourt\AppData\Local\{C9B1FB12-7E90-4460-88D9-6562D2CD4804}
2014-07-22 21:40:26    1031560    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{78A6367C-3CC2-40F4-B02D-742ED709F6C9}\gapaengine.dll
2014-07-22 00:13:33    --------    d-----w-    C:\Users\de Lioncourt\AppData\Local\{3965BD22-7F79-4B61-A766-30255C7529F1}
2014-07-20 19:09:39    10924376    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-20 07:19:37    0    ----a-w-    C:\Windows\SysWow64\sho333E.tmp
2014-07-15 20:18:48    --------    d-----w-    C:\ProgramData\HitmanPro
2014-07-14 18:17:11    --------    d-----w-    C:\Users\de Lioncourt\AppData\Local\Adobe
2014-07-10 18:34:43    --------    d-----w-    C:\ProgramData\AIM
2014-07-10 18:34:37    --------    d-----w-    C:\Program Files (x86)\AIM7
2014-07-10 16:28:23    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-07-10 16:28:23    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-07-10 16:28:23    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-07-09 18:49:17    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-07 00:59:58    --------    d-----w-    C:\Program Files (x86)\VS Revo Group
2014-07-07 00:34:22    --------    d-----w-    C:\Users\de Lioncourt\AppData\Roaming\Local
.
==================== Find3M  ====================
.
2014-07-24 17:14:35    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-16 16:12:43    153256    ----a-w-    C:\Windows\SysWow64\WRusr.dll
2014-07-16 16:12:43    114176    ----a-w-    C:\Windows\System32\drivers\WRkrn.sys
2014-07-16 16:12:43    103816    ----a-w-    C:\Windows\System32\WRusr.dll
2014-07-08 19:16:34    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 19:16:34    699056    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33    519168    ----a-w-    C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-06-19 01:06:55    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38    5721088    ----a-w-    C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55    62464    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07    2040832    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27    2266112    ----a-w-    C:\Windows\System32\wininet.dll
2014-06-18 22:52:18    4254720    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59    1964544    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59    1791488    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36    3157504    ----a-w-    C:\Windows\System32\win32k.sys
2014-06-17 23:21:34    235800    ----a-w-    C:\Windows\System32\drivers\avgldx64.sys
2014-06-17 23:07:12    328984    ----a-w-    C:\Windows\System32\drivers\avgloga.sys
2014-06-17 23:06:58    269080    ----a-w-    C:\Windows\System32\drivers\avgtdia.sys
2014-06-17 23:06:24    190744    ----a-w-    C:\Windows\System32\drivers\avgidsha.sys
2014-06-17 23:06:22    242968    ----a-w-    C:\Windows\System32\drivers\avgidsdrivera.sys
2014-06-17 23:06:22    153368    ----a-w-    C:\Windows\System32\drivers\avgdiska.sys
2014-06-17 23:06:20    123672    ----a-w-    C:\Windows\System32\drivers\avgmfx64.sys
2014-06-17 23:06:06    31512    ----a-w-    C:\Windows\System32\drivers\avgrkx64.sys
2014-06-06 10:10:34    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-06-06 09:44:17    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-05-30 08:08:52    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-05-30 08:08:41    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-05-30 07:52:51    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2014-05-19 05:27:46    0    ----a-w-    C:\Windows\SysWow64\shoF18E.tmp
2014-05-14 04:08:23    10395072    ----a-w-    C:\Program Files (x86)\Common Files\wruninstall.exe
2014-05-12 14:26:10    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-05-12 14:26:00    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 14:25:56    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-05-08 09:32:11    3178496    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11    16384    ----a-w-    C:\Windows\System32\RdpGroupPolicyExtension.dll
.
============= FINISH: 11:53:27.50 ===============


 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:39 AM

Posted 29 July 2014 - 02:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/542116 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 JassaxRae

JassaxRae
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 29 July 2014 - 09:25 PM

Problem: Not Responding / Slow / AIM freezes / Constant freeze / slow to save images and gifs / keys on keyboard mess up from time to time (Caps suddenly, words jumbled). Computer doesn't show the volume rising and falling like it used to when I press FN+arrow keys, windows and tabs also freeze but I can still click around Favorites or File, Edit, View.

I have AVG, Microsoft Security Essentials, Malwarebytes, and Webroot. Nothing has picked up anything. I was thinking of system restoring as the last possible solutions.

_____________________________________________DDS PASTE.




DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.60.2
Run by de Lioncourt at 11:34:27 on 2014-07-24
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3765.913 [GMT -7:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe
C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\AIM7\aim.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AVG-Secure-Search-Update_1113a] C:\Users\de Lioncourt\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=04fbe4fc9b3347d0b9383909b49192bb-0c90018be938b6ae3d5da4121ce067fa69ee3f22 /CMPID=1113a
uRun: [Spotify] "C:\Users\de Lioncourt\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
uRun: [GoogleChromeAutoLaunch_CCD4209411BD0B171A44D4481482F399] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Spotify Web Helper] "C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Google Update] "C:\Users\de Lioncourt\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Aim] "C:\Program Files (x86)\AIM7\aim.exe" /d locale=en-US
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\DELION~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{38937926-D8D6-4182-B049-5E7D8E65AC10} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\14E6A71624160747963747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\2656C6B696E6E233035303 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\34861646779636B63456E647562753 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\4656C496F6E636F6572747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\74F6F676C6560235471627265736B637 : DHCPNameServer = 4.2.2.2 4.2.2.4
TCP: Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}\C41602155796E647160294E6E602620235579647563702F4E6D275966496 : DHCPNameServer = 192.168.182.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Users\de Lioncourt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\de Lioncourt\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-6-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-9-5 30496]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2014-5-13 114176]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-17 153368]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-6-17 242968]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-6-27 3241488]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-6-17 289328]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-11-4 353360]
R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-3-23 872552]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-11-4 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-11-4 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-4 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-11-4 77936]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-11-4 250984]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 ElgatoGC658Y;Elgato Game Capture;C:\Windows\System32\drivers\ElgatoGC658.sys [2012-11-12 50288]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-4-2 122584]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-7 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-7 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-7 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2014-07-24 17:02:47    75888    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1D1DC43-F147-4B38-9DC7-2BB64A6103E4}\offreg.dll
2014-07-23 22:10:51    10924376    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1D1DC43-F147-4B38-9DC7-2BB64A6103E4}\mpengine.dll
2014-07-23 19:49:58    46704    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-07-23 19:49:57    75376    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2014-07-23 19:49:57    20080    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2014-07-23 05:27:25    --------    d-----w-    C:\Users\de Lioncourt\AppData\Local\{C9B1FB12-7E90-4460-88D9-6562D2CD4804}
2014-07-22 21:40:26    1031560    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{78A6367C-3CC2-40F4-B02D-742ED709F6C9}\gapaengine.dll
2014-07-22 00:13:33    --------    d-----w-    C:\Users\de Lioncourt\AppData\Local\{3965BD22-7F79-4B61-A766-30255C7529F1}
2014-07-20 19:09:39    10924376    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-20 07:19:37    0    ----a-w-    C:\Windows\SysWow64\sho333E.tmp
2014-07-15 20:18:48    --------    d-----w-    C:\ProgramData\HitmanPro
2014-07-14 18:17:11    --------    d-----w-    C:\Users\de Lioncourt\AppData\Local\Adobe
2014-07-10 18:34:43    --------    d-----w-    C:\ProgramData\AIM
2014-07-10 18:34:37    --------    d-----w-    C:\Program Files (x86)\AIM7
2014-07-10 16:28:23    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-07-10 16:28:23    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-07-10 16:28:23    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-07-09 18:49:17    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-07 00:59:58    --------    d-----w-    C:\Program Files (x86)\VS Revo Group
2014-07-07 00:34:22    --------    d-----w-    C:\Users\de Lioncourt\AppData\Roaming\Local
.
==================== Find3M  ====================
.
2014-07-24 17:14:35    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-16 16:12:43    153256    ----a-w-    C:\Windows\SysWow64\WRusr.dll
2014-07-16 16:12:43    114176    ----a-w-    C:\Windows\System32\drivers\WRkrn.sys
2014-07-16 16:12:43    103816    ----a-w-    C:\Windows\System32\WRusr.dll
2014-07-08 19:16:34    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 19:16:34    699056    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33    519168    ----a-w-    C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-06-19 01:06:55    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38    5721088    ----a-w-    C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55    62464    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07    2040832    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27    2266112    ----a-w-    C:\Windows\System32\wininet.dll
2014-06-18 22:52:18    4254720    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59    1964544    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59    1791488    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36    3157504    ----a-w-    C:\Windows\System32\win32k.sys
2014-06-17 23:21:34    235800    ----a-w-    C:\Windows\System32\drivers\avgldx64.sys
2014-06-17 23:07:12    328984    ----a-w-    C:\Windows\System32\drivers\avgloga.sys
2014-06-17 23:06:58    269080    ----a-w-    C:\Windows\System32\drivers\avgtdia.sys
2014-06-17 23:06:24    190744    ----a-w-    C:\Windows\System32\drivers\avgidsha.sys
2014-06-17 23:06:22    242968    ----a-w-    C:\Windows\System32\drivers\avgidsdrivera.sys
2014-06-17 23:06:22    153368    ----a-w-    C:\Windows\System32\drivers\avgdiska.sys
2014-06-17 23:06:20    123672    ----a-w-    C:\Windows\System32\drivers\avgmfx64.sys
2014-06-17 23:06:06    31512    ----a-w-    C:\Windows\System32\drivers\avgrkx64.sys
2014-06-06 10:10:34    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-06-06 09:44:17    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-05-30 08:08:52    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-05-30 08:08:41    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-05-30 07:52:51    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2014-05-19 05:27:46    0    ----a-w-    C:\Windows\SysWow64\shoF18E.tmp
2014-05-14 04:08:23    10395072    ----a-w-    C:\Program Files (x86)\Common Files\wruninstall.exe
2014-05-12 14:26:10    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-05-12 14:26:00    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 14:25:56    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-05-08 09:32:11    3178496    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11    16384    ----a-w-    C:\Windows\System32\RdpGroupPolicyExtension.dll
.
============= FINISH: 11:53:27.50 ===============

Attached Files



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:39 PM

Posted 30 July 2014 - 10:58 AM

Hello 

JassaxRae

,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

1.

