Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Deep Virus? Slow, Freezing, blinking tabs, effecting Internet connecti

Started by JassaxRae , May 13 2014 04:40 PM
Deep Virus Virus Slow Freezing

  • This topic is locked This topic is locked

#1
JassaxRae
Posted 13 May 2014 - 04:40 PM

JassaxRae

    New Member

  • Member
  • Pip
  • 1 posts

HELLO! I've already Defragmented my computer. I've run AVG, Microsoft Security Essentials, and used up the trial of the Malwarebytes.
I have an Acer "Aspire 7739G" and Windows 7

Problems:
- My mouse cursor skips occasionally from one side of the screen to the other

- My browser freezes during uploads, opening a new tab, loading in general, Very often
- tabs, especially like "Amazon.com" blink so much you can't read the tab.
- The whole computer freezes a lot

- Internet seems to be affected when everyone else in the house is unaffected.

Please help or suggest anything!

---- OTL LOG "Quick Scan" ---

 

OTL logfile created on: 5/13/2014 3:36:08 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\de Lioncourt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.68 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 21.87% Memory free
7.35 Gb Paging File | 3.60 Gb Available in Paging File | 49.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.16 Gb Total Space | 333.56 Gb Free Space | 73.77% Space Free | Partition Type: NTFS
 
Computer Name: DELIONCOURT-PC | User Name: de Lioncourt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/13 15:25:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\de Lioncourt\Downloads\OTL.exe
PRC - [2014/05/10 12:33:18 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/05/07 16:29:35 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/04/29 09:32:21 | 001,864,368 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
PRC - [2014/04/18 15:18:48 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/04/09 22:42:42 | 006,087,224 | ---- | M] (Spotify Ltd) -- C:\Users\de Lioncourt\AppData\Roaming\Spotify\spotify.exe
PRC - [2014/04/09 22:42:26 | 001,171,000 | ---- | M] (Spotify Ltd) -- C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/04/09 22:42:25 | 000,602,680 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2014/04/06 21:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/09/09 14:39:10 | 001,074,216 | ---- | M] (AOL Inc.) -- C:\Users\de Lioncourt\AppData\Local\AOL\AIM\aim.exe
PRC - [2013/09/05 02:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/05/30 10:18:07 | 004,331,392 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM7\aim.exe
PRC - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2011/08/24 18:03:44 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2011/08/24 18:03:42 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2011/06/30 19:51:12 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/06/30 19:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011/06/30 19:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011/06/30 19:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/05/29 19:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011/04/23 18:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/04/23 18:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/09/15 18:13:16 | 002,538,520 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/09/15 18:13:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/10 12:33:05 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/05/07 16:29:33 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll
MOD - [2014/05/07 16:29:31 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
MOD - [2014/05/07 16:29:27 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
MOD - [2014/05/07 16:29:27 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
MOD - [2014/05/07 16:29:26 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
MOD - [2014/05/07 16:29:24 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
MOD - [2014/04/29 09:32:20 | 016,351,920 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
MOD - [2014/04/09 22:42:27 | 036,966,968 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014/04/09 22:42:26 | 000,886,840 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\libGLESv2.dll
MOD - [2014/04/09 22:42:26 | 000,108,600 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\libEGL.dll
MOD - [2014/04/09 22:42:25 | 000,602,680 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2013/10/08 10:35:25 | 016,233,864 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Local\AOL\AIM\NPSWF32.dll
MOD - [2013/09/09 14:39:08 | 023,782,440 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Local\AOL\AIM\libcef.dll
MOD - [2012/05/30 10:11:47 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\AIM7\nssckbi.dll
MOD - [2011/08/24 18:03:42 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011/08/24 18:03:42 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2011/04/23 18:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2009/02/26 17:45:08 | 000,024,912 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\Wordcnvpxy.cnv
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014/03/06 01:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2011/08/02 11:59:46 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/05/10 12:33:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/29 09:32:23 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/18 15:18:48 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 02:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/03/23 22:50:04 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/06/30 19:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/05/29 19:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011/04/23 18:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/09/15 18:13:16 | 002,538,520 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/09/15 18:13:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/09/20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/10 11:57:25 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/04/18 15:01:30 | 000,237,336 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/03/31 16:20:54 | 000,274,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/03/31 16:06:26 | 000,130,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/03/27 22:14:26 | 000,192,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/03/27 22:14:24 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/03/27 22:07:10 | 000,236,824 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/03/27 22:05:02 | 000,324,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/03/27 22:03:16 | 000,032,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/05 02:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/02/11 21:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/20 03:02:55 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/09/20 03:02:55 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011/08/08 17:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/07/13 22:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/13 22:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/01 20:37:32 | 002,750,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/27 20:44:46 | 001,417,776 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/22 19:20:58 | 000,077,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/12/01 01:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/05 08:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/14 10:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/02/26 01:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/16 20:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {74CA0C61-0B55-4EE9-B1CF-5CC77947665B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...B98B0AD7C&SSPV=
IE - HKCU\..\SearchScopes,DefaultScope = {87F492DF-4C17-4368-A109-6EE22A769D8B}
IE - HKCU\..\SearchScopes\{74CA0C61-0B55-4EE9-B1CF-5CC77947665B}: "URL" = http://search.condui...3051090611&UM=2
IE - HKCU\..\SearchScopes\{87F492DF-4C17-4368-A109-6EE22A769D8B}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\de Lioncourt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\de Lioncourt\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\de Lioncourt\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014/04/22 18:14:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/31 18:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/04/05 09:51:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/10 12:32:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/04/05 09:51:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/10 12:32:53 | 000,000,000 | ---D | M]
 