I do not recommend that you have more than one anti virus product installed and running on your computer at a time.  The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms".  It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove 2 of these AVG or WebrootorMicrosoft Security Essentials

 

2.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

3.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:39 PM

Posted 01 August 2014 - 07:26 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#6 JassaxRae

JassaxRae
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 03 August 2014 - 07:37 PM

____________________________________ADWCLEANER

# AdwCleaner v3.302 - Report created 03/08/2014 at 17:28:30
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : de Lioncourt - DELIONCOURT-PC
# Running from : C:\Users\de Lioncourt\Downloads\adwcleaner_3.302.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [6919 octets] - [13/05/2014 17:04:25]
AdwCleaner[R1].txt - [4870 octets] - [26/05/2014 16:52:08]
AdwCleaner[R2].txt - [1344 octets] - [03/08/2014 17:26:14]
AdwCleaner[R3].txt - [1404 octets] - [03/08/2014 17:27:39]
AdwCleaner[S0].txt - [6810 octets] - [13/05/2014 17:08:58]
AdwCleaner[S1].txt - [5196 octets] - [26/05/2014 16:54:43]
AdwCleaner[S2].txt - [1473 octets] - [03/08/2014 17:28:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1533 octets] ##########








___________________________________________ADDITION

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by de Lioncourt at 2014-08-03 17:13:32
Running from C:\Users\de Lioncourt\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
AIM for Windows (HKCU\...\AIM) (Version:  - AOL Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3705 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{4838134A-8CFF-4D5B-B3C1-C110DA8DF61B}) (Version: 1.37.0 - Kovid Goyal)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Elgato Game Capture HD (HKLM-x32\...\{6BDD4237-E546-4CBB-91AA-292552B11CCE}) (Version: 1.42.23.538 - Elgato Systems GmbH)
EPSON WF-2540 Series Printer Uninstall (HKLM\...\EPSON WF-2540 Series) (Version:  - SEIKO EPSON Corporation)
F300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Free Studio version 5.5.0 (HKLM-x32\...\Free Studio_is1) (Version: 5.5.0 - DVDVideoSoft Ltd.)
Free YouTube to iPod Converter version 3.11.20.1230 (HKLM-x32\...\Free YouTube to iPod Converter_is1) (Version: 3.11.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Control Panel 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
PhotoFiltre (HKCU\...\PhotoFiltre) (Version:  - )
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SanDiskSecureAccess_Manager.exe (HKCU\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.17.5 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.4.104 - Webroot)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XSplit Broadcaster (HKLM-x32\...\{3A1F3A32-7E9D-4AD2-A2E2-DFC98BAA9DC7}) (Version: 1.3.1403.1202 - SplitMediaLabs)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3260092018-1127864189-4130437287-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

24-07-2014 04:57:54 Windows Update
26-07-2014 16:44:12 Installed iTunes
27-07-2014 18:50:11 Windows Update
31-07-2014 05:48:02 Windows Update
31-07-2014 15:22:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00EF8619-8DBE-4EE8-ACD2-9D0C9ACD2326} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-07] (Google Inc.)
Task: {0418369E-26CA-4634-8724-53D5D53967A4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {084BF774-1988-467D-ABDD-22D8B5644B21} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2012-05-24] (RealNetworks, Inc.)
Task: {0D3BD97D-105B-4FEF-A285-4BBE34BFBC29} - System32\Tasks\{7378DB39-76B3-4FEB-ADE6-D88DF8F3F1BF} => C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe [2014-02-04] (AOL Inc.)
Task: {0FA14265-B06E-4A38-A276-DA2FDB6F2138} - System32\Tasks\{A0C01087-5DC6-43E6-BC73-13049C7350E0} => C:\Users\de Lioncourt\Downloads\msert(1).exe
Task: {2198B52C-9B76-496E-866D-8210BADC97BB} - System32\Tasks\{4D35B34B-4DE4-48C2-95DB-71E0B46D4006} => C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe [2014-02-04] (AOL Inc.)
Task: {22793309-02DF-4333-BD26-796A37553016} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {2711E0F6-5E0C-4E8D-9A33-7CC7F3418150} - System32\Tasks\{732FA096-E077-48D0-84E2-B5542A30BA91} => C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe [2014-02-04] (AOL Inc.)
Task: {2E531754-3A20-49E7-95E9-92CB6B57854C} - System32\Tasks\{FB8B1D24-D41E-4C2A-AD33-6AE9B25024B2} => C:\Users\de Lioncourt\Downloads\msert(1).exe
Task: {30892602-9432-4A97-B842-B4803E8EA731} - System32\Tasks\{D7A9D583-7E28-4553-9D61-990765373FC7} => C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe [2014-02-04] (AOL Inc.)
Task: {33A9CDDE-CF2B-41F5-AAAE-7777E30EB769} - System32\Tasks\{13B6DACE-FB6A-4022-AB70-92F0D6B30590} => Firefox.exe
Task: {3BACA1DF-E410-432C-8B68-6BD6773CE9F3} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {4648D4FD-EFC8-4D7E-888F-65E195F5A64D} - System32\Tasks\{50AD811E-F503-4BE9-91AE-55D4530DA8B0} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-07-08] (Apple Inc.)
Task: {4EE13E4C-76B6-496A-81BF-F2CDD7B41213} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3260092018-1127864189-4130437287-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {56EAC477-3611-4A3A-8D71-AB51D6C21E1D} - System32\Tasks\{C85C974B-26EB-41AC-95DC-0A3BC7D19560} => Firefox.exe
Task: {57FD8CED-F542-4188-A50F-D7D5DF869068} - System32\Tasks\{92E8F58C-4F3F-4D5A-84CA-A2340E38D0EC} => Firefox.exe
Task: {5F98ED09-FC99-4398-AEAB-8D6448DAAF91} - System32\Tasks\{27D80DF3-4B8A-4B32-87B8-DB44BA554DA2} => C:\Users\de Lioncourt\Downloads\msert(1).exe
Task: {5FDA9A3B-DD9C-4CBF-BD0A-1C75E3C39611} - System32\Tasks\{74D5ED8B-4495-4B0A-B400-2F2051FA6C8F} => C:\Users\de Lioncourt\Downloads\msert(1).exe
Task: {60A09C01-F0F9-4CF2-953F-55455A1A3B58} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {7273C6B7-9CBF-43F5-ACF9-095150B5E40D} - System32\Tasks\{BAFE429E-E99F-476D-B218-FDD18C72C173} => C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe [2014-02-04] (AOL Inc.)
Task: {746FF567-3849-4612-B2AE-7B79F1F2B4FA} - System32\Tasks\{3F52809F-A593-4091-99D8-6D92713C0EBF} => Firefox.exe
Task: {77E78092-08F7-4CEB-99A4-E6054F725502} - System32\Tasks\{CF9027ED-F5F4-4F10-B6A3-5E5C2B83D55E} => C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe [2014-02-04] (AOL Inc.)
Task: {87028D5A-94CE-42B2-9726-755700884AD1} - System32\Tasks\{425E4CB8-07D1-4BE6-A365-12C2710652A3} => Firefox.exe
Task: {896C8027-8C50-4B28-98EF-55DA6169FD5F} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {9CC6993D-A0BF-4954-AA79-CBC42A60F3C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {A05CEE9B-5C63-4F13-B671-9D840D13CFAB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A6318D56-C720-4E65-818C-53712FD6C796} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {AA76367C-1D5C-453A-9419-45A845F63AF8} - System32\Tasks\{9322407D-C6A3-40D6-B0D3-936C35D09F3D} => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
Task: {B1FE331F-585D-4BC0-BFDD-E7593582ABA6} - System32\Tasks\Google Updater and Installer => C:\Users\de Lioncourt\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-07] (Google Inc.)
Task: {C05E8A7A-E534-4A00-BE4E-C2E16B22F46A} - System32\Tasks\{C8625FFA-DB50-4B41-951A-972838752EFB} => Firefox.exe
Task: {CF378FE5-1059-4C74-8753-4F0437F33946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-07] (Google Inc.)
Task: {D7FB2A18-6CDD-4C64-A5CF-007B8F64C27D} - System32\Tasks\{CF2A2EB9-5DA9-43CD-8A56-667CB00D51D7} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {E6132245-F26E-487C-ABCD-E345FCD473DD} - System32\Tasks\{31438F2B-58A3-4769-B450-5AE2652D5C22} => Firefox.exe
Task: {E6965E86-CE06-4E43-96DC-66B827E72CE6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3260092018-1127864189-4130437287-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {EB5D373C-8BA7-4292-88BA-833A5C46DB5A} - System32\Tasks\{D8A769AD-5235-41A5-81EA-992A8244F8E8} => C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe [2014-02-04] (AOL Inc.)
Task: {EF784EE2-DE7B-40DF-B58D-CC85DF2A7CA9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3260092018-1127864189-4130437287-1001Core => C:\Users\de Lioncourt\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-07] (Google Inc.)
Task: {F10561F8-E6F2-48FD-96EE-293679092C6B} - System32\Tasks\{914F7F19-160D-43D7-AC62-EB1CB4EAAFB9} => Firefox.exe
Task: {F475AED8-D0C6-4000-A90B-A482B9BBB739} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3260092018-1127864189-4130437287-1001UA => C:\Users\de Lioncourt\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-07] (Google Inc.)
Task: {F9B39E72-DA3E-4658-A5BA-2E7FD453F18B} - System32\Tasks\{DFB16661-7819-404E-822A-5FA7963D1D43} => Firefox.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3260092018-1127864189-4130437287-1001Core.job => C:\Users\de Lioncourt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3260092018-1127864189-4130437287-1001UA.job => C:\Users\de Lioncourt\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-23 22:39 - 2013-08-29 15:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-11-04 15:20 - 2011-08-08 16:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-10 19:41 - 2014-07-09 15:07 - 00601144 _____ () C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-23 18:29 - 2011-04-23 18:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-23 18:29 - 2011-04-23 18:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-23 18:29 - 2011-04-23 18:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-07-16 14:32 - 2014-07-15 02:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-16 14:32 - 2014-07-15 02:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-08-03 08:15 - 2014-08-03 08:15 - 00043008 _____ () c:\Users\de Lioncourt\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpykzgjp.dll
2013-10-18 16:55 - 2013-10-18 16:55 - 25100288 _____ () C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-16 14:32 - 2014-07-15 02:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-16 14:32 - 2014-07-15 02:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-16 14:32 - 2014-07-15 02:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-02-04 14:47 - 2014-02-04 14:47 - 23782856 _____ () C:\Users\de Lioncourt\AppData\Local\AOL\AIM\libcef.dll
2014-02-04 12:33 - 2014-02-04 12:33 - 16233864 _____ () C:\Users\de Lioncourt\AppData\Local\AOL\AIM\npswf32.dll
2014-07-23 12:50 - 2014-07-23 12:50 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2012-09-14 17:15 - 2014-03-20 18:37 - 00136248 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.Resources.dll
2014-01-16 16:24 - 2014-03-27 20:29 - 00113320 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-01-16 16:23 - 2014-03-27 20:29 - 00040616 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\jansson.dll
2014-01-16 16:24 - 2014-03-27 20:29 - 00086184 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_thread-vc100-mt-1_53.dll
2014-01-16 16:24 - 2014-03-27 20:29 - 00021160 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc100-mt-1_53.dll
2014-01-16 16:24 - 2014-03-27 20:29 - 00106664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc100-mt-1_53.dll
2014-01-16 16:24 - 2014-03-27 20:29 - 05212328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avformat-55.dll
2014-01-16 16:24 - 2014-03-27 20:29 - 15907496 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avcodec-55.dll
2014-01-16 16:24 - 2014-03-27 20:29 - 00409768 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avutil-52.dll
2014-02-10 19:41 - 2014-07-09 15:07 - 36966968 _____ () C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-09 15:07 - 2014-07-09 15:07 - 00867896 _____ () C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-02-10 19:41 - 2014-07-09 15:07 - 00886840 _____ () C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-02-10 19:41 - 2014-07-09 15:07 - 00108600 _____ () C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^de Lioncourt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/03/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8569790

Error: (08/03/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8569790

Error: (08/03/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/03/2014 01:43:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8568745

Error: (08/03/2014 01:43:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8568745

Error: (08/03/2014 01:43:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/03/2014 01:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8567700

Error: (08/03/2014 01:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8567700

Error: (08/03/2014 01:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/03/2014 11:20:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16256


System errors:
=============
Error: (08/03/2014 08:14:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/03/2014 00:35:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/02/2014 06:07:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP Network Devices Support service hung on starting.

Error: (08/02/2014 06:05:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/02/2014 10:44:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/02/2014 10:42:58 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:41:20 AM on ‎8/‎2/‎2014 was unexpected.

Error: (08/02/2014 09:09:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/02/2014 01:14:36 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (08/01/2014 10:10:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/01/2014 07:02:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (08/03/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8569790

Error: (08/03/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8569790

Error: (08/03/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/03/2014 01:43:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8568745

Error: (08/03/2014 01:43:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8568745

Error: (08/03/2014 01:43:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/03/2014 01:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8567700

Error: (08/03/2014 01:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8567700

Error: (08/03/2014 01:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/03/2014 11:20:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16256


CodeIntegrity Errors:
===================================
  Date: 2013-11-07 21:58:04.035
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-11-07 21:58:03.896
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 77%
Total physical RAM: 3764.86 MB
Available physical RAM: 860.88 MB
Total Pagefile: 7527.9 MB
Available Pagefile: 3744.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:452.16 GB) (Free:329 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6E201789)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

 

 

 

 

 

 

_____________________________________________FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by de Lioncourt (administrator) on DELIONCOURT-PC on 03-08-2014 17:12:14
Running from C:\Users\de Lioncourt\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AOL Inc.) C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(DVDVideoSoft Ltd.) C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
(Spotify Ltd) C:\Users\de Lioncourt\AppData\Roaming\Spotify\spotify.exe
() C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-27] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-08] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [764536 2014-07-16] (Webroot)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\.DEFAULT\...\Policies\system: [DisableCMD] 0
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\de Lioncourt\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=04fbe4fc9b3347d0b9383909b49192bb-0c90018be938b6ae3d5da4121ce067fa69ee3f22 /CMPID=1113a
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Run: [Spotify] => C:\Users\de Lioncourt\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Run: [GoogleChromeAutoLaunch_CCD4209411BD0B171A44D4481482F399] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Run: [Spotify Web Helper] => C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Run: [Google Update] => C:\Users\de Lioncourt\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-07] (Google Inc.)
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Run: [Aim] => C:\Program Files (x86)\AIM7\aim.exe [4321112 2011-05-03] (AOL Inc.)
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3260092018-1127864189-4130437287-1001\...\MountPoints2: {e3b56a8f-a530-11e1-985c-e840f2757b48} - H:\TLBootstrap_WPP.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\Users\de Lioncourt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: _WrSyncExcl -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: _WrSyncGreen -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: _WrSyncRed -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: _WrSyncYellow -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\de Lioncourt\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {87F492DF-4C17-4368-A109-6EE22A769D8B} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=586383&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\de Lioncourt\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\de Lioncourt\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: WOT - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-06-21]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525\Extensions\adblockpopups@jessehakanen.net.xpi [2014-06-22]
FF Extension: Strict Pop-up Blocker - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2014-06-23]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2014-06-23]
FF Extension: Adblock Plus - C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\ct0qct6w.default-1403364639525\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-23]
FF Extension: WordOv - C:\Program Files (x86)\Mozilla Firefox\extensions\jzkenlkaloil@kctewplunsmgzuca.org [2014-07-23]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-05-31]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-05-13]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (WOT) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-04-25]
CHR Extension: (Adblock Plus) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-25]
CHR Extension: (AdBlock) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-25]
CHR Extension: (Hola Better Internet) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-04-25]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-10-07]
CHR Extension: (Hangouts call) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbpgddbgniojgndnhlkjbkpknjhppkbk [2014-04-25]
CHR Extension: (Webroot Filtering Extension) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-05-14]
CHR Extension: (Google Wallet) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-10-07]
CHR Extension: (Webroot Password Manager) - C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-05-14]
CHR HKCU\...\Chrome\Extension: [mpccbbicmjaochhofhmkdcbiflgpmoae] - C:\Users\de Lioncourt\AppData\Local\CRE\mpccbbicmjaochhofhmkdcbiflgpmoae.crx [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-24]
CHR HKLM-x32\...\Chrome\Extension: [jmfmbeipcnbmgifkjkhppnjiffmpmpga] - C:\ProgramData\WeCareReminder\\wecarereminderro.crx [2012-05-24]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [mpccbbicmjaochhofhmkdcbiflgpmoae] - C:\Users\de Lioncourt\AppData\Local\CRE\mpccbbicmjaochhofhmkdcbiflgpmoae.crx [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-05-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [764536 2014-07-16] (Webroot)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2014-07-16] (Webroot)
U0 SR;
U2 srservice;