[2012/05/23 15:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Extensions
[2014/01/21 21:05:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\7qlaiiw1.default\extensions
[2014/01/21 21:05:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\7qlaiiw1.default\extensions\jid1-4P0kohSJxU1qGg@jetpack
[2014/05/11 14:08:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\bnf65n2s.default-1394131198285\extensions
[2014/03/07 16:28:02 | 000,000,000 | ---D | M] (WOT) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\bnf65n2s.default-1394131198285\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014/03/07 18:32:09 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\bnf65n2s.default-1394131198285\extensions\[email protected]
[2014/04/04 20:20:28 | 000,015,998 | ---- | M] () (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\bnf65n2s.default-1394131198285\extensions\[email protected]
[2014/05/10 14:00:44 | 000,005,316 | ---- | M] () (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\bnf65n2s.default-1394131198285\extensions\[email protected]
[2014/05/11 14:08:53 | 000,642,963 | ---- | M] () (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\bnf65n2s.default-1394131198285\extensions\[email protected]
[2014/05/10 14:02:35 | 000,158,589 | ---- | M] () (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\bnf65n2s.default-1394131198285\extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi
[2014/05/01 10:08:47 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\bnf65n2s.default-1394131198285\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/02/10 19:48:40 | 000,000,916 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Roaming\Mozilla\Firefox\Profiles\7qlaiiw1.default\searchplugins\yahoo_ff.xml
[2014/05/10 12:32:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/05/10 12:32:42 | 000,000,000 | ---D | M] (WordOv) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2014/05/10 12:32:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/10 12:33:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Conduit Search (Enabled)
CHR - default_search_provider: search_url = http://search.condui...rchTerms}&SSPV=
CHR - default_search_provider: suggest_url = http://suggest.searc...={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: WOT = C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.14_0\
CHR - Extension: Adblock Plus = C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.1_0\
CHR - Extension: AdBlock = C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.29_0\
CHR - Extension: Hola Better Internet = C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.3.276_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_1\
CHR - Extension: Hangouts call = C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbpgddbgniojgndnhlkjbkpknjhppkbk\2013.1114.1030.1_0\
CHR - Extension: Google Wallet = C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo> = C:\Users\de Lioncourt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_1\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKCU..\Run: [AVG-Secure-Search-Update_1113a] C:\Users\de Lioncourt\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=04fbe4fc9b3347d0b9383909b49192bb-0c90018be938b6ae3d5da4121ce067fa69ee3f22 /CMPID=1113a File not found
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_CCD4209411BD0B171A44D4481482F399] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\de Lioncourt\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\de Lioncourt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38937926-D8D6-4182-B049-5E7D8E65AC10}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E00E1CD1-EF69-4D6C-9636-344DBDC92935}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) -  File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) -  File not found
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e3b56a8f-a530-11e1-985c-e840f2757b48}\Shell - "" = AutoRun
O33 - MountPoints2\{e3b56a8f-a530-11e1-985c-e840f2757b48}\Shell\AutoRun\command - "" = H:\TLBootstrap_WPP.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/10 12:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/07 14:13:18 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2014/05/07 14:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2014/05/07 14:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2014/05/07 14:12:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2014/05/07 14:09:36 | 000,000,000 | ---D | C] -- C:\Users\de Lioncourt\AppData\Roaming\SplitMediaLabs
[2014/05/06 10:18:36 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/04/25 12:19:07 | 000,000,000 | ---D | C] -- C:\Users\de Lioncourt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
[2014/04/18 15:01:30 | 000,237,336 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[17 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/13 15:21:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/13 15:16:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/13 15:08:40 | 000,011,400 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Anthro chp 17.rtf
[2014/05/13 14:53:19 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/13 14:53:19 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/13 14:43:30 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3260092018-1127864189-4130437287-1001UA.job
[2014/05/13 14:43:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3260092018-1127864189-4130437287-1001Core.job
[2014/05/13 14:26:11 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/13 09:12:14 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/13 09:11:28 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2014/05/13 09:11:24 | 2960,805,888 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/12 21:04:31 | 000,006,040 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Essay 5 Outline.rtf
[2014/05/12 21:03:52 | 000,023,040 | ---- | M] () -- C:\Users\de Lioncourt\Documents\English Essay 5 Finish.wps