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 17:12 - 2014-08-03 17:12 - 00039645 _____ () C:\Users\de Lioncourt\Downloads\FRST.txt
2014-08-03 17:12 - 2014-08-03 17:12 - 00000000 ____D () C:\FRST
2014-08-03 17:11 - 2014-08-03 17:11 - 02094080 _____ (Farbar) C:\Users\de Lioncourt\Downloads\FRST64.exe
2014-07-31 08:24 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 08:24 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 08:24 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-31 08:24 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 08:24 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 08:24 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 08:24 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-07-31 08:24 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 08:24 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 08:24 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-31 08:23 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 08:23 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-31 08:23 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-31 08:23 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-26 09:52 - 2014-07-26 09:52 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-26 09:52 - 2014-07-26 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-26 09:50 - 2014-07-26 09:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-26 09:50 - 2014-07-26 09:52 - 00000000 ____D () C:\Program Files\iTunes
2014-07-26 09:50 - 2014-07-26 09:52 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-26 09:50 - 2014-07-26 09:50 - 00000000 ____D () C:\Program Files\iPod
2014-07-26 09:36 - 2014-07-26 09:36 - 113509200 _____ (Apple Inc.) C:\Users\de Lioncourt\Downloads\iTunes64Setup(2).exe
2014-07-24 11:54 - 2014-07-24 11:54 - 00028375 _____ () C:\Users\de Lioncourt\Documents\DDS for comp.txt
2014-07-24 11:54 - 2014-07-24 11:54 - 00004979 _____ () C:\Users\de Lioncourt\Documents\ATTACH for comp.txt
2014-07-24 11:53 - 2014-07-24 11:53 - 00028375 _____ () C:\Users\de Lioncourt\Desktop\dds.txt
2014-07-24 11:53 - 2014-07-24 11:53 - 00004979 _____ () C:\Users\de Lioncourt\Desktop\attach.txt
2014-07-24 11:33 - 2014-07-24 11:33 - 00688992 ____R (Swearware) C:\Users\de Lioncourt\Downloads\dds.com
2014-07-24 11:01 - 2014-07-24 11:01 - 01354223 _____ () C:\Users\de Lioncourt\Downloads\adwcleaner_3.216.exe
2014-07-23 12:49 - 2014-07-23 12:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 22:27 - 2014-07-22 22:27 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Local\{C9B1FB12-7E90-4460-88D9-6562D2CD4804}
2014-07-21 17:23 - 2014-07-21 17:23 - 00291276 _____ () C:\Users\de Lioncourt\Downloads\Ta Da-SoundBible.com-1884170640.wav
2014-07-21 17:13 - 2014-07-21 17:13 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Local\{3965BD22-7F79-4B61-A766-30255C7529F1}
2014-07-20 17:15 - 2014-07-20 17:15 - 00002992 _____ () C:\Windows\System32\Tasks\{13B6DACE-FB6A-4022-AB70-92F0D6B30590}
2014-07-20 17:13 - 2014-07-20 17:13 - 00002992 _____ () C:\Windows\System32\Tasks\{914F7F19-160D-43D7-AC62-EB1CB4EAAFB9}
2014-07-20 17:03 - 2014-07-20 17:03 - 00002992 _____ () C:\Windows\System32\Tasks\{C85C974B-26EB-41AC-95DC-0A3BC7D19560}
2014-07-20 00:19 - 2014-07-20 00:19 - 00000000 _____ () C:\Windows\SysWOW64\sho333E.tmp
2014-07-15 13:18 - 2014-07-15 14:09 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-15 13:16 - 2014-07-15 13:18 - 11185664 _____ (SurfRight B.V.) C:\Users\de Lioncourt\Downloads\HitmanPro_x64.exe
2014-07-14 11:17 - 2014-07-14 11:17 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Local\Adobe
2014-07-11 17:14 - 2014-07-20 21:27 - 00000000 ____D () C:\Users\de Lioncourt\Documents\AIMLogger
2014-07-10 11:34 - 2014-07-10 11:35 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Roaming\acccore
2014-07-10 11:34 - 2014-07-10 11:34 - 00001890 _____ () C:\Users\Public\Desktop\AIM.lnk
2014-07-10 11:34 - 2014-07-10 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
2014-07-10 11:34 - 2014-07-10 11:34 - 00000000 ____D () C:\ProgramData\AIM
2014-07-10 11:34 - 2014-07-10 11:34 - 00000000 ____D () C:\Program Files (x86)\AIM7
2014-07-10 09:28 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 09:28 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 09:28 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 12:10 - 2014-06-29 19:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 12:10 - 2014-06-29 19:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 12:10 - 2014-06-20 13:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 12:10 - 2014-06-20 12:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 12:10 - 2014-06-18 18:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 12:10 - 2014-06-18 18:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 12:10 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 12:10 - 2014-06-18 17:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 12:10 - 2014-06-18 17:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 12:10 - 2014-06-18 17:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 12:10 - 2014-06-18 17:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 12:10 - 2014-06-18 17:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 12:10 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 12:10 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 12:10 - 2014-06-18 16:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 12:10 - 2014-06-18 16:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 12:10 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 12:10 - 2014-06-18 16:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 12:10 - 2014-06-18 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 12:10 - 2014-06-18 16:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 12:10 - 2014-06-18 16:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 12:10 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 12:10 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 12:10 - 2014-06-18 16:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 12:10 - 2014-06-18 16:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 12:10 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 12:10 - 2014-06-18 16:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 12:10 - 2014-06-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 12:10 - 2014-06-18 16:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 12:10 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 12:10 - 2014-06-18 16:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 12:10 - 2014-06-18 16:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 12:10 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 12:10 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 12:10 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 12:10 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 12:10 - 2014-06-18 15:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 12:10 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 12:10 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 12:10 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 12:10 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 12:10 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 12:10 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 12:10 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 12:10 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 12:10 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 12:10 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 12:10 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 12:10 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 12:10 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 12:10 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 12:10 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 12:10 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 12:10 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 12:10 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 12:10 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 12:10 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 12:10 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 12:10 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 12:10 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 12:10 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 12:10 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 12:10 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 12:09 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 12:09 - 2014-06-18 17:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 12:09 - 2014-06-18 17:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 12:09 - 2014-06-18 17:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 12:09 - 2014-06-18 17:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 12:09 - 2014-06-18 17:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 12:09 - 2014-06-18 17:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 12:09 - 2014-06-18 16:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 12:09 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 12:09 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 12:09 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 12:09 - 2014-06-18 16:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 12:09 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 12:09 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 12:09 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 11:49 - 2014-07-09 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-09 11:49 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-09 11:49 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-09 11:49 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-09 11:49 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-09 11:46 - 2014-07-09 11:49 - 00005499 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-08 15:02 - 2014-07-08 15:02 - 00918952 _____ (Oracle Corporation) C:\Users\de Lioncourt\Downloads\jxpiinstall(2).exe
2014-07-06 17:59 - 2014-07-06 22:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-06 17:43 - 2014-07-06 17:43 - 00000000 ____D () C:\ProgramData\McAfee

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 17:12 - 2014-08-03 17:12 - 00039645 _____ () C:\Users\de Lioncourt\Downloads\FRST.txt
2014-08-03 17:12 - 2014-08-03 17:12 - 00000000 ____D () C:\FRST
2014-08-03 17:12 - 2014-05-13 18:03 - 00000000 ____D () C:\ProgramData\WRData
2014-08-03 17:11 - 2014-08-03 17:11 - 02094080 _____ (Farbar) C:\Users\de Lioncourt\Downloads\FRST64.exe
2014-08-03 17:11 - 2014-02-10 19:40 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Roaming\Spotify
2014-08-03 17:10 - 2013-09-30 13:38 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-08-03 17:01 - 2013-10-07 16:29 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3260092018-1127864189-4130437287-1001UA.job
2014-08-03 16:28 - 2013-10-07 16:23 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-03 16:16 - 2012-05-23 15:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-03 16:01 - 2013-10-07 16:29 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3260092018-1127864189-4130437287-1001Core.job
2014-08-03 13:44 - 2012-03-23 22:38 - 01718707 _____ () C:\Windows\WindowsUpdate.log
2014-08-03 08:22 - 2009-07-13 21:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-03 08:22 - 2009-07-13 21:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-03 08:16 - 2012-06-06 08:17 - 00000000 ___RD () C:\Users\de Lioncourt\Dropbox
2014-08-03 08:16 - 2012-06-06 08:10 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Roaming\Dropbox
2014-08-03 08:14 - 2013-09-19 20:04 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Local\AIM
2014-08-03 08:13 - 2013-10-07 16:23 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-03 08:13 - 2012-05-23 15:13 - 00000000 ____D () C:\ProgramData\clear.fi
2014-08-03 08:12 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-03 08:12 - 2009-07-13 21:51 - 00151812 _____ () C:\Windows\setupact.log
2014-07-29 21:29 - 2012-06-25 16:14 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Roaming\Skype
2014-07-29 09:35 - 2014-02-10 19:41 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Local\Spotify
2014-07-28 18:15 - 2012-05-23 16:39 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-26 13:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-07-26 09:52 - 2014-07-26 09:52 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-26 09:52 - 2014-07-26 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-26 09:52 - 2014-07-26 09:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-26 09:52 - 2014-07-26 09:50 - 00000000 ____D () C:\Program Files\iTunes
2014-07-26 09:52 - 2014-07-26 09:50 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-26 09:50 - 2014-07-26 09:50 - 00000000 ____D () C:\Program Files\iPod
2014-07-26 09:36 - 2014-07-26 09:36 - 113509200 _____ (Apple Inc.) C:\Users\de Lioncourt\Downloads\iTunes64Setup(2).exe
2014-07-24 16:36 - 2014-04-02 20:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-24 11:54 - 2014-07-24 11:54 - 00028375 _____ () C:\Users\de Lioncourt\Documents\DDS for comp.txt
2014-07-24 11:54 - 2014-07-24 11:54 - 00004979 _____ () C:\Users\de Lioncourt\Documents\ATTACH for comp.txt
2014-07-24 11:53 - 2014-07-24 11:53 - 00028375 _____ () C:\Users\de Lioncourt\Desktop\dds.txt
2014-07-24 11:53 - 2014-07-24 11:53 - 00004979 _____ () C:\Users\de Lioncourt\Desktop\attach.txt
2014-07-24 11:33 - 2014-07-24 11:33 - 00688992 ____R (Swearware) C:\Users\de Lioncourt\Downloads\dds.com
2014-07-24 11:11 - 2012-05-23 15:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-24 11:11 - 2010-11-20 20:47 - 00284026 _____ () C:\Windows\PFRO.log
2014-07-24 11:09 - 2014-05-13 17:04 - 00000000 ____D () C:\AdwCleaner
2014-07-24 11:01 - 2014-07-24 11:01 - 01354223 _____ () C:\Users\de Lioncourt\Downloads\adwcleaner_3.216.exe
2014-07-24 09:18 - 2012-06-06 08:15 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-24 09:16 - 2014-05-10 12:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-07-24 09:12 - 2013-03-15 08:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 09:12 - 2013-03-15 08:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-23 22:01 - 2013-03-15 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 12:50 - 2014-07-23 12:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 22:27 - 2014-07-22 22:27 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Local\{C9B1FB12-7E90-4460-88D9-6562D2CD4804}
2014-07-21 17:23 - 2014-07-21 17:23 - 00291276 _____ () C:\Users\de Lioncourt\Downloads\Ta Da-SoundBible.com-1884170640.wav
2014-07-21 17:13 - 2014-07-21 17:13 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Local\{3965BD22-7F79-4B61-A766-30255C7529F1}
2014-07-21 16:06 - 2012-08-07 19:31 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Roaming\Audacity
2014-07-20 21:27 - 2014-07-11 17:14 - 00000000 ____D () C:\Users\de Lioncourt\Documents\AIMLogger
2014-07-20 17:15 - 2014-07-20 17:15 - 00002992 _____ () C:\Windows\System32\Tasks\{13B6DACE-FB6A-4022-AB70-92F0D6B30590}
2014-07-20 17:13 - 2014-07-20 17:13 - 00002992 _____ () C:\Windows\System32\Tasks\{914F7F19-160D-43D7-AC62-EB1CB4EAAFB9}
2014-07-20 17:03 - 2014-07-20 17:03 - 00002992 _____ () C:\Windows\System32\Tasks\{C85C974B-26EB-41AC-95DC-0A3BC7D19560}
2014-07-20 00:19 - 2014-07-20 00:19 - 00000000 _____ () C:\Windows\SysWOW64\sho333E.tmp
2014-07-18 23:45 - 2014-02-10 19:46 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Roaming\BitTorrent
2014-07-18 16:42 - 2012-05-23 19:06 - 00000000 ____D () C:\Users\de Lioncourt\Documents\-Book-
2014-07-16 14:32 - 2013-10-07 16:24 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 09:12 - 2014-05-13 18:03 - 00153256 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-07-16 09:12 - 2014-05-13 18:03 - 00114176 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-07-16 09:12 - 2014-05-13 18:03 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-07-15 14:09 - 2014-07-15 13:18 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-15 13:18 - 2014-07-15 13:16 - 11185664 _____ (SurfRight B.V.) C:\Users\de Lioncourt\Downloads\HitmanPro_x64.exe
2014-07-14 11:17 - 2014-07-14 11:17 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Local\Adobe
2014-07-10 21:07 - 2012-07-13 16:41 - 00000193 _____ () C:\Windows\WORDPAD.INI
2014-07-10 11:35 - 2014-07-10 11:34 - 00000000 ____D () C:\Users\de Lioncourt\AppData\Roaming\acccore
2014-07-10 11:34 - 2014-07-10 11:34 - 00001890 _____ () C:\Users\Public\Desktop\AIM.lnk
2014-07-10 11:34 - 2014-07-10 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
2014-07-10 11:34 - 2014-07-10 11:34 - 00000000 ____D () C:\ProgramData\AIM
2014-07-10 11:34 - 2014-07-10 11:34 - 00000000 ____D () C:\Program Files (x86)\AIM7
2014-07-10 11:34 - 2014-05-13 17:57 - 00001121 _____ () C:\IPH.PH
2014-07-10 09:08 - 2009-07-13 21:45 - 00359440 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 09:06 - 2014-05-06 10:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 09:06 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 09:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 09:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 22:57 - 2013-07-14 18:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 22:55 - 2012-05-24 18:39 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 11:50 - 2013-11-07 18:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-09 11:49 - 2014-07-09 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-09 11:49 - 2014-07-09 11:46 - 00005499 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-09 11:49 - 2013-05-16 16:43 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-08 15:02 - 2014-07-08 15:02 - 00918952 _____ (Oracle Corporation) C:\Users\de Lioncourt\Downloads\jxpiinstall(2).exe
2014-07-08 12:16 - 2012-05-23 15:52 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 12:16 - 2012-05-23 15:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 12:16 - 2011-11-04 15:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-06 22:42 - 2014-07-06 17:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-06 17:43 - 2014-07-06 17:43 - 00000000 ____D () C:\ProgramData\McAfee

Files to move or delete:
====================
C:\Users\de Lioncourt\jagex_cl_runescape_LIVE.dat
C:\Users\de Lioncourt\random.dat


Some content of TEMP:
====================
C:\Users\de Lioncourt\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpykzgjp.dll
C:\Users\de Lioncourt\AppData\Local\Temp\GUR4908.exe
C:\Users\de Lioncourt\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-26 12:53

==================== End Of Log ============================











Thanks so much for your response! Also. In your opinion which is better to keep? AVG or Webroot?



#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:39 PM

Posted 04 August 2014 - 08:33 AM

Hello,

 

I would keep AVG.

 

Download and run Junkware Removal Tool. ***Your Anti Virus may see this download as malicious, don't worry continue on. 

Please download Junkware Removal Tool to your desktop.

 

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
    the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next Reply.

 

 

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.

  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"

[/*]


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:39 PM

Posted 06 August 2014 - 03:51 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 JassaxRae

JassaxRae
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 08 August 2014 - 03:36 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by de Lioncourt on Fri 08/08/2014 at 11:32:56.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho12DD.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1812.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1FD2.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho283.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho28FF.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3334.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho333E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3800.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho49B7.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4CE3.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho56C5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho57A.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho70CF.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9FA1.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoAE7A.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD332.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDB7A.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE54C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF18E.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\Users\de Lioncourt\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{00D5C69C-C35D-47A8-B3AC-0718406A8045}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{00F37153-C24A-44E6-A131-997C70105D9F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{010EFBDD-61DD-48D6-B9B9-5D4D7CC9320F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0112E32E-A309-438E-BBCB-42AA10F434A1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{01269D27-F96D-427A-99E6-7FC0B4A386AF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{020719C5-3F1F-436D-AD48-AE72C6858503}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{029B9600-A636-4A25-BFC5-DC7E5B575D21}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{02AEB1E7-1835-4938-B424-921EF56D1C84}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{03D733D0-7D14-47A0-B400-5367B39AB975}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{04EE7B34-B366-4B76-9F1D-441FF8B099EE}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{059E02E0-5743-4348-BF83-B2004D1B58CB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{05F8D9FE-B944-49B7-9453-342370E9E2DB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{060C4EB0-DD75-4B8C-83C6-7BD82C5AB936}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0651B31C-79AF-4202-8828-3004BE964D12}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{06910511-09EF-49C1-A256-BE5D852FDFA1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{07095234-C290-4D6F-99EB-3802C20BBC74}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{07961BA6-407F-4820-8E1B-9A98CF0BF5A3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{083417C2-18C7-4093-958D-3FD3418C01EB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{093ED190-8609-4012-941F-7AAF2D9CD5C1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{099FD84E-CD79-40CD-8D49-B103CE7BCCA4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{09BCBFDB-0726-434A-B8CE-C6F6FD11B40A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0A694E42-04E2-4227-94BC-61A2FE1150DB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0BD37AC6-E5A1-4D88-BA4D-585647CF7B66}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0C4AEBAE-E1DC-42D3-86ED-2442AF5E4819}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0C7D709B-EFC0-4B78-828D-37CCF3B36A8C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0D453BCE-A902-46BA-A13F-C2C817932932}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0EA8F941-FF24-4485-8274-90AEABD79AD0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{0F68A37F-2209-4E50-B4F0-0DABE94F721F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{111D1BDD-38B8-4BE7-84B9-6BC3C62B452A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{13CDB175-1D0B-450B-B1B1-D840CDF486CD}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{13DE0EF2-A212-436D-909B-D67E0D3B3FF6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{14E3B649-F7A6-43A2-AA94-DA56DB66E089}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{14FB2329-8889-4C5A-A80A-ABF94524239D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{15B423DD-AE50-42AA-BBCB-09AFB91016A1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{167143DC-6151-48D9-AB7C-52259EA8D28D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{16F30013-88CC-49B1-8CE4-BE0F9838404F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{177CDBB1-9808-4F1A-87B0-F37ED3DADB7A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{17EB1B01-3E2C-4BBA-9B94-0ED0A1937E35}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{192142A4-E60C-4336-A98A-60FE46BB57A6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{1947C2D8-9F9F-43A3-802B-51B585BFB492}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{19593CBE-4D8A-4C16-9F0B-3CEA55D5E0D1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{19848061-E293-4E16-97D4-727BDB8E1D98}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{1AAE2A3C-4109-43F6-A47D-E8DE627917F7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{1BCC7742-62AC-4639-9E64-E081A70FF580}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{1BCEC338-DEB3-4148-80A1-57B9A51D2EC0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{1D02615A-287A-483B-AF5D-6CB89A62D4B7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{1E28D88B-39B2-48E4-85E3-D4B5BB8B5DA9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{1F284CD0-8B43-4E11-BB26-ECBF58C7274C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{203B000E-8B52-4EBF-AF47-5A709DB6CBDB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{20CE562F-26B1-4149-AF0D-F0D2444FA9C1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{21041834-A7F1-45E4-9A85-1A9A2ED7231B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{225D5F58-72A4-40A9-A7B5-910ED3D893D0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2318E49E-7BF4-4A0E-950E-0F4A0D9C7068}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{233680EE-D698-4D45-AB7C-E2CEBF9E5544}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{234A3449-FF3B-4129-B5FF-6AF9B9EE5FA7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{23645155-8EBE-4C55-8EE7-ED2FE85FE9EA}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{25907C99-F606-4E12-90C0-8E1127531BC6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{259E4A25-A16F-4BB5-80C6-BC4D6057A77D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{27E0C7EC-F19B-471C-A3E4-376F13F38136}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{282B8967-78D6-46D6-9FA2-236EC181C0D6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2851E8C7-4CD8-4D3D-BAD3-71438DC0923F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{29211D58-C78B-46C9-94CB-2227166ABE7E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2A68E0E8-95CF-4362-A1BA-BBE4080F7C6B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2B08444F-D91D-400D-8B3B-4244DB5E118C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2B2D7D2E-4681-40D1-8077-6D1C5FA6D303}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2BCC1C2D-F863-45C2-A8AE-FD76D0423702}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2BE29C35-A6A4-4654-A3E4-3F3F08B61AD2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2C35E0E9-153E-499A-819F-6BAEB88BF62E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2C4E6C63-6309-4ABC-A5BE-78949FFE4972}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2C9CEC00-6ACD-4090-98B7-91B22374C747}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2CBEB5C3-9CAD-44A0-B2DF-84C44CD9954D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2D94A708-B5F5-45E9-9DAF-27983D2ED943}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2DCC38A1-9E8D-4CA9-B5B0-942D25DAD34F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2EB9265E-5F49-4BF6-BD3B-FDDC8ED2E7A3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2EE4F438-C8AD-432F-80E3-632263570B6F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2F300D41-5780-47F8-A446-0802CE616D4D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{2FC710F0-2DFA-464F-AA30-6BA5CF1F669A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{30331650-E367-40D7-A341-EE52FA16DE27}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{30CCDB58-184F-4797-BE83-20EEBA4B732B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{31AE5307-AA3A-405F-994F-2A24EE6B626A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3210FDB8-6383-47E4-9006-4D8903E62AE4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{333AE12A-C523-41BA-B0BD-F68B5917740F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{346DE1B8-A1DE-4B2C-BDD9-5AC7270DFCE6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{34EBCAE6-000F-4801-8FED-D42FCF1937D2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{35064BA6-31E2-4D01-A08E-AB115C0D7BC5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3507CD6B-E9B4-4BD1-B8D5-582446779E4E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{35C94647-4946-4BD5-9789-215E3A4C82BB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3625DE42-3BC4-4A72-8199-465AF3AEC53E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3659039C-B129-4258-94EB-E73536A25172}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{367F6BB0-6C82-48AB-9E15-407245001B98}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3709C9F2-D97A-486A-92E2-F39A6D6DC178}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{37622DEF-CE93-4636-825E-C6C077C6B21A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3789B068-EA15-4B09-AE8C-1D65C0F379D5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{37A0C1E7-BE81-4E65-A365-EEC9D35BFA06}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{37BBD554-134C-4587-8745-BFB973FCE043}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{37F8C16B-1BE8-4849-ABC2-25886D676B94}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{380F549C-CD0E-497A-8301-8DB3E7D9B9EE}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{38E9FA5B-7E02-482F-80D7-FD486A5ABF25}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{393FA20E-B2F0-47CE-9C09-60191807C9D8}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3965BD22-7F79-4B61-A766-30255C7529F1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3A5166B5-2112-4B8F-8004-BA755C4D4BC3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3A802AF2-7F71-4B0D-84C2-744E74D134CA}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3AFED024-7EDA-4374-BF5B-B124B83D82B9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3B57E9F1-C794-4C43-93DF-4B63ABAF86F1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3C5B21C6-C5AD-4DC5-AFC7-BC429B6F1FE5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3C8E2012-A1BE-401E-B845-C8A60AD67D9B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3CAA37F4-5CA5-4D8E-AEE5-8FAA8F022AAB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3DB366F1-6194-40C7-9559-D9F61256C200}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3DD15B70-38A7-42EB-A799-7427EB42A47F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{3EAB0076-3B50-4C5A-8996-3748F9D6CD81}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{402A2CAD-38F6-440A-8441-B593D67581E8}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{40D168C9-5343-493F-B095-EF33B28416FC}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{41B9D7C7-ED1B-4466-9989-7D6211BCEF83}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4208B917-B0F2-4CBE-A696-9A05