[2014/05/12 21:03:52 | 000,008,982 | ---- | M] () -- C:\Users\de Lioncourt\AppData\Roaming\wklnhst.dat
[2014/05/12 18:47:55 | 000,003,489 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Essay 5 FINISH.rtf
[2014/05/12 13:55:30 | 000,002,353 | ---- | M] () -- C:\Users\de Lioncourt\Documents\English Essay 5.rtf
[2014/05/10 21:53:27 | 000,000,956 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft Movies.rtf
[2014/05/10 20:03:57 | 000,004,844 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Father comes to France.rtf
[2014/05/10 20:02:07 | 000,002,521 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Will Graham Notes.rtf
[2014/05/10 19:46:53 | 000,018,124 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Virus [ group.rtf
[2014/05/10 12:03:39 | 000,002,127 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/05/10 11:57:25 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/10 00:03:24 | 000,032,470 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Torn.rtf
[2014/05/09 21:35:52 | 000,006,665 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Jim x Seb [ Misc.rtf
[2014/05/09 10:27:15 | 000,001,851 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Outline.rtf
[2014/05/07 22:22:31 | 000,022,609 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Anthro chp 16.rtf
[2014/05/07 18:20:22 | 000,021,470 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Traci - Will and Lucy [ Kidnapped.rtf
[2014/05/07 14:13:05 | 000,001,097 | ---- | M] () -- C:\Users\de Lioncourt\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014/05/07 11:53:53 | 000,017,791 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Profile Chilton.rtf
[2014/05/07 10:41:57 | 000,001,924 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Writing Help - Crime, Murder, Mental.rtf
[2014/05/06 14:23:55 | 000,005,467 | ---- | M] () -- C:\Users\de Lioncourt\Documents\English Essay 4 outline1.rtf
[2014/05/06 12:17:25 | 000,002,915 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Traci - Will and Lucy [ Zombies.rtf
[2014/05/06 11:34:20 | 000,007,860 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Random -  Will and Matthew [ Quiet.rtf
[2014/05/05 21:48:13 | 000,051,148 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Virus [ Raid.rtf
[2014/05/05 18:25:38 | 000,019,437 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Virus [ After Raid.rtf
[2014/05/05 17:01:16 | 000,070,302 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Virus [ random.rtf
[2014/05/05 13:49:21 | 000,044,367 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Random -  Will and Matthew [ Break you Out.rtf
[2014/05/04 23:36:06 | 000,010,462 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft storylines.rtf
[2014/05/04 11:27:54 | 000,023,400 | ---- | M] () -- C:\Users\de Lioncourt\Documents\REPLY NEEDED.rtf
[2014/05/03 21:41:09 | 000,021,345 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Misc.rtf
[2014/05/01 22:45:59 | 000,002,098 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Roleplayer.me Storylines.rtf
[2014/04/30 21:01:33 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2014/04/29 23:23:33 | 000,000,609 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Tumblr Roleplay.rtf
[2014/04/28 23:57:12 | 000,016,049 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Frederick x Abel [ Misc.rtf
[2014/04/28 09:42:32 | 000,783,400 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/28 09:42:32 | 000,663,102 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/28 09:42:32 | 000,122,680 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/26 00:11:10 | 000,012,443 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Torture aftermath.rtf
[2014/04/25 19:07:31 | 000,022,374 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Will writing.rtf
[2014/04/25 14:48:56 | 000,023,085 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Torture.rtf
[2014/04/24 16:43:38 | 000,001,502 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Edits.rtf
[2014/04/23 23:18:32 | 000,022,926 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Blended [ Frederick dinner.rtf
[2014/04/22 21:14:00 | 000,020,364 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal verse [ Practice.rtf
[2014/04/21 18:45:48 | 000,006,152 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ This is my design.rtf
[2014/04/18 15:01:30 | 000,237,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/04/18 00:35:15 | 000,359,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/16 18:21:59 | 000,005,002 | ---- | M] () -- C:\Users\de Lioncourt\Documents\VINTED.rtf
[2014/04/16 18:09:06 | 000,005,545 | ---- | M] () -- C:\Users\de Lioncourt\Documents\Traci - Fii x Liam [ Kidnappe.rtf
[2014/04/15 11:14:02 | 000,028,160 | ---- | M] () -- C:\Users\de Lioncourt\Documents\English Essay 4.wps
[17 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/13 09:19:01 | 000,011,400 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Anthro chp 17.rtf
[2014/05/12 10:51:14 | 000,003,489 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Essay 5 FINISH.rtf
[2014/05/10 17:51:40 | 000,004,844 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Father comes to France.rtf
[2014/05/09 10:27:15 | 000,001,851 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Outline.rtf
[2014/05/08 19:19:07 | 000,032,470 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Torn.rtf
[2014/05/07 14:13:05 | 000,001,097 | ---- | C] () -- C:\Users\de Lioncourt\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014/05/06 12:17:25 | 000,002,915 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Traci - Will and Lucy [ Zombies.rtf
[2014/05/06 11:32:30 | 000,006,040 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Essay 5 Outline.rtf
[2014/05/06 10:35:51 | 000,023,040 | ---- | C] () -- C:\Users\de Lioncourt\Documents\English Essay 5 Finish.wps