F5FDE2F0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{423903EE-56D6-446E-AA1E-490A523F45DE}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{42E956D3-C21B-49EB-842E-ED21BB1EE7F4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{432D6E74-575C-41EE-8674-F00A65C06881}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{45DEE6B1-6776-4B64-AD35-44E9335BFE34}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{47501B0A-1A35-4995-8827-2A8B729D83C7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{47740A26-9C7D-4AFF-A659-23879AA76A3F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4989E3DA-FC8F-4BF0-B4C9-A25CCC3BC491}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4990EB5B-1452-4B73-A1D7-E67860153978}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4A456782-CB7D-4B90-93A2-B43E66CA9C62}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4AA517DF-0099-4E62-8BD7-D557F6245AD9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4AEB5616-C4C1-4C99-82D1-6721E7070970}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4B0CEA91-F334-42BE-8B64-6D1E2EBA9F61}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4B261D14-311D-481F-AFFD-AB8C226F379F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4B49270F-E4AE-42F0-B7E1-D0E1BBC3CC92}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4D533A82-817B-4596-A78D-A201CC46D3D7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4D5CA2F4-2C79-496B-8556-70686D26DBC9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4E653917-DED8-44F2-9CE5-E9CD617210EF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4F308C00-F077-443D-BB2B-05D8857FAF13}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4F641391-8F85-4E79-9222-4B55C3B25B35}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{4FED5443-DEB2-45A5-812F-93DA9E7040C6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5019CA4D-5309-43DE-8281-B1A69395A812}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5051A265-1AEE-45D6-B926-9C53F972134A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{50A756C4-2104-46AF-9E66-09B9B9AF0544}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{50A9B906-734C-41DB-9C81-571A199BE3AB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{50EFCC28-4FAE-4FD6-8065-AF4CC65454FF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{511EB3CB-9682-42EB-A2C3-F828C0C8A169}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{520C1335-55E1-4C2F-B323-06B9230E4162}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5240E269-7577-435C-A9E5-7A4D52A092E8}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{525C9342-70E0-411E-BE8A-8FD0DA218095}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{52B47521-6122-442A-BC5E-3D5886A16631}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5401CB4B-689B-4DAB-A13B-90AA810A4AF6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{549929F5-8034-4991-85B3-4781D00B1A50}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{54A4FE61-249A-4209-876B-B25DFCCACED1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{551558E1-7B92-4174-A43C-44B9A22B49EA}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5550295D-A3E6-4916-A706-EC9983B8522C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{56E88C0D-CBFD-4DDA-A6A9-5B5207853518}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{571EF81F-47E4-46EB-916D-0D0C8EC6B75D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{573997A1-CF15-483B-BC25-B5D6FB04DD8C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{576C1B22-FF0B-4B63-B82D-5A9AE3DE050A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5844FC2D-7D92-4484-B0F3-D0102BE88E62}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5959DF4C-3383-43B8-A6D0-716D41ECF188}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{59E1BF55-88F1-4522-9778-56738FD61EB5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5A3BAFF0-8D7B-4C4D-94F0-9D64D4DAFC9E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5A66294B-B173-43F8-9D0A-91EF08C83B63}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5AE19062-3E3F-48B5-921F-46B84E7DD1AA}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5B713A0D-821F-47D5-95FC-BD0F954BADA0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5CBE0CBF-7547-45DA-9858-BC395309F752}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5D1B0D35-3F55-4025-A9B4-7B437DFFFBF4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5D8B1ADD-B0B2-4893-9BAF-9D0E8F509DF2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5DCCFA89-12EC-4B1F-AD97-CF4249E5E527}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5E44D32A-1D13-43A1-A970-AF128497C1E4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5E5B1242-7A19-4DE3-BCC9-FA27E8BDB136}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5EAC915F-236C-4890-8315-25CD7778782F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5F1013D2-AE6C-4250-9399-5D44807BE30F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5F8F8E84-22A7-42AB-A9C8-62E34E1CB762}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{5FE1B2E0-DA7B-4B9C-9634-F225E41AB1F2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6004B1BB-774B-4620-B336-7216E5EE7163}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6073F971-9BCD-4987-9DF5-D75346C2627C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6095F763-A9D9-4CB6-970F-7445EA20304B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{60C8555F-70D8-4259-86B1-B54054D403C4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{60D89666-460D-404B-BF1A-027B3CE5D301}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6132CB80-B7E2-42D5-BFC3-76890B5229F2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{62BBEC04-E1C5-450C-A58B-5FF356B79636}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{62C2AB5C-498E-4957-9B24-FCF37D7FBDB1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6352F54F-7034-46EA-842A-2E71C7999B76}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{63595857-7845-4D49-815D-98D67C2AB92C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6382F4E2-F39A-4C20-9F6D-79A645F96FF0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{63B052FC-434E-4625-B7D7-1251367DB345}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{642C5DFE-8377-4119-B8B6-48C534AE4A63}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{642D48A0-4752-4A01-8AC6-2C5E973983B3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{64684E8F-7B38-46C3-8133-4C7036F272B3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6597DB1E-EA1C-4B30-AC03-C4FAD752CDC4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{665737F9-622B-4B4D-BAD5-D372D33FD01C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6664F701-74C8-4709-9D22-63F490FF17F5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{66983DBC-3523-4D84-8A0B-5283277B0C2E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{675BAAB9-F3AC-4B40-BE7B-7F14D93B58BF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{683B296F-8F2B-4780-ACC3-E94B4B6018BF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{68AFF112-5D3F-4481-9D44-1EB8D6D314F3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{68BD3950-056B-4804-ADD3-412B9271191C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{695B6007-97B5-4A1F-8EE1-1A6882997F6F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{69624D9D-D61C-4C5F-BE17-E967E4F51873}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{69AC5C31-4C7A-4E5A-B238-CD6D141E6517}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{69DD867A-A0D9-41A2-9382-7A60A695B536}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6A9289B2-8178-4F90-A072-7983A16879D1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6AC9C996-29C2-434C-A623-CC083FD05A72}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6C02306F-EA11-482B-AC57-C3F63B0DA894}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6C827F30-3ABB-4089-8B60-423C2BD2652D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6D08BD21-E31D-40E8-A4BD-670AE95BFC96}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6D32CD73-8853-4F40-A5D3-E2C5EA37A98C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6D432CA2-94C8-4DC3-9059-19B1D776AEBB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6E2AFC1A-3759-48D2-BA27-D9AAEF45606D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6EC922F2-EB56-4A30-85C6-173BF3F126EF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6EE2EB4A-9871-4673-AEDA-8B667ACD6689}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{6F4792F2-0855-4955-9150-8611B557E285}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{71FACAEB-E5B0-48E7-A0C9-9D3AF7D3B48E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{720C0A89-8283-46C5-A35B-B911B8D24B23}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{738D6B6E-724C-45A6-8841-047B712443F8}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{756FB398-2AFF-4C42-B317-CEC94AFA15EC}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{76598E48-ADDF-4885-AA71-227553B1D2DD}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{76742881-B122-471C-8DE8-A69522EE9AE9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{769AC313-7EF9-44C6-BE75-AA27011B3D6C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{76B140AB-1D81-4DBA-ABBA-5B25574958BB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7744445F-074D-47CC-8BF5-A938D75326B7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{77A8BF1A-0CD0-4396-B8A7-4A3A840F70A7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{77DE68F9-4D74-4FFD-85DE-5C0C147D428E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{78BD2F7B-5B17-4A99-8D0B-ECB315E52A9A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{791B5BE0-2AD5-4099-9178-F1487FE61F9A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7973688F-170D-46B4-BA9A-372FF46DEAE8}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7A59F97E-18F6-45AD-939F-4ECF3B503935}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7AFE394A-A29A-4B30-89C9-5F1551ACD890}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7C7FB0E8-BC79-439E-840F-BB0D14CE1248}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7C8159C7-3C94-4891-A1A5-9BD33062ED43}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7CC41C81-A92D-4516-B246-87FF7E3ADED7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7CFE198E-C462-4A75-8B12-E057FA5F00A6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7DD27FCC-8869-4D74-BD4D-1D9BA827A70B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7E0F2619-732A-4036-9465-B3BB7FF3619F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7FA395DC-5C87-4F00-B8CB-D1BC81F1BE48}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{7FAB884C-D6D0-4190-AD52-43B11FB2812D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{80620961-D3FA-4248-A7B9-6A163DB91B55}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{80DB5FD2-8AF8-4B90-86C8-D664E05CA97C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{81440833-A5FE-4F11-B72D-041EBF53D7EA}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{81866BA7-66D0-40B9-B64C-CBC714C1900F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{828D816B-6D06-4E36-BF5D-D363375D23CE}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8344AD61-C8AD-45B8-ACA1-986CB8DF7C23}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{834564DB-179B-493E-98B5-8A6A0A7F350C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{83C365E5-0BA8-48A3-B2D5-B7BAA301F0DE}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{83FC7FDF-1FD0-4A6B-9810-8B36FC19A110}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{84E0BF3B-3132-4F32-93DB-73494E972F2E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{85A60144-21C5-4D37-8976-9A9A9E1BE4B9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{85B16CF5-A284-412E-AA52-B560B9428E2A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{85F60CBF-B8C1-4DE2-8105-FE29A1821D21}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{86454010-CF3C-4CB8-BFED-6DFB98281379}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{86982EBE-A40D-46AF-85EF-FC0765C613EE}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{86AB5487-11D4-4D5C-B280-CE76F0AEA01C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{872B15B3-9A16-42A8-BF3F-0D6BFFF0FD76}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{878E375B-62C8-499B-ADF6-2DE037D627E7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{87B920C9-8425-4570-A75D-A6BDEAB23774}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{87C1D696-FDE3-4609-8DF1-56F3BACAF411}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8800ADEE-5DF3-4E22-9B2D-A4EC1CAD1825}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{881B6B5A-9719-4452-BA68-F8D55B1FEB42}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8892ECAD-CA6D-4C43-98E5-A0D3471D7A95}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{89306DFB-0C1E-48C9-99FD-EFEB10A1CD48}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{89640837-6109-4E16-9BC2-0E8DEC6CDBED}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{89C11613-D4C0-4B9A-9444-564590605074}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{89D06218-862C-4FC0-A390-F3CBB099C132}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8AD0F681-36ED-4496-898F-9314994C5EF2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8AEB8C06-19BD-4F63-869A-3CCB3139E570}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8B63C3C7-1070-40C9-A975-12AE4EA4816A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8B8F3BB0-656D-4ECF-B285-55E17002B0DA}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8C23A740-9C10-462E-BB89-0911407E4A5C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8C69893D-6EF3-4780-B8B0-F6C0AB2844A0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8C7335FB-D4D4-40C7-ABF2-FA9051E818EF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8F0343D3-4A26-4B28-9C20-036779A5A3BF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8F49038A-8945-49BE-B3D8-60A3B6B9985E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8FD5C3B3-1A92-4CCC-A8B9-8DB142212D54}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{8FDA07FD-9282-4B94-8237-FCF9C42DD5DD}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{9011ACD9-7719-4EEC-BB4A-AA3269B54BD5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{90A25BCB-4750-456B-9220-C20B64B7B0EA}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{90E62559-C47A-4635-BC1A-FB0C69B2FA52}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{918CF492-4E59-4734-B0DC-10121995972F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{92641571-C16A-4921-A060-DEB8348E4C0D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{947D43C5-C515-4949-AE5A-3C5BC100F027}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{94A3AAEB-36D1-48DB-BF60-B9D44C62778D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{94BB282D-DD37-4B25-8A15-1DE823A38B3A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{95308EA3-8DF6-447E-BC85-5C42A941C24E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{95881F48-ADC0-4CEC-8352-89ED403DA7B3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{9676C6C7-FDCF-4E6C-8D1B-ECA4DBB2E13F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{97498140-3BE6-4009-B30D-B92191E2E419}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{974FC4F7-4BEA-4A63-A07A-D5210E1B719E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{992B5BC4-FD58-4D3F-9B5D-7048EF66BE1B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{998735B0-2C96-46CB-9435-606161D20F2D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{9A07F8F3-F9F5-41F5-AA44-890455FD809B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{9A298FC9-D15D-4B12-8DA7-CD638A64F928}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{9A923D1F-A942-490A-8960-5CE980263CD1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{9D71500F-0271-4BCA-A2BB-C3BD365E10B6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{9DD3B5DB-40B3-4425-AB54-77D00D1F6DE5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{9E801BDF-6B4E-4ED9-BE46-F8B6759A52D4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A0CDDD76-9436-4914-81D7-21D8BBB232C4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A2BF6322-2EB2-4A97-A1A9-DC3501AA6022}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A2FDD7A9-840A-4677-B989-920846347AFD}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A3F28575-11E1-4851-A2D0-8CA835211B68}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A3F7E632-1A32-49B2-AFC4-6208EC0EBCF0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A3FD9B14-7D24-4E23-9D89-208BC18919CC}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A511A728-B2F9-4EAC-86DA-F034D9BDDAF2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A539A8A9-F84E-444D-B51E-1BCC3B187AD5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A6FF9B45-1592-42E0-AF60-DF474CF07B87}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A7DA4726-1946-48E3-BD0F-02AE871FA32E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A81061F6-9606-4A14-8DB4-A5744FE2C16B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A873D760-CB62-4C99-90DE-3D4265DA8415}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A897ADD0-66E7-4398-B8FC-49A0A0AC4594}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A96600A5-F271-44D1-93CD-7D2A6408C108}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{A9BE8BF1-B45E-4DD6-8BE3-2CA5A765A31D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{AA1D3485-4FA2-40CF-9689-F3450DBE0219}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{AA36E0EB-F3BB-433A-8E17-1F358FC54F39}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{AAA5A261-69E4-4A5A-895A-95C6E5D5DA94}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{AAB5AF03-303F-46A5-8142-8612249089FD}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{AAB63F3D-0830-4D9E-B2F2-952D3FAEA762}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{ABC10D5B-DAD2-42AF-9536-1E7DB4804DA1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{ABE5AFB7-1898-4857-A94F-31F393B95D72}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{ABF08158-9ABD-43F8-890A-D6820481CACC}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{ABF2BB7D-42FD-4732-9A68-BB70903E4BE5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{ACDDA415-FE4A-4A81-8CA3-D1EBC5DD6E4A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{AD05C0C4-1FC6-4FC2-A955-E7CFF20EE080}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{ADA38CE8-0821-4B9F-BCA7-144BD4D10CDB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{AE2F879A-7A04-4D1E-881F-78FF9CDE0D03}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{AF478186-5C79-4729-AAD3-F47878E5595D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B0259425-FD81-474D-B46D-763DB640B3F6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B0B86C40-DD84-4825-B8D3-8875EEF5606D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B1956E3D-B295-4927-BCE6-D90E32AC0B91}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B1B01604-0505-43FC-A295-07291F0B1E3F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B2AAC313-0582-4EF5-965C-AD86388BCDDF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B4DC6569-458E-41BE-A939-6501A37991C7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B4FE9E84-77A3-4AF6-A8AC-776DF433C89A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B5576E20-0E58-40BF-A5D0-9E77CBBD1750}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B648350A-4526-4927-9E51-B943B7709FE5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B6A55558-472D-4B68-99C1-120310A5F375}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B80A01CF-DD2A-4063-A0C6-B0296EC7A9B0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{B83D41D3-09CD-4094-8ACB-8516DF3A914D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BA6C8BE1-B123-4A73-933D-6ECBC10BD78E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BA97CBFE-D503-4E0D-8384-C1B1E095B770}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BA990DBC-01BD-4B41-BD79-93C1583451E8}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BA9EA152-6393-42F8-9382-893650A37820}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BABE3FD4-AB65-4400-959B-3A217016F715}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BB7AC6D4-7E09-4B3B-BB84-420AF4156CD9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BC06EABA-0644-4F81-B19F-4F2062278011}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BC326160-58DB-40D4-8AF3-1DA479BEAE13}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BCDEFE3B-46DB-44D1-AE52-8EC6BA2B9E23}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BEB20C86-5CBC-4D5D-B5C0-5DEFB113E5CF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BEF9027C-B8CA-429A-98B8-506C7898669A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BF17F5D5-74F5-4463-84AA-76F3DD33810A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BF1B3469-F7E0-49C5-8AFC-45A6F92D550D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BF6D84DD-DE70-448D-AC6D-93DB4FBDFC1B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{BFF0641B-09C0-4F4C-90C0-97B32DEAB003}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C00BF4DF-DF36-4FE8-8626-97B81C1F34E1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C0330227-BAA7-40F7-9EB2-21798B2A06E5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C04CCA7F-5B1D-40C7-9FBE-59C00A555393}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C07BD470-942C-4D48-AD62-E1E8F6253279}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C083867D-0798-4652-98D1-BB74041415AA}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C17C39CE-46DA-47BB-9914-FD60BA95D061}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C1B03268-C7EE-4C73-AE6B-0B2581C615E6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C3A0B8B8-8EE8-44D6-9F67-7A6FC4B54DEB}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C3FEF948-883F-45E6-81F2-DC76238C60D7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C5969F64-B731-47B8-8FC0-EEEC90A62EE6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C5AFC11D-8DC0-4C9C-A06B-F007E13DC8E3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C665390C-9AC5-414B-9988-0EF0FD3FF212}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C7005707-9B34-4734-8E16-ECED1B5CC524}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C781A084-CB62-4901-80EA-9B1C7942A6D1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C8DBE0D5-61D1-4BEE-8FC5-6768E214D532}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C90218B8-2DE2-4D2A-A93D-455DEE0C831E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C92027B8-41DC-416A-87A2-92BF8839EEC5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C970CA49-0570-4D13-A86C-5801FEFD37F1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C9711DE0-85F0-485F-8D94-B0E220B39C03}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C9B1FB12-7E90-4460-88D9-6562D2CD4804}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C9D22D1D-379B-4002-AB13-83FEB9C028D1}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{C9F09B26-EAEC-422F-A957-CC1DB33D1E7B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{CB1CB9C2-148A-4C61-8931-3A5541455963}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{CB8DE08F-955D-4815-8561-47920C4516BD}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{CC96FA14-2450-45E6-81D8-6BAA2244A728}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{CD535FE0-B4DB-476E-BECA-9EE712F97B11}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{CE945E15-FE77-4C1E-A5F6-8404162506E6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{CEF4218F-147C-41B6-B4CD-2BDD59A374B5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{CF56CFD6-BD49-42A0-9FDA-618134AC477F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{CFA9E202-0D8B-450B-B4E1-F6AFEB34CE10}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D08DBC74-C98B-4D0E-92B0-D137C413BB8A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D1D952F2-FEA7-49E9-ABE7-8C0B4E40E887}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D1F4486C-1042-49F7-945E-9823906DFA8B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D22F75C9-130A-4812-987A-C20CB762F810}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D3655387-74E8-43C5-87B1-76718EC36A2A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D3A186B3-4B35-4921-9B02-1DCD87F61CB2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D52BC470-25FB-4D5B-A600-7A19D4392E19}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D5776A2B-0E8E-44F6-A9F8-707C98E33780}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D7D2A962-9727-4B42-998C-7B70FADA9F00}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D836A333-FA4C-4BCE-8E90-4C21A461EC50}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{D8F779EF-BAF9-4167-B84A-D92C86785357}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{DA65A559-1DCB-4556-8E04-3B6409FCDE0A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{DA8B193F-4BE0-4216-9C3E-7F2BC80D9BD4}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{DBF4E8B0-E831-4C78-9298-2AAD85BA6610}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{DD0F335B-8C96-4814-8E1E-14A31D91A311}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{DEB749AE-AEBF-4044-9F1C-3B332C362D55}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{DFA8E292-54F5-4EA6-8CD7-245DA37DF4A9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E039BF96-75BB-494B-B950-C3F2C3974275}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E0C78760-91A6-4F3D-AE49-FABB02049D2E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E1045E29-AEAC-4D4A-A7FB-7F687D79AD90}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E1924420-57B3-4358-8183-8BFB91287AAD}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E1F339BC-B74C-4C9D-B3B2-7722D02D38AC}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E246815C-1584-4F99-8281-ECA4319B2114}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E263EEAD-5EF4-419F-BDB9-4FB451657A66}