[2014/05/06 10:26:14 | 000,002,671 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
[2014/05/05 20:59:55 | 000,007,860 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Random -  Will and Matthew [ Quiet.rtf
[2014/05/05 10:22:12 | 000,019,437 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Virus [ After Raid.rtf
[2014/05/05 09:39:54 | 000,022,609 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Anthro chp 16.rtf
[2014/05/04 22:03:33 | 000,051,148 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Virus [ Raid.rtf
[2014/05/03 21:42:29 | 000,070,302 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Virus [ random.rtf
[2014/05/01 21:11:19 | 000,044,367 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Random -  Will and Matthew [ Break you Out.rtf
[2014/05/01 15:53:19 | 000,017,791 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Profile Chilton.rtf
[2014/04/29 22:46:35 | 000,000,609 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Tumblr Roleplay.rtf
[2014/04/29 08:51:00 | 000,002,353 | ---- | C] () -- C:\Users\de Lioncourt\Documents\English Essay 5.rtf
[2014/04/28 14:13:30 | 000,018,124 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Virus [ group.rtf
[2014/04/25 21:28:37 | 000,012,443 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Torture aftermath.rtf
[2014/04/24 13:33:11 | 000,016,049 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Frederick x Abel [ Misc.rtf
[2014/04/23 19:32:51 | 000,022,926 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Blended [ Frederick dinner.rtf
[2014/04/23 15:42:58 | 000,021,470 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Traci - Will and Lucy [ Kidnapped.rtf
[2014/04/22 15:37:08 | 000,020,364 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal verse [ Practice.rtf
[2014/04/19 19:57:10 | 000,023,085 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Mycroft - Hannibal x Will [ Torture.rtf
[2014/04/19 17:16:42 | 000,001,924 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Writing Help - Crime, Murder, Mental.rtf
[2014/04/19 17:11:09 | 000,002,521 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Will Graham Notes.rtf
[2014/04/16 18:09:05 | 000,005,545 | ---- | C] () -- C:\Users\de Lioncourt\Documents\Traci - Fii x Liam [ Kidnappe.rtf
[2014/04/05 09:27:58 | 000,221,368 | ---- | C] () -- C:\Windows\hpoins19.dat
[2014/04/05 09:27:58 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2014/02/10 19:49:03 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2014/01/26 21:45:31 | 000,000,230 | ---- | C] () -- C:\Users\de Lioncourt\AppData\Local\poetsch.bat
[2013/11/20 22:03:26 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/11/07 19:01:32 | 000,000,051 | ---- | C] () -- C:\Users\de Lioncourt\jagex_cl_runescape_LIVE.dat
[2013/11/07 19:01:32 | 000,000,024 | ---- | C] () -- C:\Users\de Lioncourt\random.dat
[2012/07/18 16:25:38 | 000,003,584 | ---- | C] () -- C:\Users\de Lioncourt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/13 16:41:47 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/06/10 21:22:53 | 000,000,272 | ---- | C] () -- C:\Users\de Lioncourt\AppData\Roaming\.backup.dm
[2012/05/27 14:44:06 | 000,008,982 | ---- | C] () -- C:\Users\de Lioncourt\AppData\Roaming\wklnhst.dat
[2012/05/23 18:55:01 | 000,776,014 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/23 16:13:35 | 000,001,542 | ---- | C] () -- C:\Windows\wininit.ini
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/09/19 20:04:48 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\acccore
[2013/09/30 13:54:10 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\Aim
[2014/01/18 22:05:50 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\Audacity
[2013/11/16 14:03:34 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\AVG
[2013/10/25 10:41:16 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\AVG2014
[2014/05/08 00:26:39 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\BitTorrent
[2014/04/03 12:52:12 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\calibre
[2013/11/03 11:07:26 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\Dropbox
[2014/04/14 11:58:24 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\DVDVideoSoft
[2012/10/10 17:28:10 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/07/07 11:04:28 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\MusE
[2012/11/05 23:27:16 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\ooVoo Details
[2012/05/23 17:47:05 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\OpenOffice.org
[2014/04/22 18:14:26 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\PhotoFiltre
[2013/10/10 10:52:13 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\PhotoFiltre 7
[2013/05/16 16:17:23 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\QFX Software
[2012/06/10 21:29:16 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\SanDisk
[2012/06/10 21:24:44 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\SanDisk SecureAccess
[2012/06/14 10:56:29 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\SecondLife
[2014/02/11 21:49:55 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\SoftGrid Client
[2014/05/07 14:09:36 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\SplitMediaLabs
[2014/05/13 15:07:29 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\Spotify
[2012/07/07 10:57:43 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\Synthesia
[2013/03/12 14:12:15 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\Template
[2012/05/23 18:55:48 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\TP
[2013/09/10 13:57:33 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\TuneUp Software
[2013/08/25 19:40:30 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\Windows Live Writer
[2013/02/09 21:42:22 | 000,000,000 | ---D | M] -- C:\Users\de Lioncourt\AppData\Roaming\WindSolutions
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0