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E283696D-E18A-4BEC-A9AE-E1D97B870B0F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E2CE6FBD-D4DC-4182-8E53-33F345523B14}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E3929D95-1E9A-4678-A4DB-C4A3F4CBC6EF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E3AEF2AB-2AED-4F73-B9A5-C8FCA045C24C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E464D260-CE13-423F-8DD2-3E3C565A08E6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E5254D12-EBB8-45B8-902E-60F30AD1ACE6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E74D1E6B-D03A-46C6-91DB-755A9067D698}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E814F302-B316-4674-8652-D64AE46B4101}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E83B4015-241B-4D2D-B46B-511CD6E5C174}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E87E2AE1-35F2-4B8B-8723-D625D5E6FCC6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E8EB16C7-2912-4931-8A75-C25B6217053B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E99DE54D-04BD-4D38-AF48-1194CC09088B}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{E9EFF975-34FC-4F31-9F7C-C4223A6A260C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EA3A221C-FDC1-4F2E-B6FD-8785C48742F7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EA4F3317-D266-469B-98C0-43FAD750303A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EAA98971-EB47-4A28-A882-DB1D26A3FE76}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EB427218-4218-4721-A979-1140497D15A0}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EBE624F0-ACB9-4502-BE53-D4937EF5DEE7}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EC5C62BD-E194-4A49-8776-3A1127993405}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EC9B1D42-815B-4458-A0F7-4C6BF3E1672C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{ED107AEE-F2C2-430C-BC51-A18959117A9D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EDC97882-CE4B-4E56-B1F0-5905F9968F2E}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EDD66BA7-9DF7-4719-B8AE-E8AF4F2340C6}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EE7A1F85-6881-4616-B7BC-533B1D22146F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EF14EBF8-CC2C-4179-82E2-4D70F888E028}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EFC814F2-6805-4D5E-802D-5A640396E21F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{EFD85958-3ED8-4992-ACB5-0A3F1897B8AF}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F07F2EA6-BB34-4148-8993-ED0151469760}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F08AD8B7-B2A8-4B53-A9FD-10C8E5ECFA71}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F10676EC-1C40-40A8-9F22-C08779F2AB1C}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F1E4AA4E-A455-41BE-9D54-7B985975EAB2}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F26059DD-3229-415E-A63F-C20651E833F3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F2B9DFDC-DEFF-4406-A2F8-712DFEC80D65}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F4A8D0A5-A4B2-46AF-AB9A-DEE3584C80B3}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F4D1EAD5-FE9B-4F7B-8565-44803D9EAD36}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F62FDBA8-87B6-40A2-BF8F-ADF9359DF7B9}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F644DE25-DDDE-44CC-822B-42015CB25442}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F6570C91-6A85-445E-87CC-0294453896E5}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{F995D24A-2DF8-48D6-80BE-92332FAACE1D}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{FA040104-363C-407C-BD67-ECCBDD663865}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{FB36582A-A54B-4688-845E-229E2B64460F}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{FC9DA235-E756-48D9-993C-9B416C7B4C69}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{FCE11B43-907A-4FB6-AF1A-3A2CC93BBA1A}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{FDBECA32-51EA-4E8C-BB89-4517701136BC}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{FF37C202-198E-4D10-A0DD-26BD61F92062}
Successfully deleted: [Empty Folder] C:\Users\de Lioncourt\appdata\local\{FFDFA8C2-8817-4ECF-A27A-566E9D86FD12}



~~~ FireFox

Emptied folder: C:\Users\de Lioncourt\AppData\Roaming\mozilla\firefox\profiles\ct0qct6w.default-1403364639525\minidumps [58 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/08/2014 at 11:43:38.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~













Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.08.08.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17207
de Lioncourt :: DELIONCOURT-PC [administrator]

8/8/2014 11:48:45 AM
mbar-log-2014-08-08 (11-48-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 379684
Time elapsed: 27 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

 

 

 

 

 

 

 

 

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17207

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.666000 GHz
Memory total: 3947741184, free: 2031341568

Downloaded database version: v2014.08.08.05
Downloaded database version: v2014.08.04.01
=======================================
Initializing...
------------ Kernel report ------------
     08/08/2014 11:48:38
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\drivers\WRkrn.sys
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\NDIS.SYS
\SystemRoot\System32\drivers\TDI.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgloga.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\system32\DRIVERS\avgdiska.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\drivers\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\??\C:\Windows\system32\drivers\UBHelper.sys
\??\C:\Windows\system32\drivers\NTIDrvr.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\Impcd.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\RtsUStor.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\dot4usb.sys
\SystemRoot\system32\DRIVERS\Dot4.sys
\SystemRoot\system32\DRIVERS\Dot4Prt.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005255060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004fb4050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005255060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005255b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005255060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004fb4050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 6E201789

Partition information:

    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 28311552

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 28313600  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 28518400  Numsec = 948252672

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
File "c:\programdata\avg2014\chjw\626aad256aacf747.dat:770bc350-9b21-4852-bc69-7422c5f30b71" is sparse (flags = 32768)
File "C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\log\avgrs.log.1" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-28313600-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:39 PM

Posted 09 August 2014 - 01:29 PM

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 JassaxRae

JassaxRae
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 11 August 2014 - 11:07 AM

It seems to be working better! Thanks so much!



#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:39 PM

Posted 11 August 2014 - 07:14 PM

Hello, JassaxRae

.
Congratulations! You now appear clean! :cool:

Are things running okay? Do you have any more questions?

System Still Slow?
You may wish to try StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

We Need to Clean Up Our Mess

 

 

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.

 

 

  • Download OTC by OldTimer and save it to your desktop.
  • Double click OTC_Icon.jpg icon to start the program. If you are using Vista, please right-click and choose run as administrator
  • Then Click the big CleanUp.jpg button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.

 

Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:

  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.

Vista and Windows 7 users can refer to these links: Create a New Restore Point in Vista or Windows 7 and Disk Cleanup in Vista.
 

 

 

One of the most common questions found when cleaning malware is "how did my machine get infected?"

There are a variety of reasons, but the most common ones are that you are not practicing Safe Internet, you are not running the proper security software or that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer to help reduce the chance of being infected again in the future.

Do not use P2P programs
Peer-to-peer or file-sharing programs (such as uTorrent, Limewire and Bitorrent) are probably the primary route of infection nowadays. These programs allow file sharing between users as the name(s) suggest.  It is almost impossible to know whether the file you’re downloading through P2P programs is safe.

It is therefore possible to be infected by downloading infected files via peer-to-peer programs and so I recommend that you do not use these programs. Should you wish to use them, they must be used with extreme care. Some further reading on this subject, along with included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

In addition, P2P programs facilitate cyber crime and help distribute pirated software, movies and other illegal material.

Practice Safe Internet
Another one of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on.  Whether these things are files or sites it doesn't really matter.  If something is out to get you, and you click on it, it most likely will. 

Below are a list of simple precautions to take to keep your computer clean and running securely:


Keep Windows up-to-date
Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure.

  • Windows XP users
    You should visit Windows Update to check for the latest updates to your system. The latest service pack (SP3) can be obtained directly from Microsoft here.
  • Windows Vista users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP2) can be obtained directly from Microsoft here.
  • Windows 7 users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP1) can be obtained directly from Microsoft here


Keep your browser secure
Most modern browsers have come on in leaps and bounds with their inbuilt, default security. The best way to keep your browser secure nowadays is simply to keep it up-to-date.

The latest versions of the three common browsers can be found below:


Use an AntiVirus Software
It is very important that your computer has an up-to-date anti-virus software on it which has a real-time agent running.  This alone can save you a lot of trouble with malware in the future. 
See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources, a couple of free Anti-Virus programs you may be interested in are Microsoft Security Essentials and Avast.

It is imperative that you update your Antivirus software at least once a week (even more if you wish).  If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.  If you use a commercial antivirus program you must make sure you keep renewing your subscription.  Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.

Use a Firewall
I can not stress how important it is that you use a Firewall on your computer.  Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

All versions of Windows starting from XP have an in-built firewall. With Windows XP this firewall will protect you from incoming traffic (i.e. hackers). Starting with Windows Vista, the firewall was beefed up to also protect you against outgoing traffic (i.e. malicious programs installed on your machine should be blocked from sending data, such as your bank details and passwords, out).

In addition, if you connect to the internet via a router, this will normally have a firewall in-built.

Some people will recommend installing a different firewall (instead of the Windows’ built one), this is personal choice, but the message is to definitely have one! For a tutorial on Firewalls and a listing of some available ones see this link: Understanding and Using Firewalls

Install an Anti-Malware program
Recommended, and free, Anti-Malware programs are Malwarebytes Anti-Malware and SuperAntiSpyware.

You should regularly (perhaps once a week) scan your computer with an Anti-Malware program just as you would with an antivirus software.

Make sure your applications have all of their updates
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you.  Therefore, it is very important to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities (such as Adobe Reader and Java).  You can check these by visiting Secunia Software Inspector.

Follow this list and your potential for being infected again will reduce dramatically.

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:39 PM

Posted 15 August 2014 - 05:36 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users