Advertisements

#2
DonnaB
Posted 14 May 2014 - 11:06 AM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi JassaxRae,

Welcome to Geeks To Go! :)

My name is Donna and I'll be helping you to clean up your computer.

Please read this post completely before beginning the fix. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:
  • Please note that I am a volunteer. I do have a family, a career, and other endeavors just as you do that may prevent immediate responses that meet your schedule. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)

    I see that you have 2 AV's running at the same time. That could be an issue here. The real-time protection of two or more antivirus programs may conflict with each other and cause the following:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
  • Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
  • Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.
    Please uninstall either AVG or Micorsoft Security Essencials (MSE) from Control Panel > Programs and Features before proceeding. If you decide to remove AVG, you will need to use the removal tool found >>HERE<< once you have removed AVG from the Control Panel. Click on Save File button to install and follow the on screen instructions to remove all residual files that may causes issues in the future. Make sure to reboot the computer after the removal process.

    At this time, please move OTL from the downloads folder to the desktop to prevent any possible issues.

    Next:

    We need to remove a few files with OTL.
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :COMMANDS
    [CREATERESTOREPOINT]

    :OTL
    O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\linkscanner - No CLSID value found
    O18 - Protocol\Handler\livecall - No CLSID value found
    O18 - Protocol\Handler\msnim - No CLSID value found
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - File not found
    O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

    :Files
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Make sure all other windows are closed.
  • Click the Run Fix button at the top.
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Scan All Users checkbox
    and
  • Check the option for All under the Extra Registry section.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
  • OTL.txt <-- Will be opened, maximized
  • Extras.txt <-- Will be minimized on task bar.
    Please post the contents of both OTL.txt and Extras.txt files in your next reply.
    Please post the following logs in your next reply:

    C:\_OTL\[b]Moved Files
    OTL.txt
    Extras.txt

    We'll continue with more instructions once the above tasks are complete.

    Thank you,
    Donna :)

  • 0

#3
DonnaB
Posted 16 May 2014 - 05:33 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi JassaxRae,

Is all ok with you and your computer? Do you still need help?

Donna :)
  • 0

#4
DonnaB
Posted 20 May 2014 - 05:30 AM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Due to lack of feedback, this topic will be closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

Thank you,
Donna :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Deep Virus, Virus, Slow, Freezing

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP